diff options
| author | Kurt Roeckx <kurt@roeckx.be> | 2020-01-02 23:25:27 +0100 |
|---|---|---|
| committer | Kurt Roeckx <kurt@roeckx.be> | 2020-06-27 08:41:40 +0200 |
| commit | aba03ae571ea677fc484daef00a21ca8f7e82708 (patch) | |
| tree | bf3f446083418e99c72828d32986d616c2e4c66b /NEWS.md | |
| parent | Fix syntax of cipher string (diff) | |
| download | openssl-aba03ae571ea677fc484daef00a21ca8f7e82708.tar.xz openssl-aba03ae571ea677fc484daef00a21ca8f7e82708.zip | |
Reduce the security bits for MD5 and SHA1 based signatures in TLS
This has as effect that SHA1 and MD5+SHA1 are no longer supported at
security level 1, and that TLS < 1.2 is no longer supported at the
default security level of 1, and that you need to set the security
level to 0 to use TLS < 1.2.
Reviewed-by: Tim Hudson <tjh@openssl.org>
GH: #10787
Diffstat (limited to 'NEWS.md')
| -rw-r--r-- | NEWS.md | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -63,6 +63,7 @@ OpenSSL 3.0 RC4, RC5 and SEED cipher functions have been deprecated. * All of the low level DH, DSA, ECDH, ECDSA and RSA public key functions have been deprecated. + * SSL 3, TLS 1.0, TLS 1.1, and DTLS 1.0 only work at security level 0. OpenSSL 1.1.1 ------------- |