News

  • YuCurl v1.0.0 New!
    • Initial release based on libcurl v8.11.0.
  • DIXml v7.0.3
    • Update libxml2 to version v2.13.4.
  • DISQLite3 v5.50.0
    • Update to SQLite v3.47.0.
    • FTS5 improvements: contentless_unindexed=1 option and fts5_tokenizer_v2 API with locale=1 option.
    • Performance enhancements.
  • SQLiteSpy v1.9.26
    • Update the built-in database engine to SQLite 3.47.0, DISQLite3 v5.50.0.
    • Add the stmtrand() SQL function extension.
  • YuOpenSSL-3.3 v1.0.1
    • Update to OpenSSL 3.3.2.
      • Fixed possible denial of service in X.509 name checks (CVE-2024-6119).
      • Fixed possible buffer overread in SSL_select_next_proto (CVE-2024-5535).
  • YuOpenSSL-3.0 v1.3.4
    • Update to OpenSSL 3.0.15.
      • Fixed possible denial of service in X.509 name checks (CVE-2024-6119).
      • Fixed possible buffer overread in SSL_select_next_proto (CVE-2024-5535).
  • YuOpenSSL-3.3 v1.0.0
    • First release of YuOpenSSL-3.3 based on OpenSSL 3.3.1.
  • YuXMLSec v1.0.3
    • Update to XMLSec 1.2.37.
      • Migration to OpenSSL 3.0 APIs. Needs YuOpenSSL-3.0 v1.2.6 or later.
      • Several smaller fixes.
  • YuOpenSSL-3.0 v1.2.5
    • Update to OpenSSL 3.0.7 (OpenSSL 3.0.6 was withdrawn by the OpenSSL developers).
      • Fixed two high vulnerability buffer overflows in punycode decoding functions, CVE-2022-3786 and CVE-2022-3602.
      • Added RIPEMD160 to the default provider.
      • Other minor bug fixes.
  • YuOpenSSL-3.0 v1.2.3
    • Update to OpenSSL 3.0.5.
      • Fix BN_gcd() to check return value when calling BN_one().
      • Add a check for the return of i2s_ASN1_INTEGER().
      • Fix X509v3_addr_add_range(), X509v3_addr_canonize(), and X509v3_addr_is_canonical() to return the correct result.
      • Fix memory leak in EC_GROUP_new_from_ecparameters().
      • Add and improve various checks.
  • YuOpenSSL-3.0 v1.2.3
    • Update to OpenSSL 3.0.4.
      • Minor bug fixes.
      • Add some constants and functions, mainly related to EVP_KEYEXCH… and X509v3_addr….
  • YuOpenSSL-3.0 v1.2.2
    • Fix OpenSSL version reported by OpenSSL_version…() functions and constants like OPENSSL_FULL_VERSION_STR.
  • YuOpenSSL-3.0 v1.2.1
    • Update to OpenSSL 3.0.3.
      • Fixed a bug in the OCSP_basic_verify() function that verifies the signer certificate on an OCSP response.
      • Fixed a bug where the RC4-MD5 ciphersuite incorrectly used the AAD data as the MAC key.
      • Fix a bug in the OPENSSL_LH_flush() function that breaks reuse of the memory occuppied by the removed hash table entries.
  • YuOpenSSL-3.0 v1.2.0
    • Update to OpenSSL 3.0.2.
      • Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever for non-prime moduli (CVE-2022-0778).
      • Add ciphersuites based on DHE_PSK and ECDHE_PSK to the list of ciphersuites providing Perfect Forward Secrecy as required by SECLEVEL >= 3.
      • Fixed PEM_write_bio_PKCS8PrivateKey() to make it possible to use empty passphrase strings.
    • Add OCSP API functions for Internet Component Suite (ICS).
  • YuOpenSSL-3.0 v1.3.2
    • Update to OpenSSL 3.0.14.
      • Fixed potential use after free after SSL_free_buffers() is called (CVE-2024-4741).
      • Fixed an issue where checking excessively long DSA keys or parameters may be very slow (CVE-2024-4603).
      • Fixed unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511).
  • YuOpenSSL-3.0 v1.3.1
    • Update to OpenSSL 3.0.13.
      • Fixed PKCS12 Decoding crashes (CVE-2024-0727).
      • Fixed Excessive time spent checking invalid RSA public keys (CVE-2023-6237).
      • Fix excessive time spent in DH check / generation with large Q parameter value (CVE-2023-5678).
  • YuOpenSSL-3.0 v1.2.13
    • Update to OpenSSL 3.0.12.
      • Fix CVE-2023-5363: Mitigate incorrect resize handling for symmetric cipher keys and IVs.
  • YuOpenSSL-3.0 v1.2.11
    • Update to OpenSSL 3.0.10.
      • Fix CVE-2023-3817: Excessive time spent checking DH q parameter value.

Older entries >>