サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
体力トレーニング
openssl-library.org
OpenSSL statement on the recent Intel/AMD Downfall/Inception vulnerabilities Aug 15, 2023 Last week marked the public announcement of the Downfall vulnerability in Intel CPUs and the Inception vulnerability in AMD CPUs. Both of these are microarchitectural side-channel attacks allowing an attacker with unprivileged execution on the same physical core as a victim process to extract confidential inf
Mar 28, 2023 We are now less than 6 months away from the End Of Life (EOL) date for the OpenSSL 1.1.1 series. Users of OpenSSL 1.1.1 should consider their options and plan any actions they might need to take. OpenSSL 1.1.1 is a Long Term Support (LTS) release. Our policy is to support LTS releases for a period of 5 years. During the last year of that we typically only backport security fixes to a
CVE-2022-3786 and CVE-2022-3602: X.509 Email address buffer overflows Nov 1, 2022 Today we published an advisory about CVE-2022-3786 (“X.509 Email Address Variable Length Buffer Overflow”) and CVE-2022-3602 (“X.509 Email Address 4-byte Buffer Overflow”). Please read the advisory for specific details about these CVEs and how they might impact you. This blog post will address some common questions t
Old Let's Encrypt root certificate expiration and OpenSSL 1.0.2 Sep 13, 2021 The currently recommended certificate chain as presented to Let’s Encrypt ACME clients when new certificates are issued contains an intermediate certificate (ISRG Root X1) that is signed by an old DST Root CA X3 certificate that expires on 2021-09-30. In some cases the OpenSSL 1.0.2 version will regard the certificates is
OpenSSL 3.0 Series Release Notes The major changes and known issues for the 3.0 branch of the OpenSSL toolkit are summarised below. The contents reflect the current state of the NEWS file inside the git repository. More details can be found in the ChangeLog. Major changes between OpenSSL 3.0.14 and OpenSSL 3.0.15 [3 Sep 2024] OpenSSL 3.0.15 is a security patch release. The most severe CVE fixed in
Sep 7, 2021 After 3 years of development work, 17 alpha releases, 2 beta releases, over 7,500 commits and contributions from over 350 different authors we have finally released OpenSSL 3.0! In addition to this there has been a large number of contributions from our users who have been actively working with the pre-release versions to test it, make sure it works in the real world and with a large a
Nov 28, 2018 The OpenSSL Management Committee has been looking at the versioning scheme that is currently in use. Over the years we’ve received plenty of feedback about the “uniqueness” of this scheme, and it does cause some confusion for some users. We would like to adopt a more typical version numbering approach. The current versioning scheme has this format: MAJOR.MINOR.FIX[PATCH] The new schem
Mar 22, 2017 License The following is a press release that we just released, with the cooperation and financial support of the Core Infrastructure Initiative and the Linux Foundation. In the next few days we’ll start sending out email to all contributors asking them to approve the change. In the meantime, you can visit the licensing website and search for your name and request the email. If you ha
Changelog When a release is created, that branch is forked off, and its changelog is also forked. For example, none of the changes after 0.9.8n appear in the other logs, because 1.0.0 was created after that release and before 0.9.8o. Any changes that are merged across branches, however, should have an entry in each branch’s changelog. This is the changelog for the master branch, the one that is cu
For a list of CVEs and their impact on validated FIPS providers, visit the CVEs and FIPS page. Please follow the Security Policy instructions to download, build and install a validated OpenSSL FIPS provider. Other OpenSSL Releases MAY use the validated FIPS provider, but MUST NOT build and use their own FIPS provider. For example you can build OpenSSL 3.2 and use the OpenSSL 3.0.9 FIPS provider wi
If you think you have found a security bug in OpenSSL, please report it to us. Show issues fixed only in OpenSSL 3.3, 3.2, 3.1, 3.0, 1.1.1, 1.1.0, 1.0.2, 1.0.1, 1.0.0, 0.9.8, 0.9.7, 0.9.6 Note: All OpenSSL versions before 1.1.1 are out of support and no longer receiving updates. Extended support is available for 1.0.2 from OpenSSL Software Services for premium support customers. Jump to year: 2024
このページを最初にブックマークしてみませんか?
『openssl-library.org』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く