« June 2013 | Main | August 2013 »

8 posts from July 2013


CryptoNark 0.4.9 Released

Here is another new release of CryptoNark. This release has a new feature: it will check the bit length of the private key on the ssl site or server being scanned and will warn if the bit length is less than 2048 bits. Since many Certificate Authorities will be revoking certificates at the end of this year if the bit length is 1024 bits or less, this is a useful feature if you need to know whether you need to replace that certificate soon.

You can download CryptoNark v0.4.9 from the Downloads page.

This release was tested on perl 5.10.1 and 5.12.5


Apache Tomcat 7.0.42 Released

The Apache Tomcat team released Tomcat 7.0.42. Some of the more notable changes in this release include:

  • Add support for time to first byte in the AccessLogValve. Patch provided by Jeremy Boynes.
  • Correct a regression introduced in 7.0.39 (refactoring of base 64 encoding and decoding) that broke the JNDI Realm when userPassword was set and passwords were hashed with MD5 or SHA1.
  • Ensure that the build process produces Javadoc that is not vulnerable to CVE-2013-1571. Based on a patch by Uwe Schindler. .

Source: tomcat.apache.org

A full list of fixes and improvements are available in the Tomcat 7 changelog. As usual, you can download Tomcat 7.0.42 source and binaries from a mirror near you.