CAIL / SSL Change Logs

Note that this page has info for each of the four CAIL / SSL Proxies. Scroll down if you don't see what you're after at the top.

CAIL SSL Telnet Proxy (SSLPRXY)

Jun 08, 2023 15.1.1.1t

-To address new vulnerabilities, now based on OpenSSL 1.1.1t

Aug 09, 2022 15.1.1.1q

-To address new vulnerabilities, now based on OpenSSL 1.1.1q

03/29/2021 10APR2020

-Now based on OpenSSL 1.1.1g

-Adds support for TLS 1.3

04/21/2018 28JAN2018_D

-Added more error information for connect failures

-Added more error messages for certificate expiration on day of expiration

04/09/2018 28JAN2018_C

-GPF cause by openssl passing back null pointer to error messages - will now replace any null pointers with ascii ? character

-Added check of host certificate not before and not after dates - occurs once per day

03/19/2018 28JAN2018_B

-Increased max_services from 10 to 32 to allow more listens in a single process

02/07/2018 28JAN2018_A

-Added param to specify allowed elliptic curves

-Allow client to specify elliptic curves

-Add undocumented param to allow use of TLS1.0 and TLS1.1

01/28/2018 28JAN2018

-Switch to openssl 1.0.2n

08/04/2017 21JUN2016_A

-Failed to close sockets on etimedout error resulted in hanging opens

-EMS collector not reopened in backup process after takeover

-Changed tracing to check for correct trace file on each write

-Notify backup process when tracing, trace file, log mask or log file name changes

06/21/2016 21JUN2016

-Switch to openssl 1.0.2h

CAIL SSL Telnet Client Proxy (SSLPRXC)

Jun 08, 2023 15.1.1.1t

- To address new vulnerabilities, now based on OpenSSL 1.1.1t

Aug 09, 2022 15.1.1.1q

-Now based on OpenSSL 1.1.1q

03/29/2021 10APR2020

-Now based on OpenSSL 1.1.1g

-Adds support for TLS 1.3

04/09/2018 28JAN2018_B

-GPF cause by openssl passing back null pointer to error messages - will now replace any null pointers with ascii ? character

02/09/2018 28JAN2018_A

-Added param to specify allowed elliptic curves

01/28/2018 28JAN2018

-Switch to openssl 1.0.2n

08/04/2017 21JUN2016_A

-Failed to close sockets on etimedout error resulted in hanging opens

-EMS collector not reopened in backup process after takeover

-Changed tracing to check for correct trace file on each write

-Notify backup process when tracing, trace file, log mask or log file name changes

06/21/2016 21JUN2016

-Switch to openssl 1.0.2h

CAIL SSL FTP Proxy (SSLFTPS)

Jun 08, 2023 15.1.1.1t

-To address new vulnerabilities, now based on OpenSSL 1.1.1t

Aug 09, 2022 15.1.1.1q

-Now based on OpenSSL 1.1.1q

03/29/2021 10APR2020

-Now based on OpenSSL 1.1.1g

-Adds support for TLS 1.3

08/08/2019 28JAN2018_E

-Low and high port assignments for active and passive ports failed for assignments > 32767

08/29/2018 28JAN2018_D

-Param relayipaddress not processed correctly resulting in relayipaddress of 0.0.0.0

04/21/2018 28JAN2018_C

-Added more error information for connect failures

-Added more error messages for certificate expiration on day of expiration

04/09/2018 28JAN2018_B

-GPF cause by openssl passing back null pointer to error messages - will now replace any null pointers with ascii ? character

-Added check of host certificate not before and not after dates - occurs once per day

02/07/2018 28JAN2018_A

-Added param to specify allowed elliptic curves

-Allow client to specify elliptic curves

-Add undocumented param to allow use of TLS1.0 and TLS1.1

01/28/2018 28JAN2018

-Switch to openssl 1.0.2n

08/04/2017 21JUN2016_C

-Failed to close sockets on etimedout error resulted in hanging opens

-EMS collector not reopened in backup process after takeover

-Changed tracing to check for correct trace file on each write

-Notify backup process when tracing, trace file, log mask or log file name changes

10/06/2016 21JUN2016_B

-Failure to establish remote data channel for active mode transfers resulted in leaving remote data socket and local data socket open

09/01/2016 21JUN2016_A

-Did not perform cleanup properly when alert message generated from ssl negotiate state set ssl state to ssl_shutdown rather than ssl_shutdown_pending while in ssl_negotiate state

06/21/2016 21JUN2016

-Switch to openssl 1.0.2h

CAIL SSL FTP Client Proxy (SSLFTPC)

Jun 08, 2023 15.1.1.1t

-To address new vulnerabilities, now based on OpenSSL 1.1.1t

Aug 09, 2022 15.1.1.1q

-Now based on OpenSSL 1.1.1q

03/29/2021 10APR2020

-Now based on OpenSSL 1.1.1g

-Adds support for TLS 1.3

08/08/2019 28JAN2018_C

-Low and high port assignments for active and passive ports failed for assignments > 32767

04/09/2018 28JAN2018_B

-GPF cause by openssl passing back null pointer to error messages - will now replace any null pointers with ascii ? character

-Added check of host certificate not before and not after dates - occurs once per day

02/09/2018 28JAN2018_A

-Added param to specify allowed elliptic curves

-Allow client to specify elliptic curves

-Add undocumented param to allow use of TLS1.0 and TLS1.1

01/28/2018 28JAN2018

-Switch to openssl 1.0.2n

08/04/2017 21JUN2016_A

-Failed to close sockets on etimedout error resulted in hanging opens

-EMS collector not reopened in backup process after takeover

-Changed tracing to check for correct trace file on each write

-Notify backup process when tracing, trace file, log mask or log file name changes

06/21/2016 21JUN2016

-Switch to openssl 1.0.2h