logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> News & Hangout View previous topic :: View next topic
Reply to topic   Topic: OpenSSL 0.9.8j upgrade for Apache is available
Author
admin
Site Admin


Joined: 15 Oct 2005
Posts: 677

PostPosted: Wed 07 Jan '09 21:55    Post subject: OpenSSL 0.9.8j upgrade for Apache is available Reply with quote

OpenSSL 0.9.8j has been released, it is as upgrade available at the download page www.apachelounge.com/download/

A security issue is solved, see http://openssl.org/news/secadv_20090107.txt

Enjoy,

Steffen


Changes between 0.9.8i and 0.9.8j


    *) Properly check EVP_VerifyFinal() and similar return values (CVE-2008-5077).
    [Ben Laurie, Bodo Moeller, Google Security Team]

    *) Enable TLS extensions by default.
    [Ben Laurie]

    *) Allow the CHIL engine to be loaded, whether the application is
    multithreaded or not. (This does not release the developer from the
    obligation to set up the dynamic locking callbacks.)
    [Sander Temme <sander@temme.net>]

    *) Use correct exit code if there is an error in dgst command.
    [Steve Henson; problem pointed out by Roland Dirlewanger]

    *) Tweak Configure so that you need to say "experimental-jpake" to enable
    JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications.
    [Bodo Moeller]

    *) Add experimental JPAKE support, including demo authentication in
    s_client and s_server.
    [Ben Laurie]

    *) Set the comparison function in v3_addr_canonize().
    [Rob Austein <sra@hactrn.net>]

    *) Add support for XMPP STARTTLS in s_client.
    [Philip Paeps <philip@freebsd.org>]

    *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
    to ensure that even with this option, only ciphersuites in the
    server's preference list will be accepted. (Note that the option
    applies only when resuming a session, so the earlier behavior was
    just about the algorithm choice for symmetric cryptography.)
    [Bodo Moeller]
Back to top


Reply to topic   Topic: OpenSSL 0.9.8j upgrade for Apache is available View previous topic :: View next topic
Post new topic   Forum Index -> News & Hangout