similar to: FreeBSD Security Advisory FreeBSD-SA-06:23.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:23.openssl Security Advisory The FreeBSD Project Topic: Multiple problems in crypto(3) Category: contrib Module: openssl Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:23.openssl Security Advisory The FreeBSD Project Topic: Multiple problems in crypto(3) Category: contrib Module: openssl Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:23.openssl Security Advisory The FreeBSD Project Topic: Multiple problems in crypto(3) Category: contrib Module: openssl Announced:

I did that the last time one year ago, now on another machine with the same software (Ubuntu 16.04) it fails. openssl dhparam 4096 > /var/lib/dovecot/ssl-parameters.dat dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem last command fails with 681+0 records in 681+0 records out 681 bytes copied, 0,00278343 s, 245 kB/s unable to load

Hi, I want to disable dh_key/ssl-parameters.dat entirely since i'm only using ECDHE ciphers. > # 2.2.34 (874deae): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.22 (22940fb7) # OS: Linux 4.9.0-6-amd64 x86_64 Debian 9.4 # Hostname: somehost.com auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 days auth_username_chars =

Connecting to dovecot with ssl3 causes imap-login to die: $ openssl s_client -connect localhost:993 -ssl3 CONNECTED(00000003) 4277630796:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:s3_pkt.c:1461:SSL alert number 40 4277630796:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:645: --- no peer certificate available --- No client certificate

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:06.openssl Security Advisory The FreeBSD Project Topic: OpenSSL timing-based SSL/TLS attack Category: crypto Module: openssl Announced:

OpenSSH Developers, I'm researching whether or not OpenSSH is a viable commercial alternative to F-SECURE SSH or SSH.COM's ssh, but I'm not getting the kind of results that I expected from a "Non patent encumbered ssh client". When I attempt to build OpenSSH against an OpenSSL build without rc5, idea, or rsa it bombs since OpenSSL doesn't place the header files in the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:18.openssl Security Advisory The FreeBSD Project Topic: OpenSSL vulnerabilities in ASN.1 parsing Category: crypto Module: openssl Announced:

I'm really racking my brain trying to figure this one out here. I am running a pop3 server for remote offices on CentOS 5.2. We purchased a SSL cert from Verisign and installed it on our dovecot server, but I continue to get failure problems with the cert and I don't know where to go from here. here is some info about our config: dovecot version: # dovecot --version 1.0.7 hostname:

On 20/03/2015 18:24, Timo Sirainen wrote: >> Connecting to dovecot with ssl3 causes imap-login to die: >> >> Mar 20 11:30:35 MAILHOST dovecot: [ID 583609 mail.crit] imap-login: Fatal: master: service(imap-login): child 21918 killed with signal 11 (core dumped) [last ip=127.0.0.1] > > I can't reproduce it. I tried it with the same ssl_* settings you had. Can you get a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:18.openssl Security Advisory The FreeBSD Project Topic: OpenSSL vulnerabilities in ASN.1 parsing Category: crypto Module: openssl Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:08.openssl Security Advisory The FreeBSD Project Topic: Buffer overflow in OpenSSL SSL_get_shared_ciphers() Category: contrib Module: openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:08.openssl Security Advisory The FreeBSD Project Topic: Buffer overflow in OpenSSL SSL_get_shared_ciphers() Category: contrib Module: openssl

I think I guess what the error is. I've configured slapd to require a valid certificate for all TLS incoming sessions. However, I didn't create a ertificate for OpenLDAP client. I am going to do so. --- Bahya NASSR EDDINE <bahya_nassr@yahoo.fr> a ?crit : > Date: Wed, 27 Jul 2005 11:46:50 +0200 (CEST) > De: Bahya NASSR EDDINE <bahya_nassr@yahoo.fr> > Objet: RE: RE

Hello everyone, I've been asked by a colleague to have a look at some extremely weird dovecot SSL issue they are seeing on one of the student mailservers. They are running dovecot 1.1.6 (yes, I know, a bit old ...) on SLES 10.2 x86_64 with imap(+starttls), imaps, pop3(+starttls) and pop3s enabled. Every couple of weeks the pop3s and pop3+starttls part bail out out. Clients can't connect,

Hi all, I've managed to get dovecot running with ldaps (ssl over port 636, not starttls). Btw, it's working right only if i specify "TLSVerifyClient never" in my slapd.conf. With any other parameter (like "TLSVerifyClient demand"), the bind fails with: connection_get(12) connection_get(12): got connid=0 connection_read(12): checking for input on id=0 TLS trace:

I did not see any commits to the OpenSSL code, recently; is anybody going to commit the fix? See http://www.securityfocus.com/archive/1/480855/30/0 for details ... Regards, STefan

Hello Dovecot users! There seems to be a new dependency in some modules (eg, lib-storage, libdovecot-lda, libdovecot-ssl) on OpenSSL. In Dovecot 2.0, those modules didn't require OpenSSL, but 2.1 does. For the linking process the path to the OpenSSL library isn't specified properly (SSL_LIBS). Dovecot fails to build if OpenSSL is in a non-standard path. (Haven't checked if SSL_CFLAGS

Hello, I tried to compile Dovecot 2.2.5 on Debian 6 with an alternate OpenSSL installation located at /usr/local/ssl A compilation with CPPFLAGS="-I/usr/local/ssl/include" \ LDFLAGS="-L/usr/local/ssl/lib -Wl,-rpath=/usr/local/ssl/lib" \ SSL_LIBS="-L/usr/local/ssl/lib -Wl,-rpath=/usr/local/ssl/lib" \ ./configure \ --prefix=/opt/dovecot-2.2.5 \ --enable-asserts \