Tag Archives: Update

Release of OpenSSL v0.9.8t and v1.0.0g

Posted on by
3

Just a few weeks after the last release the OpenSSL team released important updates to fix issues in both source branches. Again…

Direct links for the updated versions:
http://indy.fulgan.com/SSL/openssl-0.9.8t-i386-win32.zip
http://indy.fulgan.com/SSL/openssl-0.9.8t-x64_86-win64.zip
http://indy.fulgan.com/SSL/openssl-1.0.0g-i386-win32.zip
http://indy.fulgan.com/SSL/openssl-1.0.0g-x64_86-win64.zip

The update fixes a possible DTLS DoS attack. This is related to encrypted Datagrams, e.g. encrypted VoIP or Audio/Video Streams (and encrypted UDP in general).

- Arvid

P.S.: Update has been on the server for a few days, forget to publish this post. Sorry about.

Release of OpenSSL v0.9.8s and v1.0.0f

Posted on by
Reply

The OpenSSL team released important updates to both source branches. As usual I prepared updated, precompiled and tested libraries for your convenience.

Direct links for the updated versions:
http://indy.fulgan.com/SSL/openssl-0.9.8s-i386-win32.zip
http://indy.fulgan.com/SSL/openssl-0.9.8s-x64_86-win64.zip
http://indy.fulgan.com/SSL/openssl-1.0.0f-i386-win32.zip
http://indy.fulgan.com/SSL/openssl-1.0.0f-x64_86-win64.zip

Those updates include important Bug and Security Fixes, updating is recommended.

- Arvid

Precompiled OpenSSL v1.0.0e for Win32/64

Posted on by
4

Again there’s a new Version of OpenSSL, this time only the 1.0 main branch was affected by a security flaw:

Direct Download
for Win32: http://indy.fulgan.com/SSL/openssl-1.0.0e-i386-win32.zip
for Win64: http://indy.fulgan.com/SSL/openssl-1.0.0e-x64_86-win64.zip

As usual you’ll find the ReadMe, Hashes and the OpenSSL binary inside of the ZIP.

Cheers,
Arvid

Rerelease of OpenSSL v0.9.8r and v1.0.0d for Indy

Posted on by
9

Hello,

after some weeks of extensive testing I am now releasing updated versions of the above mentioned OpenSSL DLLs. Those libraries are now tested with Windows 2000 up to Windows 7 (x32 and x64 where available). As usual there are no dependencies to any runtime libraries beside the common Kernel/WinSock2 etc.pp.

As I mentioned in the Important Compatibility Announcement two weeks ago I had made a mistake during the compilation of the last two published OpenSSL versions which led to an incompatibility with Windows 2000 and early XP versions. Check the linked post for a list of affected versions.

The issue is now fixed.

Here are the direct links for the updated release for Win32/64:
http://indy.fulgan.com/SSL/openssl-0.9.8r-i386-win32-rev2.zip
http://indy.fulgan.com/SSL/openssl-1.0.0d-i386-win32-rev2.zip
http://indy.fulgan.com/SSL/openssl-0.9.8r-x64_86-win64-rev2.zip
http://indy.fulgan.com/SSL/openssl-1.0.0d-x64_86-win64-rev2.zip

I am sorry for the inconvenience caused and I would like to thank Jason Smith again for bringing this issue to my attention and Salvor Hardin for his help!

As Salvor stated in one of his comments using Visual C++ 2008 with an adjusted makefile works (the /MT switch as mentioned in the previous post). We should keep in mind that this way of building the DLLs may not work in future but for now and the next few years it should do the trick. To make it short – @Savlor: You were right!

Cheers,
Arvid

OpenSSL v0.9.8r and v1.0.0d for Indy

Posted on by
1

Hi,

You can download precompiled versions of the new OpenSSL libaries from our official Indy Mirror (The Fulgan Mirror).

Direct Links for the x32 versions:
http://indy.fulgan.com/SSL/openssl-0.9.8r-i386-win32.zip
http://indy.fulgan.com/SSL/openssl-1.0.0d-i386-win32.zip

The 0.9.8 branch is only made available for compatibility reasons, if you have the choice take the newer 1.0 version. Both versions are supported by Indy, so it’s up to you.

You’ll find a “ReadMe”, License Information and File Hashes inside the zip archives. This version is including important bug and security fixes, using it is strongly recommended. The DLLs have no dependencies and are ready to use (ready for shipping with your application).

We include the OpenSSL.exe in the download, too. This file is not required for deployment of your own application, but it may be useful for handling certificates on your own during app development.

Regards,
Arvid