[B! openssl] sora_hã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

sora_h id:sora_h

opensslã«é–¢ã™ã‚‹sora_hã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (19)

${{author_name}}$

{{author_name}} {{created}}

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

${{author_name}}$
{{author_name}}{{created}}
{{ #comment }}{{ comment }}{{ /comment }}
- {{ label }}

{{#following_bookmarks}}

${{author_name}}$

{{author_name}} {{created}}

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

{{/following_bookmarks}}

{{/is_wiped}}

OpenSSL Security Advisory [3rd May 2016]
sora_h 2016/05/03
openssl

security

release
ãƒªãƒ³ã‚¯
OpenSSH Security Advisory: x11fwd.adv
sora_h 2016/03/12
openssl

security
ãƒªãƒ³ã‚¯
OpenSSL CVE-2016-0799: heap corruption via BIO_printf
Build a website. Sell something. Blog. And so much more.
sora_h 2016/03/01
security

openssl

cve-2016-0799
ãƒªãƒ³ã‚¯
OpenSSL Security Advisory [28th Jan 2016]
sora_h 2016/01/29
security

openssl

cve-2016-0701
ãƒªãƒ³ã‚¯
OpenSSL Key Recovery Attack on DH small subgroups (CVE-2016-0701)
OpenSSL Key Recovery Attack on DH small subgroups (CVE-2016-0701) Usual Mandatory Disclaimer: IANAC (I am not a cryptographer) so I might likely end up writing a bunch of mistakes in this blog post... tl;dr The OpenSSL 1.0.2 releases suffer from a Key Recovery Attack on DH small subgroups. This issue got assigned CVE-2016-0701 with a severity of High and OpenSSL 1.0.2 users should upgrade to 1.0.2
sora_h 2016/01/29
openssl

security

cve-2016-0701
ãƒªãƒ³ã‚¯
Alternative chains certificate forgery (CVE-2015-1793) | OpenSSL Security Advisory [9 Jul 2015]
sora_h 2015/07/09
security

openssl
ãƒªãƒ³ã‚¯
OpenSSL command line Root and Intermediate CA including OCSP, CRL and revocation - Raymii.org
OpenSSL command line Root and Intermediate CA including OCSP, CRL and revocation Published: 03-03-2015 | Last update: 17-12-2018 | Author: Remy van Elst | Text only version of this article â— This post is over four years old. It may no longer be up to date. Opinions may have changed. These are quick and dirty notes on generating a certificate authority (CA), intermediate certificate authorities and
sora_h 2015/04/12
openssl
ãƒªãƒ³ã‚¯
è¯éº—ãªã‚‹å› æ•°åˆ†è§£:FREAKæ”»æ’ƒã®ä»•çµ„ã¿ - ã¼ã¡ã¼ã¡æ—¥è¨˜
1. ã¯ã˜ã‚ã« ã¡ã‚‡ã†ã©ä»Šæœ OpenSSLã‚’ã¯ã˜ã‚ã¨ã—ãŸæ§˜ã€…ãªTLSå®Ÿè£…ã®è„†å¼±æ€§ã®è©³ç´°ãŒå…¬è¡¨ã•ã‚Œã¾ã—ãŸã€‚ ã“ã® Inriaã¨MSRã®ã‚°ãƒ«ãƒ¼ãƒ—ã¯ä»¥å‰ã‹ã‚‰TLSã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã«é–¢ã—ã¦éžå¸¸ã«ã‚¢ã‚¯ãƒ†ã‚£ãƒ–ã«èª¿æŸ»ãƒ»æ¤œè¨¼ã‚’ã—ã¦ã„ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—ã§ã€ä»Šå›žã‚‚é©šãã®å†…å®¹ã§ã—ãŸã€‚ ã“ã®ã‚°ãƒ«ãƒ¼ãƒ—ã¯ã€TLSã®ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯æ™‚ã®çŠ¶æ…‹é·ç§»ã‚’åŽ³å¯†ã«ãƒã‚§ãƒƒã‚¯ã™ã‚‹ãƒ„ãƒ¼ãƒ«ã‚’é–‹ç™ºã—ã€æ§˜ã€…ãªTLSå®Ÿè£…ã®è„†å¼±æ€§ã‚’ç™ºè¦‹ãƒ»å ±å‘Šã‚’è¡Œã£ã¦ã„ãŸã‚ˆã†ã§ã™ã€‚ ç‰¹ã«FREAKã¨å‘¼ã°ã‚Œã‚‹OpenSSLã®è„†å¼±æ€§(CVE-2015-0204)ã«é–¢ã—ã¦ã¯ã€ã¡ã‚‡ã†ã©ä¿®æ£ç›´å¾Œã®1æœˆåˆã‚ã« Only allow ephemeral RSA keys in export ciphersuites ã§è¦‹ã¦ã„ã¾ã—ãŸãŒã€å…·ä½“çš„ã«ã©ã®ã‚ˆã†ã«æ”»æ’ƒã™ã‚‹ã®ã‹ã•ã£ã±ã‚Šã‚¤ãƒ¡ãƒ¼ã‚¸ã§ããšã€ã‚ã®ã‚°ãƒ«ãƒ¼ãƒ—ã ã‹ã‚‰ã¾ãŸè¶…çµ¶å¤‰æ…‹ãªæ‰‹æ³•ã ã‚ã†ãŒã€ã¾ããã‚Œã»ã©æ·±åˆ»ã˜ã‚ƒãªã„ã ã‚ã†ã¨è¦‹è¾¼ã‚“ã§ã„ã¾ã—ãŸã€‚ ä»Šå›ž
sora_h 2015/03/05
freak

tls

security

rsa

openssl
ãƒªãƒ³ã‚¯
ubuntu 14.04ã§ä¸€éƒ¨HTTPSãªã‚µã‚¤ãƒˆãŒè¦‹ã‚Œãªã„å•é¡Œã¸ã®è§£æ±º | Gehirn News
ã¯ã˜ã‚ã¾ã—ã¦ã€ã‚²ãƒ’ãƒ«ãƒ³ãƒ‹ãƒ¥ãƒ¼ã‚¹ã€‚ã‚¤ã‚±ãƒ¡ãƒ³è·å“¡ã®ã†ã¿ã•ã¾ã§ã™ã€‚ ä»Šæ—¥ã¯ã€ã‚²ãƒ’ãƒ«ãƒ³ãƒ‹ãƒ¥ãƒ¼ã‚¹ã®æŠ•ç¨¿æ•°æ¸›å°‘ã«æ¯æ¢ã‚ã‚’ã‹ã‘ã‚‹ãŸã‚ã€ä¸€éƒ¨ã®HTTPSãªã‚µã‚¤ãƒˆã«æŽ¥ç¶šã§ããªã„å•é¡Œã‚’è§£æ±ºã™ã‚‹æ–¹æ³•ã«ã¤ã„ã¦æ›¸ãã¾ã™ã€‚ ã“ã®å•é¡Œã¯Ubuntu14.04ãªã©ã®OpenSSL1.0.1aã‹ã‚‰1.0.1fã‚’æŽ¡ç”¨ã™ã‚‹ç’°å¢ƒã«ãŠã„ã¦ç™ºç”Ÿã™ã‚‹ã‚ˆã†ã§ã™ã€‚ ã¾ã¨ã‚ ã¡ã‚‡ã£ã¨é•·ã„ã®ã§ã€å…ˆã«ã¾ã¨ã‚ã ã‘ã€‚ Ubuntu14.04ãªã©ãŒæŽ¡ç”¨ã™ã‚‹OpenSSL1.0.1fã«ã¯ã€ä¸€éƒ¨HTTPSã‚µã‚¤ãƒˆã«æŽ¥ç¶šã§ããªã„å•é¡ŒãŒã‚ã‚‹ã€‚ 1.0.1gã§å¯¾å‡¦ã•ã‚Œã¦ã„ã‚‹ãŸã‚ã€ãƒ‘ãƒƒãƒãƒ³ã‚°ã™ã‚‹ã“ã¨ã§è§£æ±ºãŒå¯èƒ½ OpenSSLã¯é”çªŸã ã£ãŸ ç¾è±¡ã®å†…å®¹ å…ˆæ—¥ã€å¼Šç¤¾ãŒæ³•äººå‘ã‘ã«æä¾›ã—ã¦ã„ã‚‹PaaS(Ubuntu14.04ã‚’ä½¿ç”¨)ã«ã¦ã€ç‰¹å®šã®HTTPSã‚µã‚¤ãƒˆã«æŽ¥ç¶šã§ããªã„ï¼ã¨ã„ã†éšœå®³å ±å‘ŠãŒä¸ŠãŒã‚Šã¾ã—ãŸã€‚ èª¿ã¹ã¦ã¿ã‚‹ã¨ã€ç¢ºã‹ã« ã¨ã—ã¦ã‚‚å¿œç”ã‚’å—ã‘å–ã‚‹ã“ã¨ãŒã§ããšã€ä¸€éƒ¨ã®H
sora_h 2014/07/02
ã‚ãã€ã¿ã‚“ãªã¯ã¾ã‚‹ BIG-IP ã® handshake å•é¡Œã

openssl
ãƒªãƒ³ã‚¯
ImperialViolet - BoringSSL
Earlier this year, before Apple had too many goto fails and GnuTLS had too few, before everyone learnt that TLS heart-beat messages were a thing and that some bugs are really old, I started a tidy up of the OpenSSL code that we use at Google. We have used a number of patches on top of OpenSSL for many years. Some of them have been accepted into the main OpenSSL repository, but many of them donâ€™t m
sora_h 2014/06/23
google

security

boringssl

openssl

ssl
ãƒªãƒ³ã‚¯
OpenSSL Valhalla Rampage
Many thanks to all of the awesome hackers that have made this release possible. Again, if you like the work that OpenBSD is doing, please donate here Provide a ressl config function that explicitly clears keys. Now that ressl config takes copies of the keys passed to it, the keys need to be explicitly cleared. While this can be done by calling the appropriate functions with a NULL pointer, it is s
sora_h 2014/05/26
è‰¯ã„

libressl

openbsd

openssl
ãƒªãƒ³ã‚¯
OpenBSD has started a massive strip-down and cleanup of OpenSSL
OpenBSD has started a massive strip-down and cleanup of OpenSSL Contributed by phessler on 2014-04-15 from the how-i-learned-to-stop-worrying-and-shine-the-turd dept. The denizens of lobste.rs (and no doubt you, eagle-eyed reader!) have made note of the ongoing rototilling of the OpenSSL code in OpenBSD, and Joshua Stein (jcs@) has chimed in with a quick breakdown of the action thus far: Changes s
sora_h 2014/04/17
openopenssl

openssl

openbsd
ãƒªãƒ³ã‚¯
OpenOpenSSL
the main OpenOpenSSL pageAbout OpenOpenSSL ProjectÂ Goals Hardware Platforms Daily Changelog Security Crypto Events Papers Press Commercial Support GettingÂ OpenOpenSSL CDs/T-shirts/Posters Getting Releases Installing OpenOpenSSL GettingÂ Source AnonCVS CVSync Web OpenOpenSSLÂ Resources Manuals FAQ Patches Reporting Mailing Lists Application Packages Books that Help SupportingÂ Open
sora_h 2014/04/17
openbsd

openopenssl

openssl

security
ãƒªãƒ³ã‚¯
OpenBSDãŒOpenSSLã®å¤§æŽƒé™¤ã«ç€æ‰‹ã€ã€ŒOpenOpenSSLã€ã‚µã‚¤ãƒˆã‚‚ç«‹ã¡ä¸ŠãŒã‚‹ | ã‚¹ãƒ©ãƒ‰ ã‚ªãƒ¼ãƒ—ãƒ³ã‚½ãƒ¼ã‚¹
OpenBSDãŒOpenSSLã®å¤§æŽƒé™¤ã«ç€æ‰‹ã—ã¦ã„ã¾ã™ï¼ˆslashdotï¼‰ã€‚ ãŸã¨ãˆã°libssl/src/sslã‚’è¦‹ã‚‹ã¨ã€CVSã«ç½µå€’ã¨ä¿®æ£ãŒã²ã£ãã‚Šãªã—ã«è¨˜éŒ²ã•ã‚Œã¦ã„ã¾ã™ã€‚ Heatbleedå¯¾ç–ã®ãƒ‘ãƒƒãƒã ã‘ã§æº€è¶³ã—ãªã‹ã£ãŸç†ç”±ã¯ã€å½¼ã‚‰ã‹ã‚‰è¦‹ã¦HeartbleedãŒå˜ãªã‚‹ãƒã‚°ã‚„ä»•æ§˜ã®å•é¡Œã§ã¯ãªãã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£æ„è˜ã®å•é¡Œã‹ã‚‰ç”£ã¾ã‚ŒãŸã‚‚ã®ã ã‹ã‚‰ã§ã™ã€‚ ä½•å¹´ã‚‚å‰ã‹ã‚‰ ã€ŒOpenSSL ã¯ã‚µãƒ«ãŒæ›¸ã„ã¦ã‚‹ã‚“ã ã‚ã†ã€ã¨æ¶æ„ã—ã¦ã„ãŸã¨ãŠã‚Šã€OpenSSL ã‚³ãƒ¼ãƒ‰ã®å“è³ªãŒä½Žã„ã“ã¨ã‚’OpenBSDé–‹ç™ºè€…ãŸã¡ã¯çŸ¥ã£ã¦ã„ã¾ã—ãŸãŒã€ãã‚ŒãŒæ„è˜ã‚„è²¬ä»»æ„Ÿã®å•é¡Œã ã¨ã„ã†ç¢ºä¿¡ã¯ã¾ã ãªã‹ã£ãŸã®ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ã€‚ OpenBSD ã«ã¯ãƒ¡ãƒ¢ãƒªé˜²è·æ©Ÿæ§‹ãŒã‚ã‚Šã¾ã™ã®ã§ã€Heartbleedè„†å¼±æ€§ãŒã‚ã£ã¦ã‚‚å½“åˆã€malloc.confã«Jã‚ªãƒ—ã‚·ãƒ§ãƒ³ã‚’ä»˜ã‘ã‚Œã°freeæ¸ˆã¿ãƒ¡ãƒ¢ãƒªã¯ã‚·ãƒ¥ãƒ¬ãƒƒãƒ€ãƒ¼ã«ã‹ã‘ã‚‰ã‚Œç§˜å¯†ã¯æ¼ã‚Œãªã„ã ã‚ã†ã¨æ€ã£ãŸãã†
sora_h 2014/04/17
openbsd

openssl

security
ãƒªãƒ³ã‚¯
"make OPENSSL_NO_HEARTBLEED the default and only option. ok deraadt miod" - src/lib/libssl/src/ssl/t1_lib.c - view - 1.16
sora_h 2014/04/15
ã“ã‚Œã¯â€¦â€¦â€¦

openbsd

heartbleed

openssl
ãƒªãƒ³ã‚¯
Security: Heartbleed vulnerability
AI & MLLearn about artificial intelligence and machine learning across the GitHub ecosystem and the wider industry. Generative AILearn how to build with generative AI. GitHub CopilotChange how you work with GitHub Copilot. LLMsEverything developers need to know about LLMs. Machine learningMachine learning tips, tricks, and best practices. How AI code generation worksExplore the capabilities and be
sora_h 2014/04/09
github

heartbleed

security

openssl

ssl

tls

https
ãƒªãƒ³ã‚¯
AWS ã‹ã‚‰ OpenSSL ã®è„†å¼±æ€§ã«ã¤ã„ã¦ AWS ã®ã‚µãƒ¼ãƒ“ã‚¹ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆ | ã‚¢ãƒžã‚¾ãƒ³ ã‚¦ã‚§ãƒ– ã‚µãƒ¼ãƒ“ã‚¹ï¼ˆAWS æ—¥æœ¬èªžï¼‰
April 08, 2014 We have reviewed all AWS services for impact for the issue described in CVE-2014-0160 (also known as the Heartbleed bug). With the exception of the services listed below, we have either determined that the services were unaffected or have been able to apply mitigations that do not require customer action. Elastic Load Balancing: We can confirm that all load balancers affected by the
sora_h 2014/04/09
aws

security

openssl

ssl

tls

heartbleed

ec2

elb
ãƒªãƒ³ã‚¯
Blog | Moneytree
sora_h 2014/04/08
ã™ã”ã„

heartbleed

openssl

vulnerability

ssl

tls

security

moneytree
ãƒªãƒ³ã‚¯
NameBright.com - Next Generation Domain Registration existentialize.com is coming soon
sora_h 2014/04/08
openssl

security

vulnerability

heartbleed
ãƒªãƒ³ã‚¯
1

ãŠçŸ¥ã‚‰ã›

ã‚‚ã£ã¨èªã‚€

å…¬å¼Twitter

@HatenaBookmark
ãƒªãƒªãƒ¼ã‚¹ã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“ã‚¹ã®ãŠçŸ¥ã‚‰ã›
@hatebu
æœ€æ–°ã®äººæ°—ã‚¨ãƒ³ãƒˆãƒªãƒ¼ã®é…ä¿¡

ã‚ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

jæ¬¡ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

kå‰ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

lã‚ã¨ã§èªã‚€

eã‚³ãƒ¡ãƒ³ãƒˆä¸€è¦§ã‚’é–‹ã

oãƒšãƒ¼ã‚¸ã‚’é–‹ã

è¨å®šã‚’å¤‰æ›´ã—ã¾ã—ãŸx