- Upgrade to version 2.0.0-beta6
* Various bugfixes
* Added -4 and -6 options to force IPv4 and IPv6.
* Added strength attribute to XML to reflect colouring in stdout
* Checks for server signature algorithms.
* Checks for server key exchange groups.
* Support for SSLv2 and SSLv3 protocol detection regardless of OpenSSL
* Support for TLSv1.3
* Support for additional cipher suites.
* Print curve name and key strength for ECC certs
* Fix a bug with servers that return incorrect cipher IDs.
* Add a new "<certificates>" element to the XML output.
* Remove the "Signature Algorithm:" text and spacing from the XML.
* Report servers that accept any signature algorithm in the XML
- Rebased fedora-sslscan-patents.patch
- OpenSSL dependency bumped to >= 1.1
OBS-URL: https://build.opensuse.org/request/show/822258
OBS-URL: https://build.opensuse.org/package/show/security/sslscan?expand=0&rev=18
The latest version can not be compiled with SLE_11 and SLE12 w/o SP, but it brings a lot of great features:
* Support for
- STARTTLS: POP3, IMAP, FTP, XMPP
- PostgreSQL
- IPv6 addresses
- TLSv1.1 and TLSv1.2
- XMPP server-to-server connections
* Added check for
- OpenSSL Heartbleed
- POODLE
* Highlight the following issues
- weak RSA and DHE keys in output
- SSLv2, SSLv3, RC4 ciphers
- anonymous ADH and AECDH ciphers
- weak (n <= 40 bit) and medium (40 < n <= 56 bit)
* Certificates
- Display certificate signing algorithm highlighting weak algorithms.
- Display certificate key strength highlighting weak keys.
- Flag expired certificates
* Most secure protocols are scanned first
* Display cipher details by default
OBS-URL: https://build.opensuse.org/request/show/438006
OBS-URL: https://build.opensuse.org/package/show/security/sslscan?expand=0&rev=3
