Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[ANNOUNCE] OpenSSL 0.9.6h released

0 views
Skip to first unread message

Richard Levitte - VMS Whacker

unread,
Dec 5, 2002, 7:32:50 PM12/5/02
to
-----BEGIN PGP SIGNED MESSAGE-----


OpenSSL version 0.9.6h released
===============================

OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/

The OpenSSL project team is pleased to announce the release of version
0.9.6h of our open source toolkit for SSL/TLS. This new OpenSSL version
is a bugfix release. This will be the last release in the 0.9.6 series.

The most significant changes are:

o New configuration targets for Tandem OSS and A/UX.
o New OIDs for Microsoft attributes.
o Better handling of SSL session caching.
o Better comparison of distinguished names.
o Better handling of shared libraries in a mixed GNU/non-GNU environment.
o Support assembler code with Borland C.
o Fixes for length problems.
o Fixes for uninitialised variables.
o Fixes for memory leaks, some unusual crashes and some race conditions.
o Fixes for smaller building problems.
o Updates of manuals, FAQ and other instructive documents.

We consider OpenSSL 0.9.6h to be the best version of OpenSSL available
and we strongly recommend that users of older versions upgrade as
soon as possible. OpenSSL 0.9.6h is available for download via HTTP
and FTP from the following master locations (you can find the various
FTP mirrors under http://www.openssl.org/source/mirror.html):

o http://www.openssl.org/source/
o ftp://ftp.openssl.org/source/

[1] OpenSSL comes in the form of two distributions this time.
The reasons for this is that we want to deploy the external crypto device
support but don't want to have it part of the "normal" distribution just
yet. The distribution containing the external crypto device support is
popularly called "engine", and is considered experimental. It's been
fairly well tested on Unix and flavors thereof. If run on a system with
no external crypto device, it will work just like the "normal" distribution.

The distribution file names are:

o openssl-0.9.6h.tar.gz [normal]
MD5 checksum: 621bef36ad61012bb71945a1cb449073
o openssl-engine-0.9.6h.tar.gz [engine]
MD5 checksum: a7e3f5c0a5451ca666e4cbe23a8617a2

The checksums were calculated using the following commands:

openssl md5 < openssl-0.9.6h.tar.gz
openssl md5 < openssl-engine-0.9.6h.tar.gz

Yours,
The OpenSSL Project Team...

Mark J. Cox Ben Laurie Andy Polyakov
Ralf S. Engelschall Richard Levitte Geoff Thorpe
Dr. Stephen Henson Bodo Möller
Lutz Jänicke Ulf Möller

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQEVAwUBPe/vyPTy7ZjgbSyxAQGpMgf9F+ogrKCTS986u8S3djrjQPBf7PmVKKUt
/alezX+LoIIDP5FxcQVZtim0N7cevNplm7JhfYczDmUg/uJhF4dt2KyWv+fouP0j
jnBrqciFlHi17phPbPmQly791yBoaEvg/SU/mFdwsC4wS2wKpUiJbsxD1C/7AATp
32+h81Pi7rmvo1QdinB81xcoXVFJIY+1jgxb/OFoTvG0TX+W17kIgIAjmdw/wilj
mFNXqM+XxHqn8vqPXMO9PJL4IGNgYiqmjkZ+Rrmh7wOmSl4jOpBPrXwt7xxyRCA5
Rzq4e2JfnEwu+380cSn7GFlFTbCAqhxL33ut37gOKX2vzDGH8zlmbQ==
=7T2J
-----END PGP SIGNATURE-----

Richard Levitte - VMS Whacker

unread,
Dec 8, 2002, 3:55:39 PM12/8/02
to
-----BEGIN PGP SIGNED MESSAGE-----

OpenSSL version 0.9.6h release correction
=========================================

A small packaging fault was just discovered. In crypto/opensslv.h,
the macro OPENSSL_VERSION_NUMBER has the value 0x00906080L when it
should really be 0x0090608fL. The cause of this fault was a tagging
error in our CVS repository.

To solve this issue, the faulty has been corrected, and we have
rebuilt the 0.9.6h distribution. The 0.9.6h [engine] distribution
is unaffected by this.

The corrected distribution is available for download via HTTP and


FTP from the following master locations (you can find the various
FTP mirrors under http://www.openssl.org/source/mirror.html):

o http://www.openssl.org/source/
o ftp://ftp.openssl.org/source/

The distributed file name is:

o openssl-0.9.6h.tar.gz
MD5 checksum: 1a0c2bee9f6b0af95ce65106462411f5

The checksum was calculated using the following commands:

openssl md5 < openssl-0.9.6h.tar.gz

Additionally, for those who don't really want to reload a full
distribution, the following very small patch file is available:

o openssl-0.9.6h.BOGUS-0.9.6h.patch

Yours,
The OpenSSL Project Team...

Mark J. Cox Ben Laurie Andy Polyakov
Ralf S. Engelschall Richard Levitte Geoff Thorpe
Dr. Stephen Henson Bodo Möller
Lutz Jänicke Ulf Möller

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQEVAwUBPfOxX/Ty7ZjgbSyxAQGcjAf8CZdNuDkbM7IO/PDT5HYTJVwGDdIhFmV2
znAu91zD/zrMICyQC0xjQSOs+j8/5bUzT8NTDjGlkc2DTIYZB/PAhyt5cEtMh8qz
Q5h82tFmeHAmFr6xedJbbVNV5vjzA3Y/En97By1fl0aCMxnrW3NeIQmDAu5JZ9tg
PQOXI47sBWV2YvaVjlQ87kjm8GyQkbtPFb3WYhNpWXi3//5FAz+6Mj4NEITw64Fs
XM5M66jhoaIoGVt3i7w8LEokxE1x4SPbCNAQ24+UnudbCYeg/aB8Y309a4lorsVB
npToQW+LTuQXst9jTHec9pDWD51CwVbviAKKXWLCl0KWxoay6OcUvA==
=Jm+M
-----END PGP SIGNATURE-----

0 new messages