|
| 9.0.1 FP4 |
| |
| | | DKEN9RVQGD | kyrtool import all sometimes reports "SECIssUpdateKeyringPrivateKey returned error 0x0720", "AVA separator not found" or "Syntax error in OID" when a... | |
| | | KLYH9QKT4B | Notes / Domino Support for TLS 1.2 (Transport Layer Security 1.2) with protocols: HTTP, SMTP, LDAP, POP3 & IMAP. | |
| | | RGET9TSMKD | Add IP Information to HTTP Thread logs for SSL Handshake connections | |
| | | MKIN9QHT5W | Passing a directory to kyrtool will crash the tool | |
| | | RKUR9PEDEB | Implement HSTS (Http Strict Transport Security).This header informs supported browsers that the site should only be accessed over an SSL-protected... | |
| | | DKEN9SSUR6 | Add more detailed logging for SSL/TLS connections to help in case of diagnose failed connections | |
| | | KLYH9QKTBL | Added Perfect Forward Secrecy (PFS) via Ephemeral Diffie-Hellman (DHE) cipher specs for SSL/TLS | |
| | | KLYH9UQJQN | Remove RC4-SHA from the default cipher list for TLS 1.2 | |
| | | KLYH9URNFY | TLS 1.2 Client handshake request rejected by Server if server certificate chain signature type not supported by the client | |
| | | KLYH9QKTGH | Added SHA-256 cipher specs for increased security with TLS 1.2 | |
| | | KLYH9UFNWH | New notes.ini SSL_DISABLE_TLS_10 to support Disabling TLS1.0 for compliance reasons. Used in conjunction with existing DISABLE_SSLV3=1 allows you to... | |
| | | TCHL9SST8V | Fixes security issue in NSD | |
| | | KLYH9UPMR7 | Fixes Domino Server crash in kyr caching | |
| | | KLYH9UBNGW | Add pinning to SHA-256 for TLS 1.2 | |
| | | LCHG9UPBFM | IBMi:TLS1.2 support for system SSL on IBM i Domino | |
| | | NEKO9VBUBY | Fixes Domino failing when using DHE_RSA_WITH_AES_256_CBC_SHA or DHE_RSA_WITH_AES_128_CBC_SHA over SSLv3 when Domino is the client. | |
| | | DKEN9VBLS5 | If the version of TLS requested by the client is higher than what the Domino server supports, Domino responds with the highest version that it... | |
| | | DKEN9V6R82 | Logs error and returns a fatal alert If a remote TLS server selects an unsupported version. If DISABLE_SSLV3, SSL_DISABLE_TLS_12, or... | |
| | | DKEN9UXNQX | Expand DHE for SSL/TLS past 3072 bit by using ICC library to do the underlying modexp math. 4096 bit now enabled for DHE. | |
| | | RPIN9V8HXK | Support added for DHE with Ys shorter than P when Domino is the client | |
| | | PSIH9SSAHC | Recommended security fix for Notes. See technote 1698994. | |
| | | DKEN9VBRZ5 | Hardcode DH keysize used with DHE-RSA-AES128-SHA to 1024 for Java 6 compatibility | |
| | | KLYH9TSMLA | Recommended security fix for IBM Notes & Domino to address BMP parsing attack: CVE-2015-1902 and CVE-2015-1903 (technote 1883245) | |
| | | DKEN9SLU3Y | Add support for OCSP stapling (TLS Certificate Status Request extension.) To enable, use Domino Server notes.ini variable: ... | |
| | | WJWJ9X64RM | Fixes Domino Server crash in certain configs where keyfile specified does not exist, KYRCache is in use, and an SSL connection is... | |
| | | SJAR9DNGDA | Fixes security vulnerability in the IBM Domino Web server. | |
| | | KLYH9WYPR5 | | |
| | | DKEN9X3SQJ | Lower the priority of the DHE_RSA_WITH_AES_128_CBC_SHA (33) cipher | |
| | | KLYH9T7N5H | Address IBM Domino SSLv2 Remote Execution Vulnerability - CVEID: CVE-2015-0134. Disabled SSLv2 by default as part of TLS 1.0 work.... | |