01.Nov.2022
|
Encryption protocol: AmiSSL 5.5 (AmigaOS 3/4)
The open source encryption protocol AmiSSL has been updated to version 5.5 and is now based on the latest OpenSSL 3.0.7, which was also released today. This fixes a security problem that has existed since OpenSSL 3.0.0 and is now classified as high: a buffer overflow could be triggered when checking X.509 certificates. Thus, all users who have installed a version 5 of AmiSSL (based on OpenSSL 3) are recommended to update. The changes:
- Updated OpenSSL backend to full compatibility with the latest OpenSSL 3.0.7 (1.11.2022) version, which includes:
- Added RIPEMD160 to the default provider.
- Fixed regressions introduced in 3.0.6 version.
- Fixed two buffer overflows in punycode decoding functions. ([CVE-2022-3786]) and ([CVE-2022-3602])
- Improved and simplified random number seeding routines.
- The AMISSL_NO_STATIC_FUNCTIONS preprocessor symbol has been added to the SDK, mainly for use with VBCC
Download AmigaOS 3: AmiSSL-5.5-OS3.lha (3,3 MB)
Download AmigaOS 4: AmiSSL-5.5-OS4.lha (3,1 MB)
Download SDK: AmiSSL-5.5-SDK.lha (2,3 MB) (dr)
[News message: 01. Nov. 2022, 21:25] [Comments: 2 - 02. Nov. 2022, 08:16]
[Send via e-mail] [Print version] [ASCII version]
|
