On 1 January 2014 21:39, Daniel Kahn Gillmor d...@fifthhorseman.net wrote:
On 01/01/2014 12:48 PM, Ben Laurie wrote:
Pull requests on Github are quite useful - that way they also get
tracked (so long as we remember to close them when applied, that is!).
OK, i've rebased the series against the
Hello OpenSSl team,
Do you know when a fix for CVE-2013-6449 is going to be released? Also, do you
know if the OpenSSL FIPS package is affected?
Thanks,
--
Daniel Shaul
Fidelis Cybersecurity Solutions - Support
Associate Support Engineer
Support: 1.800.652.4020 option 3
It looks like OpenSSL 1.0.2 will no longer provide the constant
SSL_OP_MSIE_SSLV2_RSA_PADDING in its header files
(http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=dece3209f299ebcd82414868ee39b2c6feb3be0a).
This will break dependent software, including all versions of MRI Ruby. Please
The web man page describing OPENSSL_VERSION_NUMBER claims it has 9 hex digits:
DESCRIPTION
OPENSSL_VERSION_NUMBER is a numeric release version identifier:
MMNNFFPPS: major minor fix patch status
The text of the man page is self-consistent since many of the examples also
show 9 digits. Of course
patch below should be self-explanatory
diff --git a/doc/ssl/SSL_CTX_use_serverinfo.pod
b/doc/ssl/SSL_CTX_use_serverinfo.pod
index 4409322..da7935c 100644
--- a/doc/ssl/SSL_CTX_use_serverinfo.pod
+++ b/doc/ssl/SSL_CTX_use_serverinfo.pod
@@ -19,7 +19,7 @@ These functions load serverinfo TLS
patch below should be self-explanatory
diff --git a/doc/ssl/SSL_CONF_cmd.pod b/doc/ssl/SSL_CONF_cmd.pod
index c55f631..38aebc9 100644
--- a/doc/ssl/SSL_CONF_cmd.pod
+++ b/doc/ssl/SSL_CONF_cmd.pod
@@ -29,7 +29,7 @@ or to process defaults.
Currently supported Bcmd names for command lines (i.e.
On Sat, Jan 04, 2014 at 11:25:27AM +0100, Matijs van Zuijlen via RT wrote:
It looks like OpenSSL 1.0.2 will no longer provide the constant
SSL_OP_MSIE_SSLV2_RSA_PADDING in its header files
(http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=dece3209f299ebcd82414868ee39b2c6feb3be0a).
On Sat, Jan 04, 2014, Daniel Shaul via RT wrote:
Hello OpenSSl team,
Do you know when a fix for CVE-2013-6449 is going to be released? Also, do
you know if the OpenSSL FIPS package is affected?
Please don't use the RT address for general queries.
To answer your questions. A release is
On Sat, Jan 04, 2014, Kurt Roeckx wrote:
On Sat, Jan 04, 2014 at 11:25:27AM +0100, Matijs van Zuijlen via RT wrote:
It looks like OpenSSL 1.0.2 will no longer provide the constant
SSL_OP_MSIE_SSLV2_RSA_PADDING in its header files