similar to: FreeBSD Security Advisory FreeBSD-SA-06:23.openssl [REVISED]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:23.openssl Security Advisory The FreeBSD Project Topic: Multiple problems in crypto(3) Category: contrib Module: openssl Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:23.openssl Security Advisory The FreeBSD Project Topic: Multiple problems in crypto(3) Category: contrib Module: openssl Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:23.openssl Security Advisory The FreeBSD Project Topic: Multiple problems in crypto(3) Category: contrib Module: openssl Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:06.openssl Security Advisory The FreeBSD Project Topic: OpenSSL timing-based SSL/TLS attack Category: crypto Module: openssl Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:18.openssl Security Advisory The FreeBSD Project Topic: OpenSSL vulnerabilities in ASN.1 parsing Category: crypto Module: openssl Announced:

On 20/03/2015 18:24, Timo Sirainen wrote: >> Connecting to dovecot with ssl3 causes imap-login to die: >> >> Mar 20 11:30:35 MAILHOST dovecot: [ID 583609 mail.crit] imap-login: Fatal: master: service(imap-login): child 21918 killed with signal 11 (core dumped) [last ip=127.0.0.1] > > I can't reproduce it. I tried it with the same ssl_* settings you had. Can you get a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:18.openssl Security Advisory The FreeBSD Project Topic: OpenSSL vulnerabilities in ASN.1 parsing Category: crypto Module: openssl Announced:

I did that the last time one year ago, now on another machine with the same software (Ubuntu 16.04) it fails. openssl dhparam 4096 > /var/lib/dovecot/ssl-parameters.dat dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem last command fails with 681+0 records in 681+0 records out 681 bytes copied, 0,00278343 s, 245 kB/s unable to load

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:08.openssl Security Advisory The FreeBSD Project Topic: Buffer overflow in OpenSSL SSL_get_shared_ciphers() Category: contrib Module: openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:08.openssl Security Advisory The FreeBSD Project Topic: Buffer overflow in OpenSSL SSL_get_shared_ciphers() Category: contrib Module: openssl

Hi, I want to disable dh_key/ssl-parameters.dat entirely since i'm only using ECDHE ciphers. > # 2.2.34 (874deae): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.22 (22940fb7) # OS: Linux 4.9.0-6-amd64 x86_64 Debian 9.4 # Hostname: somehost.com auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 days auth_username_chars =

I'm really racking my brain trying to figure this one out here. I am running a pop3 server for remote offices on CentOS 5.2. We purchased a SSL cert from Verisign and installed it on our dovecot server, but I continue to get failure problems with the cert and I don't know where to go from here. here is some info about our config: dovecot version: # dovecot --version 1.0.7 hostname:

I think I guess what the error is. I've configured slapd to require a valid certificate for all TLS incoming sessions. However, I didn't create a ertificate for OpenLDAP client. I am going to do so. --- Bahya NASSR EDDINE <bahya_nassr@yahoo.fr> a ?crit : > Date: Wed, 27 Jul 2005 11:46:50 +0200 (CEST) > De: Bahya NASSR EDDINE <bahya_nassr@yahoo.fr> > Objet: RE: RE

Hello everyone, I've been asked by a colleague to have a look at some extremely weird dovecot SSL issue they are seeing on one of the student mailservers. They are running dovecot 1.1.6 (yes, I know, a bit old ...) on SLES 10.2 x86_64 with imap(+starttls), imaps, pop3(+starttls) and pop3s enabled. Every couple of weeks the pop3s and pop3+starttls part bail out out. Clients can't connect,

Hi all, I've managed to get dovecot running with ldaps (ssl over port 636, not starttls). Btw, it's working right only if i specify "TLSVerifyClient never" in my slapd.conf. With any other parameter (like "TLSVerifyClient demand"), the bind fails with: connection_get(12) connection_get(12): got connid=0 connection_read(12): checking for input on id=0 TLS trace:

Connecting to dovecot with ssl3 causes imap-login to die: $ openssl s_client -connect localhost:993 -ssl3 CONNECTED(00000003) 4277630796:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:s3_pkt.c:1461:SSL alert number 40 4277630796:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:645: --- no peer certificate available --- No client certificate

OpenSSH Developers, I'm researching whether or not OpenSSH is a viable commercial alternative to F-SECURE SSH or SSH.COM's ssh, but I'm not getting the kind of results that I expected from a "Non patent encumbered ssh client". When I attempt to build OpenSSH against an OpenSSL build without rc5, idea, or rsa it bombs since OpenSSL doesn't place the header files in the

Hi, I am running into a interesting issue with Dovecot. I compiled Dovecot 2.0.7 with LD_RUN_PATH set to /xsys/lib and it was able to find and link against the correct OpenSSL libraries (/xsys/lib), the generated Makefile look OK. Here is a snippet of the SSL cflags and libs. SSL_CFLAGS = -I/xsys/include SSL_LIBS = -L/xsys/lib -lssl -lcrypto -ldl After I compil, install and run Dovecot I

Hello Dovecot users! There seems to be a new dependency in some modules (eg, lib-storage, libdovecot-lda, libdovecot-ssl) on OpenSSL. In Dovecot 2.0, those modules didn't require OpenSSL, but 2.1 does. For the linking process the path to the OpenSSL library isn't specified properly (SSL_LIBS). Dovecot fails to build if OpenSSL is in a non-standard path. (Haven't checked if SSL_CFLAGS

Hi folks, when building Dovecot 2.0.rc3 (never used any other 2.0.X before, so this issue might not be new to that specific release), then compilation fails on anything that is linked against the new "libdovecot-login.so" library. For example, "imap-login" fails: /bin/sh ../../libtool --tag=CC --mode=link gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes