OpenSSL 1.0.1a 发布


OpenSSL 1.0.1a 发布,改进记录:

  1. A check has been added for potentially exploitable overflows in asn1_d2i_read_bio, BUF_mem_grow, and BUF_mem_grow_clean.

  2. Workarounds have been introduced for some broken servers which “hang” if a client hello record length exceeds 255 bytes.

  3. Incorrect use of TLS 1.2 SHA-256 ciphersuites in TLS 1.0 and 1.1 connections is now avoided.

  4. A segmentation fault in the Vector Permutation AES module has been fixed.