exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

OpenSSL Toolkit 1.0.2c
Posted Jun 15, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fix HMAC ABI incompatibility. The previous version introduced an ABI incompatibility in the handling of HMAC. The previous ABI has now been restored.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792
SHA-256 | 0038ba37f35a6367c58f17a7a7f687953ef8ce4f9684bbdec63e62515ed36a83

Related Files

OpenSSL Toolkit 3.0.5
Posted Jul 5, 2022
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

Changes: The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. An AES OCB mode issue was also addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2022-2097, CVE-2022-2274
SHA-256 | aa7d8d9bef71ad6525c55ba11e5f4397889ce49c2c9349dcea6d3e4f0b024a7a
OpenSSL Toolkit 1.1.1q
Posted Jul 5, 2022
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2022-2097
SHA-256 | d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca
OpenSSL Toolkit 1.1.1p
Posted Jun 21, 2022
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed additional bugs in the c_rehash script which was not properly sanitizing shell metacharacters to prevent command injection.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2022-2068
SHA-256 | bf61b62aaa66c7c7639942a94de4c9ae8280c08f17d4eac2e44644d9fc8ace6f
OpenSSL Toolkit 3.0.3
Posted May 3, 2022
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

Changes: Fixed a bug in the c_rehash script which was not properly sanitizing shell metacharacters to prevent command injection. Fixed a bug in the function OCSP_basic_verify that verifies the signer certificate on an OCSP response. Fixed a bug where the RC4-MD5 ciphersuite incorrectly used the AAD data as the MAC key. Fixed a bug in the OPENSSL_LH_flush() function that breaks reuse of the memory occupied by the removed hash table entries.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2022-1292, CVE-2022-1343, CVE-2022-1434, CVE-2022-1473
SHA-256 | ee0078adcef1de5f003c62c80cc96527721609c6f3bb42b7795df31f8b558c0b
OpenSSL Toolkit 1.1.1o
Posted May 3, 2022
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a bug in the c_rehash script which was not properly sanitizing shell metacharacters to prevent command injection.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2022-1292
SHA-256 | 9384a2b0570dd80358841464677115df785edb941c71211f75076d72fe6b438f
OpenSSL Toolkit 3.0.2
Posted Mar 16, 2022
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

Changes: Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever for non-prime moduli. Added ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489) to the list of ciphersuites providing Perfect Forward Secrecy as required by SECLEVEL greater than or equal to 3. Made the AES constant time code for no-asm configurations optional due to the resulting 95% performance degradation. Fixed PEM_write_bio_PKCS8PrivateKey() to make it possible to use empty passphrase strings. The negative return value handling of the certificate verification callback was reverted. The replacement is to set the verification retry state with the SSL_set_retry_verify() function.
tags | tool, encryption, protocol
systems | unix
SHA-256 | 98e91ccead4d4756ae3c9cde5e09191a8e586d9f4d50838e7ec09d6411dfdb63
OpenSSL Toolkit 1.1.1n
Posted Mar 16, 2022
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever for non-prime moduli. Added ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489) to the list of ciphersuites providing Perfect Forward Secrecy as required by SECLEVEL greater than or equal to 3.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2022-0778
SHA-256 | 40dceb51a4f6a5275bde0e6bf20ef4b91bfc32ed57c0552e2e8e15463372b17a
OpenSSL Toolkit 1.1.1m
Posted Dec 15, 2021
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Made a change to avoid loading of a dynamic engine twice. Fixed building on Debian with kfreebsd kernels. Prioritized DANE TLSA issuer certs over peer certs. Fixed random API for MacOS prior to 10.12.
tags | tool, encryption, protocol
systems | unix
SHA-256 | f89199be8b23ca45fc7cb9f1d8d3ee67312318286ad030f5316aca6462db6c96
OpenSSL Toolkit 1.1.1l
Posted Aug 24, 2021
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed an SM2 Decryption Buffer Overflow. Fixed various read buffer overruns processing ASN.1 strings.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2021-3711, CVE-2021-3712
SHA-256 | 0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1
OpenSSL Toolkit 1.1.1k
Posted Mar 25, 2021
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag. Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2021-3449, CVE-2021-3450
SHA-256 | 892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5
OpenSSL Toolkit 1.1.1j
Posted Feb 17, 2021
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a NULL pointer deref in the X509_issuer_and_serial_hash() function. Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING padding mode to correctly check for rollback attacks. Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate functions. Fixed SRP_Calc_client_key so that it runs in constant time.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2021-23840, CVE-2021-23841
SHA-256 | aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf
OpenSSL Toolkit 1.1.1i
Posted Dec 8, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed NULL pointer deref in the GENERAL_NAME_cmp function. Added support for Apple Silicon M1 Macs with the darwin64-arm64-cc target. A client-side call was changed. In 1.1.1h, an expired trusted (root) certificate was not anymore rejected when validating a certificate path. This check is restored in 1.1.1i.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2020-1971
SHA-256 | e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242
OpenSSL Toolkit 1.1.1h
Posted Sep 22, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Certificates with explicit curve parameters are now disallowed in verification chains if the X509_V_FLAG_X509_STRICT flag is used. A few other updates as well.
tags | tool, encryption, protocol
systems | unix
SHA-256 | 5c9ca8774bd7b03e5784f26ae9e9e6d749c9da2438545077e6b3d755a06595d9
OpenSSL Toolkit 1.1.1g
Posted Apr 21, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed segmentation fault in SSL_check_chain().
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2020-1967
SHA-256 | ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46
OpenSSL Toolkit 1.1.1f
Posted Mar 31, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Reverted the change of EOF detection while reading in libssl to avoid regressions in applications depending on the current way of reporting the EOF. Revised BN_generate_prime_ex to not avoid factors 3..17863 in p-1 when primes for RSA keys are computed.
tags | tool, encryption, protocol
systems | unix
SHA-256 | 186c6bfe6ecfba7a5b48c47f8a1673d0f3b0e5ba2e25602dd23b629975da3f35
OpenSSL Toolkit 1.1.1e
Posted Mar 18, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: It now properly detects EOF while reading in libssl. Fixed SSL_get_servername() behaviour. Various other updates and bug fixes.
tags | tool, encryption, protocol
systems | unix
SHA-256 | 694f61ac11cb51c9bf73f54e771ff6022b0327a43bbdfa1b2f19de1662a6dcbe
OpenSSL Toolkit 1.1.1d
Posted Sep 11, 2019
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a fork protection issue. Added a bypass mitigation. Various other updates.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2019-1547, CVE-2019-1549, CVE-2019-1552, CVE-2019-1563
SHA-256 | 1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2
OpenSSL Toolkit 1.1.1c
Posted May 28, 2019
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added build tests for C++. Enabled SHA3 pre-hashing for ECDSA and DSA. Various other updates.
tags | tool, encryption, protocol
systems | unix
SHA-256 | f6fb3079ad15076154eda9413fed42877d668e7069d9b87396d0804fdb3f4c90
OpenSSL Toolkit 1.1.1b
Posted Feb 28, 2019
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added SCA hardening for modular field inversion in EC_GROUP through a new dedicated field_inv() pointer in EC_METHOD. Changed the info callback signals for the start and end of a post-handshake message exchange in TLSv1.3. Various other updates.
tags | tool, encryption, protocol
systems | unix
SHA-256 | 5c557b023230413dfb0756f3137a13e6d726838ccd1430888ad15bfb2b43ea4b
OpenSSL Toolkit 1.1.1a
Posted Nov 21, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a timing vulnerability in DSA signature generation and another in ECDSA signature generation. Added EVP_PKEY_ECDH_KDF_X9_63 and ecdh_KDF_X9_63() as replacements for the EVP_PKEY_ECDH_KDF_X9_62 KDF type and ECDH_KDF_X9_62(). Various other updates.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2018-0734, CVE-2018-0735
SHA-256 | fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41
OpenSSL Toolkit 1.1.1
Posted Sep 11, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added a new ClientHello callback. Added SM2 base algorithm support. Various other updates.
tags | tool, encryption, protocol
systems | unix
SHA-256 | 2836875a0f89c03d0fdf483941512613a50cfb421d6fd94b9f41d7279d586a3d
OpenSSL Toolkit 1.1.0i
Posted Aug 17, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Addressed a client denial of service due to a large DH parameter addressed. Cache timing vulnerability fixed. Various other updates and fixes.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2018-0732, CVE-2018-0737
SHA-256 | ebbfc844a8c8cc0ea5dc10b86c9ce97f401837f3fa08c17b2cdadc118253cf99
OpenSSL Toolkit 1.1.0h
Posted Mar 29, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Addressed an issue where constructed ASN.1 types with a recursive definition could exceed the stack. Also address was an incorrect CRYPTO_memcmp on HP-UX PA-RISC amongst other issues.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2018-0733, CVE-2018-0739
SHA-256 | 5835626cde9e99656585fc7aaa2302a73a7e1340bf8c14fd635a62c66802a517
OpenSSL Toolkit 1.0.2o
Posted Mar 29, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Addressed an issue where constructed ASN.1 types with a recursive definition could exceed the stack.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2018-0739
SHA-256 | ec3f5c9714ba0fd45cb4e087301eb1336c317e0d20b575a125050470e8089e4d
OpenSSL Toolkit 1.0.2n
Posted Dec 9, 2017
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Read/write after SSL object in error state addressed. rsaz_1024_mul_avx2 overflow bug on x86_64 addressed. Various other issues address.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2017-3737, CVE-2017-3738
SHA-256 | 370babb75f278c39e0c50e8c4e7493bc0f18db6867478341a832a982fd15a8fe
Page 1 of 4
Back1234Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close