OpenSSL 1.0.1a 发布

软件开发 DevOps
1

penSSL是一个强大的安全套接字层密码库,Apache使用它加密HTTPS,OpenSSH使用它加密SSH,但是,你不应该只将其作为一个库来使用,它还是一个多用途的、跨平台的密码工具。

OpenSSL 1.0.1a 发布,改进记录:

  1. A check has been added for potentially exploitable overflows in asn1_d2i_read_bio, BUF_mem_grow, and BUF_mem_grow_clean.

  2. Workarounds have been introduced for some broken servers which “hang” if a client hello record length exceeds 255 bytes.

  3. Incorrect use of TLS 1.2 SHA-256 ciphersuites in TLS 1.0 and 1.1 connections is now avoided.

  4. A segmentation fault in the Vector Permutation AES module has been fixed.