: Log in!

メインメニュー
Google


ウェブ 検索
サイト内検索
トップ  >  Linux16歩  >  2016-03-26 opensslのupdate
20160326 openssl-1.0.2gにupdateしました


OpenSSL NEWS

Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016]

 o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
 o Disable SSLv2 default build, default negotiation and weak ciphers
   (CVE-2016-0800)
 o Fix a double-free in DSA code (CVE-2016-0705)
 o Disable SRP fake user seed to address a server memory leak
   (CVE-2016-0798)
 o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
   (CVE-2016-0797)
 o Fix memory issues in BIO_*printf functions (CVE-2016-0799)
 o Fix side channel attack on modular exponentiation (CVE-2016-0702)

Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015]:

 o Suite B support for TLS 1.2 and DTLS 1.2
 o Support for DTLS 1.2
 o TLS automatic EC curve selection.
 o API to set TLS supported signature algorithms and curves
 o SSL_CONF configuration API.
 o TLS Brainpool support.
 o ALPN support.
 o CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.

・詳細はソースに含まれるCHANGES,NEWSを参照して下さい

投票数:10 平均点:5.00
前
2016-03-25 named.cacheのchange
カテゴリートップ
Linux16歩
次
2016-03-31 dovecotのupdate