OpenSSL v1.0.1.b

Version Release Notes from May 10, 2012 (almost 12 years ago)

« Changelog History

OpenSSL v1.0.1.b Release Notes

Release Date: 2012-05-10 // almost 12 years ago

- Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and DTLS to fix DoS attack.
Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing as a service testing platform. [CVE-2012-2333][]

Steve Henson
- Initialise tkeylen properly when encrypting CMS messages. Thanks to Solar Designer of Openwall for reporting this issue.
Steve Henson
- In FIPS mode don't try to use composite ciphers as they are not approved.
Steve Henson

Awesome C++ is part of the LibHunt network. Terms. Privacy Policy.