Subject: CVE-2022-3602 and CVE-2022-3786 Critical OpenSSL 3.0.x security
vulnerabilities
Good day from Singapore,
I refer to the following posts.
[1] OpenSSL Gives Heads Up to Critical Vulnerability Disclosure, Check
Point Alerts Organizations to Prepare Now
Link:
https://blog.checkpoint.com/202
The project will once they are formally standardised.
In the meantime, the Open Quantum Safe project has a provider that
implements all of the candidate algorithms
(https://github.com/open-quantum-safe/oqs-provider).
Pauli
On 1/11/22 15:14, ad...@redtile.com wrote:
Will OpenSSL persue/suppo
这是一封自动回复邮件。已经收到您的来信,我会尽快回复。
On Tue, Nov 01, 2022 at 06:08:10PM -0500, Ray Crumrine wrote:
> Oh my gosh! Thank you. I am a newbie when it comes to certificates. I
> am only using tls for outbound calls. I thought I shouldn't need a
> certificate when doing outbound only [a client] but was getting some
> weird error. After I r
Oh my gosh! Thank you. I am a newbie when it comes to certificates. I am
only using tls for outbound calls. I thought I shouldn't need a
certificate when doing outbound only [a client] but was getting some
weird error. After I read your email I simply commented out both
"certificate" lines in
Good day :
This always bites me when I try strict C90 :
In file included from include/openssl/x509.h:41,
from apps/include/apps.h:29,
from apps/lib/app_libctx.c:10:
include/openssl/sha.h:106:37: error: ISO C90 does not support 'long
long' [-Wlong-long]
Dear Users,
I have released version 5.67 of stunnel.
### Version 5.67, 2022.11.01, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 3.0.7.
* New features
- Provided a logging callback to custom engines.
* Bugfixes
- Fixed "make cert" with OpenSSL older than 3.0.
- Fixe
Hi Mike,
the signing key is a sub key of the key listed on this web site:
https://www.openssl.org/community/otc.html
The primary key fingerprint is also mentioned at
https://github.com/openssl/openssl/blob/master/doc/fingerprints.txt
Regards,
Tomas Mraz, OpenSSL
On Tue, 2022-11-01 at 18:14 +0
Please see the new blog post here:
https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/
OpenPGP_0xD9C4D26D0E604491.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
being exploited as of the time of
release of this advisory (November 1st 2022).
References
==
URL for this Security Advisory:
https://www.openssl.org/news/secadv/20221101.txt
Note: the online version of the advisory may be updated with additional details
over time.
For details of Op
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 1.1.1s released
===
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.1.1s of our open sour
这是一封自动回复邮件。已经收到您的来信,我会尽快回复。
On Tue, Nov 01, 2022 at 05:55:08AM -0500, Ray Crumrine wrote:
> SSL SSL_ERROR_SSL (Handshake): Level: 0 err: <336151573> routines-ssl3_read_bytes-sslv3 alert certificate expired>
Is this logged by the TLS client or server? In other words are you
running a client application making outgoing conn
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 3.0.7 released
==
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 3.0.7 of our open source
Hello,
I have a strange issue with 1.1.1n. I am getting error
SSL SSL_ERROR_SSL (Handshake): Level: 0 err: <336151573> routines-ssl3_read_bytes-sslv3 alert certificate expired>
but not all of the time. Only when I try to access
us-east-va.sip.flowroute using tlsv1.2.
I have tried two other s
Will OpenSSL persue/support the four new NIST Quantum Cryptographic Algorithms?
https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms
16 matches
Mail list logo