[openssl-dev] Windows Patch affecting connectivity to our applications
Matt Caswell
matt at openssl.org
Fri Apr 15 09:47:19 UTC 2016
On 15/04/16 10:33, Thirumal, Karthikeyan wrote:
> Yes Matt - I agree that it is a very old / low version that we are
> using. We faced few memory issues with the 0.9.8zc - so we backed out
> and lived with 9.8a. In addition we are also planning to terminate
> SSL at F5 rather than our Server - so we did not really care about
> the lower version.
>
> Am still unclear what is the patch that MS released on April 12 that
> is affecting the SSL communication ?
No idea - that's probably more a question for MS.
>
> Some more info - My F5 version in test region uses 0.9.8e version
> and connectivity is working fine. Can you clarify the SSL related
> differences between 8a and 8e ?
The Change log summarises the major differences. See:
https://github.com/openssl/openssl/blob/OpenSSL_0_9_8-stable/CHANGES#L1254
Matt
>
> Thanks & Regards ________________________ Karthikeyan Thirumal
>
> -----Original Message----- From: openssl-dev
> [mailto:openssl-dev-bounces at openssl.org] On Behalf Of Matt Caswell
> Sent: Friday, April 15, 2016 2:05 PM To: openssl-dev at openssl.org
> Subject: Re: [openssl-dev] Windows Patch affecting connectivity to
> our applications
>
>
>
> On 15/04/16 09:15, Thirumal, Karthikeyan wrote:
>> Dear Dev folks,
>>
>> My clients are facing are connectivity issues after windows
>> released their OS upgrade this week. I think they have changed the
>> way the SSL handshake happens.
>>
>> My Server is using openssl-0.9.8a and my client sits on a Microsoft
>> platform.
>>
>>
>>
>> From OpenSSL - do we have a recommendation to overcome this
>> connectivity issue that started after the Microsoft patch ? Please
>> confirm.
>
> We have not had other reports of this issue, so I have no specific
> recommendation. However openssl-0.9.8a is a *very* old version of
> OpenSSL (released October 2005). The 0.9.8 series is out of support
> and is no longer receiving security bug fixes. Your server is almost
> certainly vulnerable to significant security defects. You should
> upgrade to a supported version as soon as possible. As we have not
> had other reports of this problem this is likely to solve your
> Microsoft issue too.
>
> Matt
>
>
>
>>
>>
>>
>>
>>
>> Thanks & Regards ________________________ Karthikeyan Thirumal
>>
>>
>>
>>
>> ****************************************************** This message
>> and any files or attachments sent with this message contain
>> confidential information and is intended only for the individual
>> named. If you are not the named addressee, you should not
>> disseminate, distribute, copy or use any part of this email. If you
>> have received this message in error, please delete it and all
>> copies from your system and notify the sender immediately by return
>> Email.
>>
>> Email transmission cannot be guaranteed to be secure or error-free
>> as information can be intercepted, corrupted, lost, destroyed,
>> late, incomplete or may contain viruses. The sender, therefore,
>> does not accept liability for any errors or omissions in the
>> contents of this message, which arise as a result of email
>> transmission.
>> ******************************************************
>>
>>
> -- openssl-dev mailing list To unsubscribe:
> https://mta.openssl.org/mailman/listinfo/openssl-dev
>
> ****************************************************** This message
> and any files or attachments sent with this message contain
> confidential information and is intended only for the individual
> named. If you are not the named addressee, you should not
> disseminate, distribute, copy or use any part of this email. If you
> have received this message in error, please delete it and all copies
> from your system and notify the sender immediately by return Email.
>
> Email transmission cannot be guaranteed to be secure or error-free as
> information can be intercepted, corrupted, lost, destroyed, late,
> incomplete or may contain viruses. The sender, therefore, does not
> accept liability for any errors or omissions in the contents of this
> message, which arise as a result of email transmission.
> ******************************************************
>
More information about the openssl-dev
mailing list