Major changes between OpenSSL 1.1.1e and OpenSSL 1.1.1f [31 Mar 2020] - Revert the unexpected EOF reporting via SSL_ERROR_SSL
Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020] - Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (CVE-2019-1551 <https://www.openssl.org/news/vulnerabilities.html#2019-1551>) - Properly detect unexpected EOF while reading in libssl and report it via SSL_ERROR_SSL On Fri, 3 Apr 2020 at 13:40, Thomas Klausner <[email protected]> wrote: > While fetching a distfile (using ftp(1)) I saw: > > => Fetching xscreensaver-5.44.tar.gz > Requesting https://www.jwz.org/xscreensaver/xscreensaver-5.44.tar.gz > 94% > |******************************************************************************************************* > | 24832 KiB 1.86 MiB/s 00:00 ETA > 18446744073709551615:error:14095126:SSL routines:ssl3_read_n:unexpected > eof while > reading:/usr/src/crypto/external/bsd/openssl/dist/ssl/record/rec_layer_s3.c:303: > 100% > |**************************************************************************************************************| > 26368 KiB 1.87 MiB/s 00:00 ETA > 27001826 bytes retrieved in 00:13 (1.87 MiB/s) > > Should I worry? > Thomas > >
