Workflow

Sslyze

Latest version: v6.0.0

Safety actively analyzes 621876 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 12

6.0.0

* Added support for Python 3.12 (630).
* Removed support for Python 3.7 (616).
* Switched to Python Cryptography's implementation of certificate validation, in order to simplify the validation logic and make it more reliable (638).
* Removed direct dependency to pyOpenSSL.
* Removed usages of `ssl.match_hostname()` (627).
* JSON output changes for the certificate information plugin:
* `leaf_certificate_subject_matches_hostname` has been removed because hostname validation is now directly reported in the `path_validation_results`, which makes it simpler to process them.
* Similarly, `openssl_error_string` was renamed to `validation_error`.
* Fixed crash caused by "invalid padding" and "invalid encoding" errors (632, 634).
* Better output when an SMTP EHLO is rejected ( 635).

5.2.0

* Fixed crashes affecting specific Linux distributions such as Red Hat Linux and CentOS (556, 621).
* Fixed a bug when probing TLS 1.3 servers that require client authentication (612).
* Fixed a crash when using the JSON output with the `MozillaTlsConfigurationChecker` (614).
* Added support for pydantic 2.x (611).
* Added support for cryptography 40 and 41 (610).
* Updated Windows executable to use Python 3.11 (588).
* Updated Mozilla configuration recommendations to v5.7 (608).
* Better handling of servers that only support SSL v2.0 (601).
* *WARNING: This is the last release to support Python 3.7.*
* *WARNING: This is the last release to support pydantic 1.x.*

5.1.3

* Added native support for Apple Silicon (https://github.com/nabla-c0d3/nassl/pull/107).
* Fixed a crash when using older versions of PyOpenSSL (600).
* *WARNING: This is the last release to support Windows 7.*

5.1.2

* Updated cryptography to v39 (596).
* Updated the trust stores.

5.1.1

* Fixed compatibility with specific versions of pydantic (590).

5.1.0

* Added support for Python 3.11 (582).
* Added support for Brainpool curves when running `--elliptic_curves` (545).
* Added support for validating certificates with IP addresses in their Subject Alternative Name (544).
* Fixed memory leaks when performing certificate validation by switching to pyOpenSSL (566).
* Fixed a crash with pydantic v1.10.3 (586).
* Removed check for the Expect-CT HTTP header when running `--http_headers` as the header has been deprecated (584).
* Fixed a crash when exporting results to JSON when an HTTP proxy was used (581).

Page 1 of 12

Links

Releases

Has known vulnerabilities

Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.