nginx 云计算 centos Ubuntu Firefox Python php apache wordpress shell google java 程序员 mysql Windows 编程 微软 Android linux 开源

加密程序库,OpenSSL 1.0.1c 发布


OpenSSL 1.0.1c 发布,改进记录:

  • Record length are now sanity checked before skipping explicit IV in TLS 1.2, 1.1, and DTLS, to avoid possible DoS attacks.
  • A possible deadlock when decoding public keys has been fixed.
  • The TLS 1.0 record version number is no longer used in the initial client hello if renegotiating.
  • tkeylen in now initialized properly when encrypting CMS messages.
  • In FIPS mode, composite ciphers are no longer used, as they are not approved.