Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search RPM for noarch

From OpenSuSE Ports Tumbleweed for noarch

Name: Distribution: openSUSE:Factory:zSystems
Version: 3.0.5 Vendor: obs://
Release: 1.1 Build date: Wed May 12 20:00:12 2021
Group: Productivity/Networking/Security Build host: s390p25
Size: 3117025 Source RPM:
Summary: Testing TLS/SSL Encryption Anywhere On Any Port is a free command line tool which checks a server's service on
any port for the support of TLS/SSL ciphers, protocols as well as some
cryptographic flaws.






* Mon May 10 2021 Martin Hauke <>
  - Update to version 3.0.5
    * Fix off by one error in HSTS (now: 180 instead of 179 days)
    * Fix minor output inconsistency in JSON output (Chad)
    * Improve compatibility for OpenSSL 3.0 (David Cooper)
    * Fix localization issue for ciphers where e.g. in Swedish W is
      being treated as a variant of V so that the W in
      TLS_ECDHE_RSA_WITH* didn't match the bash pattern
    * Fixes in file openssl-iana.mapping.html (Elfranne)
    * Fix quoting for CVE+JSON output in run_heartbleed()
    * Fix trailing dot issue in hostnames
    * Fix improper proper halving of the dates for Let's Encrypt
* Thu Nov 26 2020 Matthias Fehring <>
  - Update to version 3.0.4
    * This version is a quick fix for a regression of detecting SSLv2
      ciphers in a basic function.
* Thu Nov 19 2020 Matthias Fehring <>
  - Update to version 3.0.3
    * Update certificate stores
    * manpage fix (Karl)
    * minor speedups for some vulnerability tests
    * bash 5.1 fix
    * Secure Client-Initiated Renegotiation false positive fix
    * BREACH is now medium
    * invalid JSON fix and other JSON improvements (David)
    * Adding native Android 7 handshake instead of Chrome which has
      TLS 1.3 (Christoph)
    * Header flag X-XSS-Protection is now labled as INFO
    * No cyan colors in HHHTP header flags anymore, colons added
* Fri Jul 24 2020 Matthias Fehring <>
  - Update to version 3.0.2
    * Remove potential licensing conflicts
    * Fix situations when TLS 1.3 is used for Ticketbleed check
    * Improved compatibility with LibreSSL 3.0
    * Add brotil compression to BREACH
    * Faster and more robust XMPP STARTTLS handshakes
    * More robust STARTTLS handshakes
    * Fix outputs, sometimes misleading
* Wed Apr 15 2020 Martin Hauke <>
  - Update to version 3.0.1
    * Fix hang in BEAST check when there are ciphers starting with
      SSL_* but which are no SSLv2 cipher
    * Fix bug in setting DISPLAY_CIPHERNAMES when
      $CIPHERS_BY_STRENGTH_FILE is not a/v.
    * Fix basic auth LF problem
    * Fix printing percent chars
    * Fix minor HTML generation bug
    * Fix security bug: sanitizing DNS input
    * make --ids-friendly work again
    * Update sneaky user agent
    * Update links in code comments
    * Cosmetic code updates
    * Fix output bug when >1 PTR records returned
    * More output fixes
* Fri Apr 03 2020 Christian Boltz <>
  - fix bash path for Leap 15.x
* Thu Jan 23 2020 Martin Hauke <>
  - Update to version 3.0
    * Full support of TLS 1.3, shows also drafts supported
    * Extended protocol downgrade checks
    * ROBOT check
    * Better TLS extension support
    * Better OpenSSL 1.1.1 and higher versions support as well as
      LibreSSL >3
    * DNS over Proxy and other proxy improvements
    * Decoding of unencrypted BIG IP cookies
    * Initial client certificate support
    * Warning of 825 day limit for certificates issued after
    * Socket timeouts (--connect-timeout)
    * IDN/IDN2 servername/URI + emoji support, supposed
      libidn/idn2 is installed and DNS resolver is recent)support
    * Initial support for certificate compression
    * Better JSON output: renamed IDs and findings shorter/better
      parsable, also includes certficate
    * JSON output now valid also for non-responding servers
    * Testing now per default 370 ciphers
    * Further improving the robustness of TLS sockets (sending
      and parsing)
    * Support of supplying timeout value for openssl connect
    - - useful for batch/mass scanning
    * File input for serial or parallel mass testing can be also in
      nmap grep(p)able (-oG) format
    * LOGJAM: now checking also for DH and FFDHE groups (TLS 1.2)
    * PFS: Display of elliptical curves supported, DH and FFDHE
      groups (TLS 1.2 + TLS 1.3)
    * Check for session resumption (Ticket, ID)
    * TLS Robustness check GREASE and more
    * Server preference distinguishes between TLS 1.3 and lower
    * Mark TLS 1.0 and TLS 1.1 as deprecated
    * Does a few startup checks which make later tests easier and
      faster (determine_optimal_\*())
    * Expect-CT header detection
    * --phone-out does certificate revocation checks via OCSP
      (LDAP+HTTP) and with CRL
    * --phone-out checks whether the private key has been
      compromised via
    * Missing SAN warning
    * Added support for private CAs
    * Way better handling of connectivity problems (counting those,
      if threshold exceeded -> bye)
    * Fixed TCP fragmentation
    * Added --ids-friendly switch
    * Exit codes better: 0 for running without error, 1+n for small
      errors, >240 for major errors.
    * Better error msg suppression (not fully installed OpenSSL)
    * Better parsing of HTTP headers & better output of longer HTTP
    * Display more HTTP security headers
    * HTTP Basic Auth support for HTTP header
    * experimental "eTLS" detection
    * Dockerfile and repo @ docker hub with that file (see above)
    * Java Root CA store added
    * Better support for XMPP via STARTTLS & faster
    * Certificate check for to-name in stream of XMPP
    * Support for NNTP and LMTP via STARTTLS, fixes for MySQL and
    * Support for SNI and STARTTLS
    * More robustness for any STARTTLS protocol (fall back to
      plaintext while in TLS caused problems)
    * Renegotiation checks improved, also no false potive for Node.js
    * Major update of client simulations with self-collected
      up-to-date data
    * Update of CA certificate stores
    * Lots of bug fixes
    * More travis/CI checks -- still place for improvements
    * Bigger man page review
  - specfile cleanup
  - Add
* Wed Dec 11 2019 Matthias Fehring <>
  - Update to 2.9.96 (aka 3.0rc6)
    * Socket timeouts (--connect-timeout)
    * IDN/IDN2 servername support
    * support
    * Initial support for certificate compression
    * Initial client certificate support
    * Better indentation for HTTP header outputs
    * Better parsing of HTTP headers
    * Penalize absence of TLS 1.2 anymore if server supports TLS 1.3 only
    * Several improvements related to protocol determination and downgrade responses
    * Some logic related using TLS 1.3 aware OpenSSL binaries more or less automagically
    * Internal improvements to server preference checks
    * Lots of internal and some speed improvements in "pre-flight checks" (comes before outputting any test)
    * Mark TLS 1.0 and TLS 1.1 as deprecated
    * Support newer OpenSSL/LibreSSL versions
    * Improved detection of wrong user input when file was supplied for --csv,--json and --html
    * Update client handshakes with newer client data and deprecate other clients
    * Regression in CAA RR fixed
    * Session resumption fixes
    * Session ticket fixes
    * Fixes for STARTTLS MySQL and PostgreSQL
    * Unit tests for (almost) every STARTTLS protocol supported
    * A lot of minor fixes
* Sat Apr 27 2019 Matthias Fehring <>
  - Update to 2.9.95 (aka 3.0rc5)
    * Modernized client handshakes
    * Further code sanitizing
    * Fixes in CSV files and JSON files creation and some ACE
      loadbalancer related improvements
    * Fix session tickets and resumption
    * OpenSSL 1.1.1 fixes
    * Darwin OpenSSL binary
    * Updated certificate store
    * Add SSLv2 to SWEET
  - update to
* Tue Feb 19 2019 Matthias Fehring <>
  - Update to 2.9.94 (aka 3.0rc4)
    * Documentation fixes and additions
    * Add new openssl helper binaries
    * Bug fix: Scan continues if one of multiple IP addresses per
      hostname has a problem
    * "eTLS" detection ("visibility information")
    * Minimize initial warning "doesn't seem to be a TLS/SSL enabled
      server" by using sockets
    * Several improvement for SSLv2 only servers
    * Handle different cipher preference < TLS 1.3 vs. TLS 1.3
    * Clarify & improve Standard Cipher check (potentially breaking
    * Improve SWEET32 test
    * Finding certificates is faster and independent on openssl
* Sat Dec 01 2018 Matthias Fehring <>
  - Update to 2.9.93 (aka 3.0rc3)
    * add SSLv2 ciphers *total ciphers now being tested for: 370)
    * updated client simulation data
    * TLS 1.3 improvements
    * STARTTLS NNTP support
    * STARTTLS XMPP faster and more reliable
    * include DH groups (primes) in pfs section
    * Fix TCP fragmentation under remaining OS: FreeBSD / Mac OS X
    * further bugfixes and clarifications
* Wed Nov 28 2018 Matthias Fehring <>
  - initial package version 2.9.92 (aka 3.0rc2)



Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Nov 9 14:55:06 2021