OpenSSL v1.0.0.k

« Changelog History

OpenSSL v1.0.0.k Release Notes

• • Keep original DTLS digest and encryption contexts in retransmission structures so we can use the previous session parameters if they need to be resent. [CVE-2013-6450][]

  Steve Henson

  • Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which avoids preferring ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing 10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.

  Rob Stradling, Adam Langley

• All Versions
• Previous v1.0.0.j
• Next v1.0.0.l
• Latest Version