Workflow

Sslyze

Latest version: v6.0.0

Safety actively analyzes 630406 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 8 of 12

1.4.0

Not secure
* **Last major release to support Python 2.7 and 3.4**.
* The Python API has changed slightly when doing connectivity testing.
* A guide on how to update your code is available [here](https://gist.github.com/nabla-c0d3/91d6544018e75efe4385b2f4409854ab). The migration should only require changing a few lines of code.
* When using the Python API, more specialized errors (ie. subclasses of `ServerConnectivityError`) are returned when connectivity testing failed, so that it is easier to know what went wrong. Your existing code should still work the same.
* Replaced the ` --timeout` and `--nb_retries` CLI options with `--slow_connection`, for when the connection is slow or the server cannot support many concurrent connections.
* Updated TLS 1.3 support to draft 23.
* Bug fixes for client authentication.
* Bug fixes Alpine Linux.

1.3.4

Not secure
* Bug fixes for the ROBOT check to address false positives (282).
* The trust stores used by SSLyze can now be updated via the CLI (`--update_trust_stores`) or via the Python API (`TrustStoresRepository.update_default()`) (225).
* Added support for the Expect CT HTTP header (285) when using `-http_headers`.

1.3.2

Not secure
* Added missing IANA names for some cipher suites (276).
* Improved speed when testing for TLS 1.3 cipher suites using `--tlsv1_3`.
* Updated the trust stores used when running `--certinfo`.
* Bug fix for OCSP responses containing non-UTF8 characters when running `--certinfo`.
* On Linux, [nassl](https://pypi.python.org/pypi/nassl) is now available as a binary wheel in order to avoid build and OpenSSL issues (#241).
* Project license modified to AGPL.

1.3.1

Not secure
* Bug fix for the ROBOT check (270). The check can be run using:
* The CLI tool: python -m sslyze --robot www.google.com
* SSLyze's Python API using the RobotScanCommand, as described at https://nabla-c0d3.github.io/blog/2017/12/17/sslyze-robot-scan/.

1.3.0

Not secure
* Added a new plugin to scan for the ROBOT vulnerability (https://robotattack.org/). The check can be run using:
* The CLI tool: `python -m sslyze --robot www.google.com`
* SSLyze's Python API using the `RobotScanCommand`, as described at https://nabla-c0d3.github.io/blog/2017/12/17/sslyze-robot-scan/.
* The `--certinfo` and `CertificateInfoScanCommand` commands now return information about the OCSP Must-Staple and Certificate Transparency X509 extensions of the server's certificate.
* The `--certinfo` command now returns the content of the server certificate's SubjectAltName in the JSON and XML outputs (265).
* Fixed several memory leaks in the nassl C extension. The memory usage of the SSLyze process will grow a lot slower over time (196).
* Fixed bug when running the `--reneg` command on Python 3 (264).
* Switched minimum version of Python to 3.4.

1.2.0

Not secure
* Added support for TLS 1.3 (draft 18) scanning using OpenSSL 1.1.1 dev.
* `python -m sslyze --tlsv1_3 tls13.crypto.mozilla.org`
* Added support for new-style ChaCha20 cipher suites.
* Added some of the certificate fields to the JSON output (258).
* Bug fix for Python 3 (251, 256), OCSP Stapling (254), IPv6 and the Heartbleed/CCS checks (257).

Page 8 of 12

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.