centos Firefox shell Python apache Android nginx php linux linux命令 Ubuntu HTML5 google 程序员 wordpress Windows 微软 java 开源 mysql

加密程序库,OpenSSL 1.0.1c 发布


OpenSSL 1.0.1c 发布,改进记录:

  • Record length are now sanity checked before skipping explicit IV in TLS 1.2, 1.1, and DTLS, to avoid possible DoS attacks.
  • A possible deadlock when decoding public keys has been fixed.
  • The TLS 1.0 record version number is no longer used in the initial client hello if renegotiating.
  • tkeylen in now initialized properly when encrypting CMS messages.
  • In FIPS mode, composite ciphers are no longer used, as they are not approved.