Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

VMS version 2.0 ==>

computers / comp.sys.tandem / ITUGLIB Update: OpenSSL 1.1.1t and 3.0.8 are coming soon

SubjectAuthor
o ITUGLIB Update: OpenSSL 1.1.1t and 3.0.8 are coming soonRandall

1
ITUGLIB Update: OpenSSL 1.1.1t and 3.0.8 are coming soon

<b981cc56-b284-4236-8323-617cfaec70a9n@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=591&group=comp.sys.tandem#591

  copy link   Newsgroups: comp.sys.tandem
X-Received: by 2002:a37:8605:0:b0:725:4e52:b9c2 with SMTP id i5-20020a378605000000b007254e52b9c2mr247316qkd.306.1675787502619;
Tue, 07 Feb 2023 08:31:42 -0800 (PST)
X-Received: by 2002:a05:6830:2a0d:b0:68b:cb14:ac33 with SMTP id
y13-20020a0568302a0d00b0068bcb14ac33mr346704otu.67.1675787502304; Tue, 07 Feb
2023 08:31:42 -0800 (PST)
Path: i2pn2.org!i2pn.org!usenet.blueworldhosting.com!feed1.usenet.blueworldhosting.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.sys.tandem
Date: Tue, 7 Feb 2023 08:31:42 -0800 (PST)
Injection-Info: google-groups.googlegroups.com; posting-host=187.157.139.174; posting-account=6VebZwoAAAAgrpUtsowyjrKRLNlqxnXo
NNTP-Posting-Host: 187.157.139.174
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <b981cc56-b284-4236-8323-617cfaec70a9n@googlegroups.com>
Subject: ITUGLIB Update: OpenSSL 1.1.1t and 3.0.8 are coming soon
From: rsbec...@nexbridge.com (Randall)
Injection-Date: Tue, 07 Feb 2023 16:31:42 +0000
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Received-Bytes: 2564
 by: Randall - Tue, 7 Feb 2023 16:31 UTC

Hi All,

Because of the power outage in Texas where our system is, we are somewhat delayed getting the two release to you. However, the bulk of the work is done (applying changes and so forth). There will be another notice when the software is available. Please consider moving to 3.0.8 if you able as this is the currently best supported release.

Major changes between OpenSSL 1.1.1s and OpenSSL 1.1.1t [7 Feb 2023]

Fixed X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
Fixed Use-after-free following BIO_new_NDEF (CVE-2023-0215)
Fixed Double free after calling PEM_read_bio_ex (CVE-2022-4450)
Fixed Timing Oracle in RSA Decryption (CVE-2022-4304)

Major changes between OpenSSL 3.0.7 and OpenSSL 3.0.8 [7 Feb 2023]

Fixed NULL dereference during PKCS7 data verification ([CVE-2023-0401])
Fixed X.400 address type confusion in X.509 GeneralName ([CVE-2023-0286])
Fixed NULL dereference validating DSA public key ([CVE-2023-0217])
Fixed Invalid pointer dereference in d2i_PKCS7 functions ([CVE-2023-0216])
Fixed Use-after-free following BIO_new_NDEF ([CVE-2023-0215])
Fixed Double free after calling PEM_read_bio_ex ([CVE-2022-4450])
Fixed Timing Oracle in RSA Decryption ([CVE-2022-4304])
Fixed X.509 Name Constraints Read Buffer Overflow ([CVE-2022-4203])
Fixed X.509 Policy Constraints Double Locking ([CVE-2022-3996])

Regard,
Randall Becker
On Behalf of the ITUGLIB Technical Committee

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor