OpenSSL 1.0.0l & 1.0.1g

New and highly important OpenSSL updates:

Today’s update fixes a critical security issue (a.k.a. The Heartbleed Bug) where remote memory might be disclosed to the connecting party. Security advisory: http://www.openssl.org/news/secadv_20140407.txt

Direct Links:
http://indy.fulgan.com/SSL/openssl-0.9.8y-i386-win32.zip
http://indy.fulgan.com/SSL/openssl-0.9.8y-x64_86-win64.zip
http://indy.fulgan.com/SSL/openssl-1.0.0l-i386-win32.zip
http://indy.fulgan.com/SSL/openssl-1.0.0l-x64_86-win64.zip
http://indy.fulgan.com/SSL/openssl-1.0.1g-i386-win32.zip
http://indy.fulgan.com/SSL/openssl-1.0.1g-x64_86-win64.zip

Recommended Versions highlighted.

The 0.9.8y branch is a little bit older and kept for compatibility reasons. Version 1.0.0l is still valid but from my experience it is safe and best to use the current 1.0.1g. For the records: I uploaded the updates 1.0.0l and 1.0.1f back in January to the Fulgan Mirror but had no time to blog about. So if you are curious always check the mirror, too.

One note: Please don’t write me email reminders about released OpenSSL updates. I am already on the OpenSSL mailing lists and know within seconds about. If I don’t publish updates within the usual short time frame I am simply unavailable (which might have several reasons as for any other human being).

Cheers,