OpenSSL
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. 6 CVE-2016-2842: 119: DoS Overflow 2016-03-03: 2018-01-04 OpenSSL OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library. For more information about the team and community around the project, or to start making your own contributions, start with the community page. Openssl-libs Download (RPM) - pkgs.org Download openssl-libs packages for CentOS, Fedora. Fedora aarch64 Official openssl-libs-1.1.1b-3.fc30.aarch64.rpm: A general purpose cryptography library with TLS implementation /news/changelog.html - OpenSSL Library code that changes the default library context using OPENSSL_CTX_set0_default should take care to restore it with a second call before returning to the caller. Richard Levitte. Handshake now fails if Extended Master Secret extension is dropped on renegotiation. Tomas Mraz. Dropped interactive mode from the 'openssl' program.
Openssl-libs Download (RPM) - pkgs.org
/news/changelog.html - OpenSSL Library code that changes the default library context using OPENSSL_CTX_set0_default should take care to restore it with a second call before returning to the caller. Richard Levitte. Handshake now fails if Extended Master Secret extension is dropped on renegotiation. Tomas Mraz. Dropped interactive mode from the 'openssl' program.
Openssl Openssl version 1.0.1j : Security vulnerabilities
Openssl Openssl version 1.0.1j : Security vulnerabilities The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. 6 CVE-2016-2842: 119: DoS Overflow 2016-03-03: 2018-01-04 OpenSSL