All: Per Daniele Sluijters's inquiry on the 15th,CVE-2009-4355, as well as with a provision/draft fix for CVE-2009-3555 MITM/Renegotiation Venerability.
I suspect we wont have a patch out for RELENG_6_3 by the 31st? But I'm willing to maintain one for another few months. ~BAS -------- Forwarded Message -------- From: OpenSSL <[email protected]> Reply-to: [email protected] To: [email protected], [email protected] Subject: OpenSSL 1.0.0 beta5 release Date: Wed, 20 Jan 2010 19:19:16 +0100 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenSSL version 1.0.0 Beta 5 ============================ [..snip...] Since the fourth beta, the following has happened: - Provisional TLS session renegotiation fix - Option to output hash using older algorithm in x509 utility - Compression session handling bug fix - Build system fixes. - Other bug fixes. Reports and patches should be sent to [email protected]. [..snip...] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
