Revisions of testssl.sh
buildservice-autocommit
accepted
request 1151915
from
Martin Hauke (mnhauke)
(revision 20)
baserev update by copy to link target
Martin Hauke (mnhauke)
accepted
request 1151452
from
Petr Gajdos (pgajdos)
(revision 19)
- Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN
buildservice-autocommit
accepted
request 1007161
from
Martin Hauke (mnhauke)
(revision 18)
baserev update by copy to link target
Martin Hauke (mnhauke)
accepted
request 1006790
from
Jeff Kowalczyk (jfkw)
(revision 17)
- Update to version 3.0.8 * Fix grep 3.8 warnings on fgrep and unneeded escapes of hyphen, slash, space (Geert) * Fix alignment for cipher output (David) * News binaries (Darwin from Barry), carry now the appendix -bad and fixes a security problem. * Backport from higher OpenSSL version to support xmpp-server * Fix CT (David) * Fix decryption of TLS 1.3 response (David) * Upgrade Dockerfile to Alpine to 3.15 * Fix pretty JSON formatting when warning is issued (David) * Update of certificate stores * Major update of client simulation (9 new simulations , >4 removed in default run) * Fix CRIME output on servers only supporting TLS 1.3 (Tomasz) * Fix censys link * Fix ome handshake problems w $OPENSSL ciphers, extend determine_optimal_sockets_params() to more * ciphers, fix PROTOS_OFFERED (David) * Relax STARTTLS FTP requirement so that it doesn't require TLS after AUTH * Fix run_server_preference() with no default protocol (David) * Fix getting CRL / NO_SESSION_ID under some circumstances (David) * Improve/fix OpenSSL 3.0 compatibility (David) * Fix formatting to documentation * Add FFDHE groups to supported_groups (David) * Include RSA-PSS in ClientHello (David) - Requires: bind-utils for required tools dig, host and nslookup
buildservice-autocommit
accepted
request 999880
from
Marcus Meissner (msmeissn)
(revision 16)
baserev update by copy to link target
Marcus Meissner (msmeissn)
accepted
request 994910
from
Jeff Kowalczyk (jfkw)
(revision 15)
- Update to version 3.0.7 * Fix "ID resumption test failed" bug under Darwin * Fix "locale error message when en_US.UTF-8 isn't available" bug * Fix "Darwin / LibreSSL startup problem" which leads to a question upfront * Make upfront handshake tests more compatible by adding </dev/null * Take 'HTTP Age' HTTP header into account when determine HTTP time * Fix JSON header (structured JSON output) name * Robustness: Update reset_hostdepended_vars() for mass tests * Simplify determination of git stuff * Fix "newline to spaces" in JSON and CSV findings * Fix "Bad file descriptor with --connect-timeout option" * SSLv2 fixes, OpenSSL fixes 3.X * Improve cipher_pref_check() for detecting prioritization of ChaCha ciphers * Simplify + speed up pre-check * Addressing lame DNS responses on WSL * Fix big serial # issue in certs * Fix invalid JSON when certificate issuer containing non-ASCII chars
Marcus Meissner (msmeissn)
accepted
request 922880
from
Martin Hauke (mnhauke)
(revision 14)
- Update to version 3.0.6 * Bugfix: Remove DST x3 Root CA which lead to trust issues for servers using a Letsencrypt certificate (Miguel Jacq) * Bugfix: Newer openssl.cnf break detection of openssl binary * Documenation update to reflect renaming standard ciphers to cipher categories * Ignore usage of ~/.digrc where possible * Fixing host information in JSON output when using STARTTLS XMPP * TLS 1.3 improvements wrt server certificates * Bugfix: Order of -U --ids-friendly doesn't matter anymore * Disable ANSI codes when TERM=screen * Improved SSL/TLS port detection in nmap greppable files using as input to testssl.sh * Bugfix when nmap files had .txt extension * Display certficate time in UTC * Use _uname -n`` instead of hostname --> POSIX * Few output fixes
buildservice-autocommit
accepted
request 892526
from
Lars Vogdt (lrupp)
(revision 13)
baserev update by copy to link target
Lars Vogdt (lrupp)
accepted
request 892123
from
Martin Hauke (mnhauke)
(revision 12)
- Update to version 3.0.5 * Fix off by one error in HSTS (now: 180 instead of 179 days) * Fix minor output inconsistency in JSON output (Chad) * Improve compatibility for OpenSSL 3.0 (David Cooper) * Fix localization issue for ciphers where e.g. in Swedish W is being treated as a variant of V so that the W in TLS_ECDHE_RSA_WITH* didn't match the bash pattern * Fixes in file openssl-iana.mapping.html (Elfranne) * Fix quoting for CVE+JSON output in run_heartbleed() * Fix trailing dot issue in hostnames * Fix improper proper halving of the dates for Let's Encrypt certificates
buildservice-autocommit
accepted
request 851161
from
Martin Hauke (mnhauke)
(revision 11)
baserev update by copy to link target
Martin Hauke (mnhauke)
accepted
request 851098
from
Matthias Fehring (buschmann23)
(revision 10)
- Update to version 3.0.4 * This version is a quick fix for a regression of detecting SSLv2 ciphers in a basic function. - Update to version 3.0.3 * Update certificate stores * manpage fix (Karl) * minor speedups for some vulnerability tests * bash 5.1 fix * Secure Client-Initiated Renegotiation false positive fix * BREACH is now medium * invalid JSON fix and other JSON improvements (David) * Adding native Android 7 handshake instead of Chrome which has TLS 1.3 (Christoph) * Header flag X-XSS-Protection is now labled as INFO * No cyan colors in HHHTP header flags anymore, colons added
buildservice-autocommit
accepted
request 822701
from
Martin Hauke (mnhauke)
(revision 9)
baserev update by copy to link target
Martin Hauke (mnhauke)
accepted
request 822571
from
Matthias Fehring (buschmann23)
(revision 8)
- Update to version 3.0.2 * Remove potential licensing conflicts * Fix situations when TLS 1.3 is used for Ticketbleed check * Improved compatibility with LibreSSL 3.0 * Add brotil compression to BREACH * Faster and more robust XMPP STARTTLS handshakes * More robust STARTTLS handshakes * Fix outputs, sometimes misleading
buildservice-autocommit
accepted
request 795500
from
Marcus Meissner (msmeissn)
(revision 7)
baserev update by copy to link target
Marcus Meissner (msmeissn)
accepted
request 794132
from
Martin Hauke (mnhauke)
(revision 6)
- Update to version 3.0.1 * Fix hang in BEAST check when there are ciphers starting with SSL_* but which are no SSLv2 cipher * Fix bug in setting DISPLAY_CIPHERNAMES when $CIPHERS_BY_STRENGTH_FILE is not a/v. * Fix basic auth LF problem * Fix printing percent chars * Fix minor HTML generation bug * Fix security bug: sanitizing DNS input * make --ids-friendly work again * Update sneaky user agent * Update links in code comments * Cosmetic code updates * Fix output bug when >1 PTR records returned * More output fixes
buildservice-autocommit
accepted
request 791270
from
Martin Hauke (mnhauke)
(revision 5)
baserev update by copy to link target
Martin Hauke (mnhauke)
accepted
request 791269
from
Christian Boltz (cboltz)
(revision 4)
- fix bash path for Leap 15.x (where bash still is /bin/bash) This was reported on the factory ML, and since it's an easy fix, I did this quick SR instead of recommending the bugzilla paperwork ;-) Please also re-submit the updated package to Leap 15.2 - the current submission is blocked by the installcheck which (rightfully) complains that /usr/bin/bash doesn't exist in Leap 15.2
Dominique Leuenberger (dimstar_suse)
accepted
request 766885
from
Martin Hauke (mnhauke)
(revision 3)
initialized devel package after accepting 766885
Martin Hauke (mnhauke)
accepted
request 766884
from
Martin Hauke (mnhauke)
(revision 2)
fix name of the rpmlintrc file
Marcus Meissner (msmeissn)
accepted
request 766707
from
Martin Hauke (mnhauke)
(revision 1)
Initial package for testssl.sh
Displaying all 20 revisions