It seams that there is another difference between the two openssl
versions then only the heartbleed bugfix.
err, yes. The g release is a new minor release. I'd ALWAYS advise reading the
changelog before deploying. .. You'd then have seen the new features (this is
why vendors such as redhat
Gents,
is there a chance that for this release of openssl
(http://hpux.connect.org.uk/hppd/hpux/Languages/openssl-1.0.1g/), also
version(s) for HP-UX 11.23 (HP-UX 11iv2 for Itanium and PA-RISC 2.0) is/are
going to be released?
We are currently reviewing our serverfarm and do very much need the
I tried your sample code but compiler showing error like Undefined refrence
to EVP_PKEY_CTX_new although i included header file openssl/evp.h.
You have any idea why this errors occuring???
And by the way thanks for the help friend.
--
View this message in context:
On 11 April 2014 06:25, chetan chet...@neominds.in wrote:
I tried your sample code but compiler showing error like Undefined refrence
to EVP_PKEY_CTX_new although i included header file openssl/evp.h.
You have any idea why this errors occuring???
And by the way thanks for the help friend.
On 10.04.2014 13:16, Rob Stradling wrote:
On 09/04/14 20:43, Salz, Rich wrote:
Can you please post a good and a bad server example. I have
tested a lot of servers, including 'akamai.com', and they all show
HEARTBEATING at the end:
Look at Victor's recent post about how to patch
The same issue when I tried to port over to windows, the ssl3_write_bytes
is not exposed in the library. There doesn't seem to be an easy workaround
that I can see.
Steve...
On Fri, Apr 11, 2014 at 7:40 AM, Walter H. walte...@mathemainzel.infowrote:
On 10.04.2014 13:16, Rob Stradling wrote:
Also try your range here
https://ssltools.websecurity.symantec.com/checker/views/certCheck.jsp
Hth
jaa
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Walter H.
Sent: Friday, April 11, 2014 7:40 AM
To:
In debian I solved linking directly static library.
gcc -ansi -pedantic -o heartbleed heartbleed.c -lcrypto \
/usr/lib/x86_64-linux-gnu/libssl.a
Regards
In data venerdì 11 aprile 2014 08:38:07, Steven Kneizys ha scritto:
The same issue when I tried to port over to windows, the
I'm Using version 1.0.0e.
Is my version of openssl is suitable for EVP_PKEY_CTX_new()??
and if not how can i upgrade my version to latest version?
And by the way thanks for giving some time for me. Thanks again.
--
View this message in context:
Hello,
I'm trying to install openssl 1.0.1g from source on my Linux slackware
server. Said config shared, then make, then make install.Apache
complains that EVP_idea_cbc is undefined. nm -g says U EVP_idea_cbc
meaning it's undefined. I thought it was because of the IDEA patent
thing. But
In a typical year the OpenSSL project receives about US$2000 in donations.
This week we have received roughly 200 donations totaling nearly
US$3000. Amounts have ranged between $0.02 and $300, and I notice that
some individuals have made multiple contributions.
For the larger donations and
Steve,
Does the Foundation have a Bitcoin address?
Ryan
On Fri, Apr 11, 2014 at 8:09 AM, Steve Marquess
marqu...@opensslfoundation.com wrote:
In a typical year the OpenSSL project receives about US$2000 in donations.
This week we have received roughly 200 donations totaling nearly
Thanks, Steve,
… for your hard work, and that of the other Team Members. This week's
'excitement' illustrates how important it us to all of us.
(would be great to find a way around those 'hefty PayPal fees.)
Lou Picciano
- Original Message -
From: Steve Marquess
On 11 April 2014 08:18, chetan chet...@neominds.in wrote:
I'm Using version 1.0.0e.
Is my version of openssl is suitable for EVP_PKEY_CTX_new()??
and if not how can i upgrade my version to latest version?
That version should be fine. See my response to your other thread for
next steps.
Matt
Akamai Technologies is pleased to offer the following patch to OpenSSL. It adds
a secure arena that is used to store RSA private keys. This arena is mmap'd,
with guard pages before and after so pointer over- and under-runs won't wander
into it. It's also locked into memory so it doesn't appear
On 04/11/2014 11:57 AM, Lou Picciano wrote:
Thanks, Steve,
… for your hard work, and that of the other Team Members. This week's
'excitement' illustrates how important it us to all of us.
(would be great to find a way around those 'hefty PayPal fees.)
I'm open to suggestions. Not only is
Hello!
On Fri, Apr 11, 2014 at 01:22:21PM -0400, Salz, Rich wrote:
Akamai Technologies is pleased to offer the following patch to OpenSSL. It
adds a secure arena that is used to store RSA private keys. This arena is
mmap'd, with guard pages before and after so pointer over- and under-runs
Have you thought about mprotecting the guard pages with
mprotect(PROT_NONE) so the application crashes in case of a stray memory
access?
Yes, rats. My message implied that we do that. And I then posted the wrong
version of the code. :(
Here's the right version of cmm_init.
/r$
On Fri, Apr 11, 2014 at 1:23 PM, Steve Marquess
marqu...@opensslfoundation.com wrote:
On 04/11/2014 11:57 AM, Lou Picciano wrote:
Thanks, Steve,
... for your hard work, and that of the other Team Members. This week's
'excitement' illustrates how important it us to all of us.
(would be
On Fri, Apr 11, 2014 at 2:20 PM, Ted Byers r.ted.by...@gmail.com wrote:
Have you checked out Google and Amazon's payment services? I have
heard they exist, but haven't checked them out for cost (I may do so,
and soon, as the Canadian bank's support for ecommerce leaves
everything to be
remove
On Fri, Apr 11, 2014 at 2:20 PM, Ted Byers r.ted.by...@gmail.com wrote:
On Fri, Apr 11, 2014 at 1:23 PM, Steve Marquess
marqu...@opensslfoundation.com wrote:
On 04/11/2014 11:57 AM, Lou Picciano wrote:
Thanks, Steve,
... for your hard work, and that of the other Team Members.
HiI am having 0.9.8 open ssl libraries in my server and 1.0.1 in my client.Am
I venerable to heart bleed attach?Regards,Vishnu.
--
View this message in context:
http://openssl.6102.n7.nabble.com/Heart-bleed-with-0-9-8-and-1-0-1-tp49300.html
Sent from the OpenSSL - User mailing list archive at
Thanks Leonardo!
On 11/04/14 13:54, Leonardo Secci wrote:
In debian I solved linking directly static library.
gcc -ansi -pedantic -o heartbleed heartbleed.c -lcrypto \
/usr/lib/x86_64-linux-gnu/libssl.a
Regards
In data venerdì 11 aprile 2014 08:38:07, Steven Kneizys ha scritto:
The
It is well deserved.
You must look at how much of the internet and our existing computing
architecture relies on the good will of others. It is almost all of it.
Progress cannot happen without openness and honesty, which you all have
shown in spades. Everyone everywhere has come together to
Dear, I have a CA implemented in a Debian Wheezy server and the versión of
Openssl (1.0.1) is affected by the Hearthbleed vulnerability at time to
generate our own CA certificate and the requested certificates for all the
web servers from our company.
I've just upgrade the openssl version, but
Ø do I have to regenerate my CA certificate created with the former openssl
version because of the Hearthbleed vulnerability ???
There should never be any reason for your web server to read the private key
of the CA.
So, no.
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
Honoring Reply-to ...
Steve, please let me know what you learn. I'm going thru similar things
with Network Time Foundation because of the recent DDoS issue involving
NTP.
Our donations bump after that issue was much smaller than yours, but
at least we got a few more donations :)
--
Harlan
On Fri, Apr 11, 2014 at 2:20 PM, Ted Byers r.ted.by...@gmail.com wrote:
On Fri, Apr 11, 2014 at 1:23 PM, Steve Marquess
marqu...@opensslfoundation.com wrote:
...
Have you checked out Google and Amazon's payment services? I have
heard they exist, but haven't checked them out for cost (I may
Thanks Jeff,
On Fri, Apr 11, 2014 at 4:54 PM, Jeffrey Walton noloa...@gmail.com wrote:
On Fri, Apr 11, 2014 at 2:20 PM, Ted Byers r.ted.by...@gmail.com wrote:
On Fri, Apr 11, 2014 at 1:23 PM, Steve Marquess
marqu...@opensslfoundation.com wrote:
...
Have you checked out Google and Amazon's
Donations are up to a total of about US$4200 for the week. I'd like to
give special thanks to John(JT) Olds for a donation of US$1000 on behalf of:
https://www.spacemonkey.com/blog/posts/heartbleeding-openssl-checklist
May their server be hammered with traffic like ours was earlier this week.
I want to disable SSv2 support in OpenSSL and use the flag -DOPENSSL_NO_SSL2
when configuring OpenSSL. It builds fine and passes all tests during 'make
test' phase.
However there a quite a few of SSLv2 tests and they all seem to have passed, or
at least do not indicate 'not supported' errors.
On 04/11/2014 14:46, Ted Byers r.ted.by...@gmail.com wrote:
And guess what I just found. ;-) Amazon has special discounts for
icropayments and nonproft organizations. I do not know if you're a
501(c)3 non-profit, but if you are, then your rate would be 2.2%,
along with the $0.30 per
On Fri, Apr 11, 2014 at 6:50 PM, Geoffrey Coram gjco...@gmail.com wrote:
On 04/11/2014 14:46, Ted Byers r.ted.by...@gmail.com wrote:
And guess what I just found. ;-) Amazon has special discounts for
icropayments and nonproft organizations. I do not know if you're a
501(c)3 non-profit, but
On 04/11/2014 06:50 PM, Geoffrey Coram wrote:
On 04/11/2014 14:46, Ted Byers r.ted.by...@gmail.com wrote:
And guess what I just found. ;-) Amazon has special discounts for
icropayments and nonproft organizations. I do not know if you're a
501(c)3 non-profit, but if you are, then your rate
On 11/04/2014 10:38 PM, Steven Kneizys wrote:
The same issue when I tried to port over to windows,
the ssl3_write_bytes is not exposed in the library. There doesn't
seem to be an easy workaround that I can see.
The work around is trivial if you wanted to do that.
Change to use the
You do not have to regenerate the CA key or certificate.
You do have to regenerate the web server keys and certificates.
https://www.cloudflarechallenge.com/heartbleed has had multiple people
independently obtain their private key.
-Kyle H
On Fri, Apr 11, 2014 at 12:59 PM, Jeronimo L. Cabral
Teach me to ask a question without reading the entire thread.
At what point would the break-even cost make sense to form a non-profit entity?
-Kyle H
On Fri, Apr 11, 2014 at 8:46 PM, Kyle Hamilton aerow...@gmail.com wrote:
Is OpenSSL Software Foundation, Inc. a tax-exempt organization?
-Kyle
Is OpenSSL Software Foundation, Inc. a tax-exempt organization?
-Kyle H
On Fri, Apr 11, 2014 at 8:09 AM, Steve Marquess
marqu...@opensslfoundation.com wrote:
In a typical year the OpenSSL project receives about US$2000 in donations.
This week we have received roughly 200 donations totaling
38 matches
Mail list logo