LibreSSL 2.1.1 released.

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

LibreSSL 2.1.1 released.

Bob Beck-3
We have released LibreSSL 2.1.1- which should be arriving in the
LIbreSSL directory of an OpenBSD mirror near you very soon.

This release includes:

* Address POODLE attack by disabling SSLv3 by default
* Fix Eliptical Curve cipher selection bug

As well as continued ongoing fixes as we proactively change the
codebase to reflect modern safe programming practices. The success of
this is reflected in the fact that LibreSSL was not vulnerable to the
two memory leak issues released on "OpenSSL Tuesday" - They were in
fact initially
fixed in LibreSSL.

As noted before, we welcome feedback from the broader community.