Four new zips for Win32 and Win64 versions of OpenSSL 1.1.0h and 1.0.2o
can now be downloadable from the Wiki at:

http://wiki.overbyte.eu/wiki/index.php/ICS_Download

PLEASE NOTE the EU in the URL, not BE, this is a new wiki server.  

These Open SSL versions are also included in SVN and the overnight zip.


There is one moderate security fix, and one low security fix. 

Constructed ASN.1 types with a recursive definition (such as can be
found in PKCS7) could eventually exceed the stack given malicious input
with excessive recursion. This could result in a Denial Of Service
attack. 

There is an overflow bug in the AVX2 Montgomery multiplication
procedure used in exponentiation with 1024-bit moduli. This only
affects processors that support the AVX2 but not ADX extensions like
Intel Haswell (4th generation).

Angus

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to