Sslyze

Latest version: v6.0.0

Safety actively analyzes 681844 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 4 of 12

4.0.0

* Added support for Python 3.9 (468).
* Fixed a crash when parsing OCSP responses (471).
* **API-breaking change:** the `ocsp_response` field in `CertificateInfoScanResult` is now an `OCSPResponse` instance from the `cryptography.x509.ocsp` module.
* **JSON-breaking change:** Significantly improved the JSON output for certificates and OCSP responses, when using `--certinfo`.
* Fixed a false positive when testing for client-initiated renegotiation DoS attacks on some servers (473).
* **API-breaking change:** the `accepts_client_renegotiation` field in `SessionRenegotiationScanResult` was removed, and the more accurate `is_vulnerable_to_client_renegotiation_dos` field was added.
* The ability to detect the server’s “preferred” cipher suite was removed for being too unreliable, and will be replaced by full cipher suite order detection in a future release (456).
* **API-breaking change:** the `cipher_suite_preferred_by_server` in `CipherSuitesScanResult` was removed.
* Fixed a crash when scanning a server with an exotic/invalid TLS configuration (466).
* Fixed support for older versions of macOS.
* Added support for the latest version of cryptography (467).

3.1.0

* Added support for scanning for supported elliptic curves (447):

$ python -m sslyze --elliptic_curves www.cloudflare.com

* Elliptic Curve Key Exchange:
Supported curves: prime256v1, secp384r1, secp521r1, X25519
Rejected curves: sect163r2, secp160r1, sect233k1, X448, secp160r2, sect233r1, secp192k1,
sect239k1, secp224k1, sect193r1, sect283k1, secp224r1, sect163k1, sect283r1, secp256k1, secp160k1,
sect409k1, prime192v1, sect409r1, sect163r1, sect193r2, sect571k1, sect571r1

* Added support for cryptography 3.x (455).
* Fixed various crashes (458, 459).

3.0.8

* Significantly reduced memory usage when using SSLyze in a Python application.

3.0.7

* Fixed crashes when scanning Amazon Cloudfront due to TLS 1.3 (445).
* Fixed a crash when scanning a server with an Ed25519 certificate (444).
* The CLI will now run `--regular` if no scan options were supplied: `python -m sslyze google.com` (440)

3.0.6

* Fixed a crash when scanning Amazon Cloudfront for Heartbleed and CCS Injection (437).
* The Python API now exposes a `JsonEncoder` to make it easy to serialize a `ServerScanResult` to JSON (439).

3.0.4

* Fixed crashes when running SSLyze on localized (ie. non-english) versions of Windows (434).

Page 4 of 12

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.