Re: [openssl.org #3203] Normalize PFS key exchange labels

On 1 January 2014 21:39, Daniel Kahn Gillmor d...@fifthhorseman.net wrote: On 01/01/2014 12:48 PM, Ben Laurie wrote: Pull requests on Github are quite useful - that way they also get tracked (so long as we remember to close them when applied, that is!). OK, i've rebased the series against the

[openssl.org #3207] CVE-2013-6449

Hello OpenSSl team, Do you know when a fix for CVE-2013-6449 is going to be released? Also, do you know if the OpenSSL FIPS package is affected? Thanks, -- Daniel Shaul Fidelis Cybersecurity Solutions - Support Associate Support Engineer Support: 1.800.652.4020 option 3

[openssl.org #3208] Planned removal of SSL_OP_MSIE_SSLV2_RSA_PADDING breaks dependent software

It looks like OpenSSL 1.0.2 will no longer provide the constant SSL_OP_MSIE_SSLV2_RSA_PADDING in its header files (http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=dece3209f299ebcd82414868ee39b2c6feb3be0a). This will break dependent software, including all versions of MRI Ruby. Please

[openssl.org #3209] Web man page for OPENSSL_VERSION_NUMBER claims it has 9 hex digits.

The web man page describing OPENSSL_VERSION_NUMBER claims it has 9 hex digits: DESCRIPTION OPENSSL_VERSION_NUMBER is a numeric release version identifier: MMNNFFPPS: major minor fix patch status The text of the man page is self-consistent since many of the examples also show 9 digits. Of course

[openssl.org #3210] typo in SSL_CTX_use_serverinfo.pod

patch below should be self-explanatory diff --git a/doc/ssl/SSL_CTX_use_serverinfo.pod b/doc/ssl/SSL_CTX_use_serverinfo.pod index 4409322..da7935c 100644 --- a/doc/ssl/SSL_CTX_use_serverinfo.pod +++ b/doc/ssl/SSL_CTX_use_serverinfo.pod @@ -19,7 +19,7 @@ These functions load serverinfo TLS

[openssl.org #3211] typo in SSL_CONF_cmd.pod

patch below should be self-explanatory diff --git a/doc/ssl/SSL_CONF_cmd.pod b/doc/ssl/SSL_CONF_cmd.pod index c55f631..38aebc9 100644 --- a/doc/ssl/SSL_CONF_cmd.pod +++ b/doc/ssl/SSL_CONF_cmd.pod @@ -29,7 +29,7 @@ or to process defaults. Currently supported Bcmd names for command lines (i.e.

Re: [openssl.org #3208] Planned removal of SSL_OP_MSIE_SSLV2_RSA_PADDING breaks dependent software

On Sat, Jan 04, 2014 at 11:25:27AM +0100, Matijs van Zuijlen via RT wrote: It looks like OpenSSL 1.0.2 will no longer provide the constant SSL_OP_MSIE_SSLV2_RSA_PADDING in its header files (http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=dece3209f299ebcd82414868ee39b2c6feb3be0a).

Re: [openssl.org #3207] CVE-2013-6449

On Sat, Jan 04, 2014, Daniel Shaul via RT wrote: Hello OpenSSl team, Do you know when a fix for CVE-2013-6449 is going to be released? Also, do you know if the OpenSSL FIPS package is affected? Please don't use the RT address for general queries. To answer your questions. A release is

Re: [openssl.org #3208] Planned removal of SSL_OP_MSIE_SSLV2_RSA_PADDING breaks dependent software

On Sat, Jan 04, 2014, Kurt Roeckx wrote: On Sat, Jan 04, 2014 at 11:25:27AM +0100, Matijs van Zuijlen via RT wrote: It looks like OpenSSL 1.0.2 will no longer provide the constant SSL_OP_MSIE_SSLV2_RSA_PADDING in its header files