Hello
While the beta version has been released now, please let us know if there is any timeline to release the actual 3.0 version ?
What changes are expected to be 3.0 version compared to its beta ? it is restricted to bug-fixes only ?
Thanks
Regards
Sandeep
Hello
As per this blog:
https://www.openssl.org/blog/blog/2017/10/27/steve-marquess/
Steve who is instrumental in handling FIPS certification for openssl object
module is no more associated with OSF.
How can we proceed for future FIPS certification ? Is there any other
contact person to perform
Hello Matt
Are you planning to provide TLSv1.3 support for openSSL 1.0.2 version ?
Thanks
Sandeep
From: Matt Caswell
To: "openssl-users@openssl.org" ,
"openssl-...@openssl.org"
Date: 05/04/2017 06:52 PM
Subject:[openssl-users] Using TLS1.3 with OpenSSL
Sent by:
Hi
Can you please clarify if CVE-2016-7055 only impact x86_64 platform ? What
about other platforms listed in crypto/bn/asm/ folder which has Montgomery
multiplication procedure, is it impacted ?
Thanks
Regards
Sandeep
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailm
Hi
Has this been officially published in openSSL ? Haven't seen a security
advisory for the same.
Regards
Sandeep
From: "Salz, Rich"
To: "openssl-users@openssl.org"
Date: 08/13/2016 12:51 AM
Subject:Re: [openssl-users] CVE-2016-2177
Sent by:"openssl-users"
Commi
Thanks for the information Matt.
Regards
Sandeep
From: Matt Caswell
To: openssl-users@openssl.org
Date: 04/12/2016 12:44 AM
Subject:Re: [openssl-users] Need more information on CVE-2016-2842
Sent by:"openssl-users"
On 11/04/16 19:12, Sandeep Umesh wrot
Hello
Can someone please provide more information on CVE-2016-2842? Is this
different from CVE-2016-0799 ? Looks like this CVE information is not
captured in the advisory -
http://openssl.org/news/secadv/20160301.txt
Also, does this below patch fixes both CVE-2016-2842 and CVE-2016-0799 -
ht
Hello
How can anyone test if the server is susceptible to DROWN CVE?
Possibly one of the methods is to check at https://drownattack.com/#check
Apart from this, will be below command also be useful to verify for the
impact? -
$ openssl s_client -connect : -ssl2
Regards
Sandeep
--
openssl-
Hello users,
Is there any fixes available from openSSL community for the SLOTH attack -
http://www.mitls.org/pages/attacks/SLOTH
or what are the possible mitigation points?
Thanks
Sandeep
___
openssl-users mailing list
To unsubscribe: https://mta.
Hello,
I see a fix for logjam has been provided from 1.0.1 and 1.0.2 versions of
openssl.
https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
Does that imply 0.9.8 is not impacted by logjam? Also, Is it not required
to disable export cipher suites in 0.9.8 version? Thank
Hello Users,
Just want to understand the impact of openssl for RC4 Bar mitzvah attack.
Please correct me if my understanding is wrong, basically this attack is
triggered based on the design of RC4.
openssl is one of the implementers of RC4 algo.
I am not sure if there will be any design change o
Hello users,
NVD vulnerability database confirms the below link as the patch for
CVE-2014-5139 -
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=80bd7b41b30af6ee96f519e629463583318de3b0
This is indicating to CVE-2014-2970.
Where as, the commit for CVE-2014-5139 seems to be -
https://gi
Hi Steve,
Is there a similar patch for vulnerabilities 2 and 3 as well. I would be
grateful if you can point me to them.
Thanks,
Umesh
"Dr. Stephen Henson" wrote:
>
> On Thu, Oct 02, 2003, [EMAIL PROTECTED] wrote:
>
> > Hi all,
> >
> > I have read
Hi All,
Does the BN library use assembly code to manipulate Big Numbers on a MIPS
platform. If so, is there a configuration that needs to be done for that, or
would the ./Configure script automatically do that ?
Regards,
Umesh
he section
[usr_cert] in openssl.cnf before signing.
Umesh
"Dean Gibson (System Administrator)" wrote:
>
> We have an HP LJ 4600 with an internal JetDirect interface that provides an embedded
> web server for administration. The web server has the ability to generate a CSR
>
Hi Ben Laurie,
Do you mean that there would be a release (say 0.9.6j and 0.9.7b) with this
patch included.
Regards,
Umesh
Ben Laurie wrote:
>
> I expect a release to follow shortly.
>
> --
> http://www.apache-ssl.org/ben.html http://www.thebunker.net/
>
> "T
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Hello experts,
please suggest me some books on Basics of security,
cryptography and SSL(Indian editions are preferable).
Your suggestions are appreciated.
Thanx in advance.
-Umesh Vaidya
Missed your favourite TV serial
Thanx Lutz.
--- Lutz Jaenicke <[EMAIL PROTECTED]>
wrote: > On Fri, Sep 06, 2002 at 01:04:22PM +0100,
Umesh
> Vaidya wrote:
> > Hi Everybody,
> > I am a newbie to all this 'encryption' mania.
> > Presently I am working to enable encryption for a
&
reference to
`HMAC_Final'
.
...
many like this.
I would appreciate your kind help.
Any documentation on this or information on links to
the documentations is most welcome.
Than
penssl.org/~bodo/tls-cbc.txt,
but that
didn't help much.
Can anyone suggest a solution for my problem?
-Umesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Try this... for a quick solution
create a file 'random_file' and type a few junk characters in it (save
it :-)).
Then...
./openssl req -new -rand random_file -nodes -keyout private.key -out
public.csr
this should solve your problem.
Regards,
Umesh
Leandro Silveira de Paula wrote:
22 matches
Mail list logo
