: Log in!

メインメニュー
Google


ウェブ 検索
サイト内検索
トップ  >  Linux09歩  >  2009-01-09 openssl,openssl(rpm)のupdate

20090109 openssl-0.9.8j,openssl-0.9.8g-12(rpm)にupdateしました


  OpenSSLのインストール 4 Router

Changes between 0.9.8i and 0.9.8j [07 Jan 2009]

*) Properly check EVP_VerifyFinal() and similar return values
(CVE-2008-5077).
[Ben Laurie, Bodo Moeller, Google Security Team]

*) Allow the CHIL engine to be loaded, whether the application is
multithreaded or not. (This does not release the developer from the
obligation to set up the dynamic locking callbacks.)
[Sander Temme <sander at temme.net>]

*) Use correct exit code if there is an error in dgst command.
[Steve Henson; problem pointed out by Roland Dirlewanger]

*) Tweak Configure so that you need to say "experimental-jpake" to enable
JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications.
[Bodo Moeller]

*) Add experimental JPAKE support, including demo authentication in
s_client and s_server.
[Ben Laurie]

*) Set the comparison function in v3_addr_canonize().
[Rob Austein <sra at hactrn.net>]

*) Add support for XMPP STARTTLS in s_client.
[Philip Paeps <philip at freebsd.org>]

*) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
to ensure that even with this option, only ciphersuites in the
server's preference list will be accepted. (Note that the option
applies only when resuming a session, so the earlier behavior was
just about the algorithm choice for symmetric cryptography.)
[Bodo Moeller]



  OpenSSLのインストール 4 Xen

%changelog

* Wed Jan 7 2009 Tomas Mraz <tmraz at redhat.com> 0.9.8g-12
- fix CVE-2008-5077 - incorrect checks for malformed signatures (#476671)
- add -no_ign_eof option (#462393)


投票数:61 平均点:5.74
前
2009-01-08 bind,dovecotのupdate
カテゴリートップ
Linux09歩
次
2009-01-09 ntpのupdate