NEWS
====
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]
o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
o Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
o Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
o EBCDIC overread (CVE-2016-2176)
o Modify behavior of ALPN to invoke callback after SNI/servername
callback, such that updates to the SSL_CTX affect ALPN.
o Remove LOW from the DEFAULT cipher list. This removes singles DES from
the default.
o Only remove the SSLv2 methods with the no-ssl2-method option.
Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016]
o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
o Disable SSLv2 default build, default negotiation and weak ciphers
(CVE-2016-0800)
o Fix a double-free in DSA code (CVE-2016-0705)
o Disable SRP fake user seed to address a server memory leak
(CVE-2016-0798)
o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
(CVE-2016-0797)
o Fix memory issues in BIO_*printf functions (CVE-2016-0799)
o Fix side channel attack on modular exponentiation (CVE-2016-0702)
Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016]
o DH small subgroups (CVE-2016-0701)
o SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015]
o BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
o Certificate verify crash with missing PSS parameter (CVE-2015-3194)
o X509_ATTRIBUTE memory leak (CVE-2015-3195)
o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs
o In DSA_generate_parameters_ex, if the provided seed is too short,
return an error
Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015]
o Alternate chains certificate forgery (CVE-2015-1793)
o Race condition handling PSK identify hint (CVE-2015-3196)
Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015]
o Fix HMAC ABI incompatibility
Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015]
o Malformed ECParameters causes infinite loop (CVE-2015-1788)
o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
o CMS verify infinite loop with unknown hash function (CVE-2015-1792)
o Race condition handling NewSessionTicket (CVE-2015-1791)
Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015]
o OpenSSL 1.0.2 ClientHello sigalgs DoS fix (CVE-2015-0291)
o Multiblock corrupted pointer fix (CVE-2015-0290)
o Segmentation fault in DTLSv1_listen fix (CVE-2015-0207)
o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)
o Segmentation fault for invalid PSS parameters fix (CVE-2015-0208)
o ASN.1 structure reuse memory corruption fix (CVE-2015-0287)
o PKCS7 NULL pointer dereferences fix (CVE-2015-0289)
o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293)
o Empty CKE with client auth and DHE fix (CVE-2015-1787)
o Handshake with unseeded PRNG fix (CVE-2015-0285)
o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209)
o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288)
o Removed the export ciphers from the DEFAULT ciphers
Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015]:
o Suite B support for TLS 1.2 and DTLS 1.2
o Support for DTLS 1.2
o TLS automatic EC curve selection.
o API to set TLS supported signature algorithms and curves
o SSL_CONF configuration API.
o TLS Brainpool support.
o ALPN support.
o CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.
Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015]
o Build fixes for the Windows and OpenVMS platforms
Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015]
o Fix for CVE-2014-3571
o Fix for CVE-2015-0206
o Fix for CVE-2014-3569
o Fix for CVE-2014-3572
o Fix for CVE-2015-0204
o Fix for CVE-2015-0205
o Fix for CVE-2014-8275
o Fix for CVE-2014-3570
Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014]
o Fix for CVE-2014-3513
o Fix for CVE-2014-3567
o Mitigation for CVE-2014-3566 (SSL protocol vulnerability)
o Fix for CVE-2014-3568
Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014]
o Fix for CVE-2014-3512
o Fix for CVE-2014-3511
o Fix for CVE-2014-3510
o Fix for CVE-2014-3507
o Fix for CVE-2014-3506
o Fix for CVE-2014-3505
o Fix for CVE-2014-3509
o Fix for CVE-2014-5139
o Fix for CVE-2014-3508
Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
o Fix for CVE-2014-0224
o Fix for CVE-2014-0221
o Fix for CVE-2014-0198
o Fix for CVE-2014-0195
o Fix for CVE-2014-3470
o Fix for CVE-2010-5298
Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
o Fix for CVE-2014-0160
o Add TLS padding extension workaround for broken servers.
o Fix for CVE-2014-0076
Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
o Don't include gmt_unix_time in TLS server and client random values
o Fix for TLS record tampering bug CVE-2013-4353
o Fix for TLS version checking bug CVE-2013-6449
o Fix for DTLS retransmission bug CVE-2013-6450
Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]:
o Corrected fix for CVE-2013-0169
Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]:
o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
o Include the fips configuration module.
o Fix OCSP bad key DoS attack CVE-2013-0166
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
o Fix for TLS AESNI record handling flaw CVE-2012-2686
Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]:
o Fix TLS/DTLS record length checking bug CVE-2012-2333
o Don't attempt to use non-FIPS composite ciphers in FIPS mode.
Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]:
o Fix compilation error on non-x86 platforms.
o Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]:
o Fix for ASN1 overflow bug CVE-2012-2110
o Workarounds for some servers that hang on long client hellos.
o Fix SEGV in AES code.
Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]:
o TLS/DTLS heartbeat support.
o SCTP support.
o RFC 5705 TLS key material exporter.
o RFC 5764 DTLS-SRTP negotiation.
o Next Protocol Negotiation.
o PSS signatures in certificates, requests and CRLs.
o Support for password based recipient info for CMS.
o Support TLS v1.2 and TLS v1.1.
o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
o SRP support.
Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:
o Fix for CMS/PKCS#7 MMA CVE-2012-0884
o Corrected fix for CVE-2011-4619
o Various DTLS fixes.
Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]:
o Fix for DTLS DoS issue CVE-2012-0050
Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]:
o Fix for DTLS plaintext
没有合适的资源?快使用搜索试试~ 我知道了~
Poco动态库(VS2013编译)
共990个文件
h:846个
lib:62个
dll:46个
5星 · 超过95%的资源 需积分: 31 88 下载量 163 浏览量
2016-08-26
22:13:59
上传
评论 4
收藏 30.05MB RAR 举报
温馨提示
poco库编译后动态库,采用VS2013测试。Poco动态库源文件版本:1.7.4
资源推荐
资源详情
资源评论
收起资源包目录
Poco动态库(VS2013编译) (990个子文件)
libeay32.a 2.66MB
ssleay32.a 243KB
applink.c 3KB
libeay32.def 224KB
ssleay32.def 20KB
libmysql.dll 4.68MB
PocoDatad.dll 3.61MB
PocoFoundationd.dll 3.29MB
PocoDataODBCd.dll 2.54MB
PocoDataSQLited.dll 1.7MB
PocoNetd.dll 1.68MB
libeay32.dll 1.2MB
libeay32.dll 1.2MB
PocoFoundation.dll 1.15MB
PocoXMLd.dll 1.03MB
msvcr120.dll 948KB
PocoData.dll 916KB
PocoUtild.dll 894KB
PocoDataSQLite.dll 718KB
PocoNet.dll 697KB
PocoJSONd.dll 671KB
PocoZipd.dll 550KB
PocoNetSSLd.dll 511KB
PocoDataODBC.dll 460KB
PocoDataMySQLd.dll 420KB
PocoXML.dll 402KB
PocoMongoDBd.dll 349KB
PocoUtil.dll 305KB
ssleay32.dll 267KB
libssl32.dll 267KB
ssleay32.dll 267KB
PocoCryptod.dll 249KB
CppUnitd.dll 196KB
PocoJSON.dll 183KB
PocoNetSSL.dll 180KB
PocoZip.dll 158KB
PocoMongoDB.dll 111KB
PocoDataMySQL.dll 102KB
PocoCrypto.dll 86KB
gost.dll 58KB
CppUnit.dll 50KB
capi.dll 24KB
sureware.dll 16KB
chil.dll 16KB
cswift.dll 14KB
ubsec.dll 13KB
aep.dll 12KB
padlock.dll 11KB
atalla.dll 11KB
nuron.dll 9KB
gmp.dll 6KB
PocoFoundationd.exp 894KB
PocoFoundation.exp 894KB
PocoNetd.exp 601KB
PocoNet.exp 601KB
PocoXMLd.exp 330KB
PocoXML.exp 330KB
PocoDatad.exp 314KB
PocoData.exp 314KB
PocoUtild.exp 190KB
PocoUtil.exp 190KB
PocoDataODBCd.exp 184KB
PocoDataODBC.exp 184KB
PocoDataSQLited.exp 147KB
PocoDataSQLite.exp 147KB
PocoNetSSLd.exp 128KB
PocoNetSSL.exp 128KB
PocoDataMySQLd.exp 93KB
PocoDataMySQL.exp 93KB
PocoZipd.exp 92KB
PocoZip.exp 92KB
PocoJSONd.exp 63KB
PocoJSON.exp 63KB
PocoMongoDBd.exp 59KB
PocoMongoDB.exp 59KB
PocoCryptod.exp 45KB
PocoCrypto.exp 45KB
CppUnitd.exp 30KB
CppUnit.exp 30KB
safestack.h 201KB
obj_mac.h 176KB
ssl.h 149KB
NamedTuple.h 135KB
zlib.h 86KB
TypeHandler.h 80KB
evp.h 68KB
asn1.h 63KB
VarHolder.h 59KB
Logger.h 57KB
ec.h 56KB
Tuple.h 54KB
x509.h 53KB
Var.h 53KB
objects.h 48KB
engine.h 45KB
bn.h 41KB
expat.h 41KB
Binder.h 41KB
x509v3.h 40KB
tls1.h 39KB
共 990 条
- 1
- 2
- 3
- 4
- 5
- 6
- 10
资源评论
- yimixgg2018-12-10很好 。。。。。
- Barry__2017-02-06完美解决我的问题,连编译好的openssl都带了,太贴心了
- 光速时光2020-06-26楼主,你编译的这个是VS的还是mingw的?x64还是x86的?
黄林HL
- 粉丝: 4
- 资源: 7
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功