I had success compiling and integrating 1.0.2 on Centos Linux 5.10 i686,
however for Windows 7 64 bit, my 64 bit compilation of 1.0.2 did not succeed
at the first attempt. Instead for our Windows 7 build , I downloaded
openssl-1.0.11 and compiled it as a 32 bit library and integrated with our
When compiling a 64 bit OpenSSL 1.0.2a with a 32 bit PERL interpreter I
get this error:
./config zlib-dynamic shared
make
[...]
/usr/local/bin/perl asm/ghash-x86_64.pl elf ghash-x86_64.s
Integer overflow in hexadecimal number at
asm/../../perlasm/x86_64-xlate.pl line 201, line 890.
gcc -I..
[bug-report]
Hi, I am openssl-user Jang Young-Hwi.
My webwerver uses OpenSSL-1.0.1h, and downed with core dump.
The core dump occurs when the pkey is NULL. (if malloc() failed)
I think that the exception code is required..
Below..
== [core dump]
...
Program terminated with signal 11,
Please document the differences between your 4 simultaneous releases somewhere
easy to find (e.g.: on the main page https://www.openssl.org )
They all have exactly the same date, whether 1.0.2 is bigger or smaller than
1.0.11 is not clear, and which one should I be using?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.1m released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.1m of our open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.2a released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.2a of our open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.0r released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.0r of our open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 0.9.8zf released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 0.9.8zf of our open
On Thu, Mar 19, 2015, Randall S. Becker wrote:
On March 19, 2015 10:09 AM OpenSSL wrote:
To: OpenSSL Developer ML; OpenSSL User Support ML; OpenSSL Announce ML
Subject: [openssl-dev] OpenSSL version 1.0.2a released
OpenSSL version 1.0.2a released
===
https://openssl.org/about/releasestrat.html
Letter releases contain only bugfixes. So 1.0.2 has more features than 1.0.1
That release has been out longer so it has more releases after it.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
On March 19, 2015 1:58 PM Dr. Stephen Henson wrote:
On Thu, Mar 19, 2015, Randall S. Becker wrote:
On March 19, 2015 10:09 AM OpenSSL wrote:
To: OpenSSL Developer ML; OpenSSL User Support ML; OpenSSL Announce
ML
Subject: [openssl-dev] OpenSSL version 1.0.2a released
OpenSSL
On March 19, 2015 10:09 AM OpenSSL wrote:
To: OpenSSL Developer ML; OpenSSL User Support ML; OpenSSL Announce ML
Subject: [openssl-dev] OpenSSL version 1.0.2a released
OpenSSL version 1.0.2a released
===
OpenSSL - The Open Source toolkit for SSL/TLS
Hello,
deheader (git://gitorious.org/deheader/deheader.git) found out, that
apps/speed.c #included twice openssl/bn.h and openssl/evp.h .
Feel free to remove one for the duplicated #include .
Greetings
Dilian
___
openssl-dev mailing list
To
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL Security Advisory [19 Mar 2015]
===
OpenSSL 1.0.2 ClientHello sigalgs DoS (CVE-2015-0291)
=
Severity: High
If a client connects to an OpenSSL 1.0.2
Hey guys,
Is there any chance OpenSSL can start issuing SHA256 checksums with
OpenSSL Releases as well as/instead of MD5/SHA1? MD5 isn't great these
days, to say the least, and SHA1 has some potential long-term issues.
Both MacPorts and Homebrew on OS X use SHA256 to verify downloads, and
not
Hi there!
I like to ask if this RSA-PSK patch could be reviewed (and maybe added) by
someone. We are looking forward to see this feature in 1.1.0 someday.
Any comments or hints?
Best regards
André Klitzing
2015-01-30 16:32 GMT+01:00 Giuseppe D'Angelo via RT r...@openssl.org:
New version
Hi there!
I like to ask if this RSA-PSK patch could be reviewed (and maybe added) by
someone. We are looking forward to see this feature in 1.1.0 someday.
Any comments or hints?
Best regards
André Klitzing
2015-01-30 16:32 GMT+01:00 Giuseppe D'Angelo via RT r...@openssl.org:
New version
Thanks for the release today! This is a trivial bug report, but i figure
I noticed that the advisory uses UTF-8, but it is being served with an
unadorned Content-Type: text/plain header:
$ (wget -O- -q -S https://openssl.org/news/secadv_20150319.txt | file -) 21 |
egrep 'stdin|Content-Type'
On Thu, Mar 19, 2015, Erik Tkal wrote:
If I do not send a sessionID in the clientHello but do send a valid
sessionTicket extension, the server goes straight to changeCipherSpec and
the client generates an UnexpectedMessage alert.
Does the server send back an empty session ticket
FWIW, RFC 5077 says:
3.4 https://tools.ietf.org/html/rfc5077#section-3.4. Interaction with TLS
Session ID
...
When presenting a ticket, the client MAY generate and include a
Session ID in the TLS ClientHello. If the server accepts the ticket
and the Session ID is not empty, then
since most folks consider text/plain to default to iso-8859-1, that means that
Emilia Käsper's name is rendered as Emilia Käsper.
Well, that's pretty bad. Fixed, thanks!
___
openssl-dev mailing list
To unsubscribe:
21 matches
Mail list logo