Four new zips for Win32 and Win64 versions of OpenSSL 1.1.0h and 1.0.2o can now be downloadable from the Wiki at:
http://wiki.overbyte.eu/wiki/index.php/ICS_Download PLEASE NOTE the EU in the URL, not BE, this is a new wiki server. These Open SSL versions are also included in SVN and the overnight zip. There is one moderate security fix, and one low security fix. Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
