Search results
Results from the WOW.Com Content Network
A workaround for SSL 3.0 and TLS 1.0, roughly equivalent to random IVs from TLS 1.1, was widely adopted by many implementations in late 2011. [30] In 2014, the POODLE vulnerability of SSL 3.0 was discovered, which takes advantage of the known vulnerabilities in CBC, and an insecure fallback negotiation used in browsers.
The mod_ssl v1 package was initially created in April 1998 by Ralf S. Engelschall via porting Ben Laurie's Apache-SSL 1.17 source patches for Apache 1.2.6 to Apache 1.3b6. [1] Because of conflicts with Ben Laurie's development cycle it then was re-assembled from scratch for Apache 1.3.0 by merging the old mod_ssl 1.x with the newer Apache-SSL 1.18.
OpenSSL clients are vulnerable in all versions of OpenSSL before the versions 0.9.8za, 1.0.0m and 1.0.1h. Servers are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution. [82]
In 2021 Google funded the creation of mod_tls, a new TLS module for Apache HTTP Server using Rustls. [38] [39] The new module is intended to be a successor to the mod_ssl module that uses OpenSSL, as a more secure default. [38] [40] As of August 2024, mod_tls is available in the latest version of Apache but still marked as experimental. [41]
Download QR code; Print/export Download as PDF; ... Apache 1.0: 4.0.0 [18] ... The OpenSSL Project: C: Yes: Apache 2.0: 3.4.0 ...
This is a list of free and open-source software (FOSS) packages, computer software licensed under free software licenses and open-source licenses. Software that fits the Free Software Definition may be more appropriately called free software ; the GNU project in particular objects to their works being referred to as open-source . [ 1 ]
LibreSSL is an open-source implementation of the Transport Layer Security (TLS) protocol. The implementation is named after Secure Sockets Layer (SSL), the deprecated predecessor of TLS, for which support was removed in release 2.3.0.
MatrixSSL since version 3.7.1 released in December 2014 [3] Network Security Services since version 3.15.5 released in April 2014 [4] OpenSSL since version 1.0.2 released in January 2015 [5] LibreSSL since version 2.1.3 released in January 2015 [6] mbed TLS (previously PolarSSL) since version 1.3.6 released in April 2014 [7]