Пакет LibreSSL: Информация

LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in
2014, with goals of modernizing the codebase, improving security, and
applying best practice development processes.
- 2.4.2
- LibreSSL
  + Bug fixes and improvements:
    - Fixed loading default certificate locations with openssl s_client.
    - Ensured OSCP only uses and compares GENERALIZEDTIME values as per
      RFC6960. Also added fixes for OCSP to work with intermediate
      certificates provided in responses.
    - Improved behavior of arc4random on Windows to not appear to leak
      memory in debug tools, reduced privileges of allocated memory.
    - Fixed incorrect results from BN_mod_word() when the modulus is too
      large, thanks to Brian Smith from BoringSSL.
    - Correctly handle an EOF prior to completing the TLS handshake in
      libtls.
    - Improved libtls ceritificate loading and cipher string validation.
    - Updated libtls cipher group suites into four categories:
      - "secure"   (TLSv1.2+AEAD+PFS)
      - "compat"   (HIGH:!aNULL)
      - "legacy"   (HIGH:MEDIUM:!aNULL)
      - "insecure" (ALL:!aNULL:!eNULL)
      This allows for flexibility and finer grained control, rather than
      having two extremes.
    - Limited support for 'backward com
- openssl-LibreSSL:
  + rename package from LibreSSL-openssl
  + remove conflict with openssl
  + rename binary and manpages fro openssl to openssl-LibreSSL
  + move some man pages to LibreSSL-doc package
- netcat-tls:
  + rename package from netcat-openbsd
  + adopt many of original netcat alt and owl patches
- 2.3.6
- Correct a problem that prevents the DSA signing algorithm from running
  in constant time even if the flag BN_FLG_CONSTTIME is set.
- 2.3.5

Пакет LibreSSL: Информация

Последнее изменение