Changes between 1.0.1t and 1.0.1u [xx XXX xxxx]
Changes between 1.0.1t and 1.0.1u [xx XXX xxxx]
+ *) In order to mitigate the SWEET32 attack (CVE-2016-2183),
+ the DES ciphers were moved from HIGH to MEDIUM.
+ [Rich Salz]
Changes between 1.0.1s and 1.0.1t [3 May 2016]
Changes between 1.0.1s and 1.0.1t [3 May 2016]
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_MD5,
SSL_SSLV3,
SSL_3DES,
SSL_MD5,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH,
+ SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
+ SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
+ SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
+ SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,