openssl 0.9.8k
Toolkit for SSL v2/v3 and TLS v1
Packager: Gökçen Eraslan
License: as-is
Actions
Binary packages
Release history
| Release | Release date | Version | Updater | Comment |
|---|---|---|---|---|
| 25 | 2009-11-15 | 0.9.8k | Eren Türkay | * Add patch to completely disable renegotiation. (CVE-2009-3555, #11515). See: http://extendedsubset.com/?p=8 * NOTE: This fixes 90% of the cases. If renegotiation is needed, we can not do anything about it. Now, TLS extension is being developed to solve the issue but it needs time. When extension is completed, we will keep us updated as well.. * NOTE #2: With this commit, apache will also be fixed. There is no need to patch mod_ssl. The patch to mod_ssl is needed with old version of openssl which does not reject renegotiating. |
| 24 | 2009-09-27 | 0.9.8k | Pınar Yanardağ | Disable MD2 to prevent a spoofing vulnerability (CVE-2009-2409), #10815 |
| 23 | 2009-09-25 | 0.9.8k | Gökçen Eraslan | Fix for another DTLS Denial of Service vulnerability (CVE-2009-1387), #11218 |
| 22 | 2009-09-02 | 0.9.8k | Gökçen Eraslan | Add new root certificates including KamuSM from Mozilla. |
| 21 | 2009-05-20 | 0.9.8k | Gökçen Eraslan | Fix for DTLS Denial of Service (CVE-2009-{1377,1378}), #9778 |
| 20 | 2009-03-31 | 0.9.8k | Gökçen Eraslan | * Root CA certificates are updated. * Issue 'make rehash' command. |
| 19 | 2009-03-30 | 0.9.8k | Pınar Yanardağ | Version bump to fix multiple vulnerabilities CVE-2009-{0590,0591,0789} (bug#9462) |
| 18 | 2009-02-12 | 0.9.8i | Bahadır Kandemir | * Fixed ignoring CFLAGS and LDFLAGS * Fixed test script trying to write /root/.rnd |
| 17 | 2009-01-07 | 0.9.8i | Pınar Yanardağ | Version bump to fix CVE-2008-5077 (bug#8988) |
| 16 | 2009-01-05 | 0.9.8h | Gökçen Eraslan | * Newly included patch (by wpa_supplicant) adds support for TLS SessionTicket extension (RFC 5077) for the parts used by EAP-FAST (RFC 4851). Thanks to Furkan Duman. * Command that inserts certificates from openssl removed, because there are no root certificates in openssl any longer. |
| 15 | 2008-08-22 | 0.9.8h | İşbaran Akçayır | fix CVS-17196 |
| 14 | 2008-05-28 | 0.9.8h | Eren Türkay | Version bump to fix CVE-2008-{0891, 1672}. http://www.openssl.org/news/secadv_20080528.txt |
| 13 | 2008-01-04 | 0.9.8g | İsmail Dönmez | Version bump |
| 12 | 2007-11-07 | 0.9.7m | İsmail Dönmez | Fixup some valid warnings |
| 11 | 2007-09-27 | 0.9.7m | İsmail Dönmez | Fix SSL_get_shared_ciphers() off-by-one buffer overflow |
| 10 | 2007-08-03 | 0.9.7m | İsmail Dönmez | Fix CVE-2007-3108 and be strict about session ID context matching |
| 9 | 2007-02-23 | 0.9.7m | İsmail Dönmez | Stable update |
| 8 | 2006-10-09 | 0.9.7l | İsmail Dönmez | Fix patch for CVE-2006-2940 |
| 7 | 2006-09-28 | 0.9.7l | İsmail Dönmez | Version bump to fix CVE-2006-{2937,2940,3738,4343} |
| 6 | 2006-09-05 | 0.9.7k | İsmail Dönmez | Version bump to fix CVE-2006-4339 |
| 5 | 2006-06-30 | 0.9.7i | İsmail Dönmez | Remove conflicting manpage |
| 4 | 2005-11-17 | 0.9.7i | İsmail Dönmez | Enable no-executable-stack |
| 3 | 2005-10-15 | 0.9.7i | İsmail Dönmez | Compatibility fix |
| 2 | 2005-10-12 | 0.9.7h | İsmail Dönmez | Update to openssl-0.9.7h fixing security problems |
| 1 | 2005-08-14 | 0.9.7e | S.Çağlar Onur | First release. |
Patches
openssl-0.9.8i-tls-extensions.patchopenssl-0.9.8h-ldflags.patch
openssl-0.9.8k-toolchain.patch
openssl-0.9.8-CVE-2009-1377.patch
openssl-0.9.8-CVE-2009-1378.patch
CVE-2009-1387.diff
CVE-2009-2409.patch
CVE-2009-3555-no-renegotiation.patch