FDM 6
Re: FDM 6.9
FDM6 integrates OpenSSL version 1.1.1d
OpenSS has serious vulnerabilities on TLS 1.3
OpenSS has been updated in time, Affected OpenSSL 1.1.1 users should upgrade to 1.1.1g
https://www.openssl.org/news/secadv/20200421.txt
OpenSSL Security Advisory [21 April 2020]
=========================================
Segmentation fault in SSL_check_chain (CVE-2020-1967)
=====================================================
Severity: High
Server or client applications that call the SSL_check_chain() function during or
after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a
result of incorrect handling of the "signature_algorithms_cert" TLS extension.
The crash occurs if an invalid or unrecognised signature algorithm is received
from the peer. This could be exploited by a malicious peer in a Denial of
Service attack.
OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This
issue did not affect OpenSSL versions prior to 1.1.1d.
Affected OpenSSL 1.1.1 users should upgrade to 1.1.1g
This issue was found by Bernd Edlinger and reported to OpenSSL on 7th April
2020. It was found using the new static analysis pass being implemented in GCC,
-fanalyzer. Additional analysis was performed by Matt Caswell and Benjamin
Kaduk.
OpenSS has serious vulnerabilities on TLS 1.3
OpenSS has been updated in time, Affected OpenSSL 1.1.1 users should upgrade to 1.1.1g
https://www.openssl.org/news/secadv/20200421.txt
OpenSSL Security Advisory [21 April 2020]
=========================================
Segmentation fault in SSL_check_chain (CVE-2020-1967)
=====================================================
Severity: High
Server or client applications that call the SSL_check_chain() function during or
after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a
result of incorrect handling of the "signature_algorithms_cert" TLS extension.
The crash occurs if an invalid or unrecognised signature algorithm is received
from the peer. This could be exploited by a malicious peer in a Denial of
Service attack.
OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This
issue did not affect OpenSSL versions prior to 1.1.1d.
Affected OpenSSL 1.1.1 users should upgrade to 1.1.1g
This issue was found by Bernd Edlinger and reported to OpenSSL on 7th April
2020. It was found using the new static analysis pass being implemented in GCC,
-fanalyzer. Additional analysis was performed by Matt Caswell and Benjamin
Kaduk.
Re: FDM 6.9
FDM 6.9 creates a hidden folder <.freedownloadmanager> in the root of the disk. Why is this? How to remove it?
Re: FDM 6.9
Manually configure proxy, does not support SOCKS5?
Manually configured SOCKS5 proxy mode cannot be downloaded.
Manually configured SOCKS5 proxy mode cannot be downloaded.
-
- Posts: 13
- Joined: Sat May 02, 2020 4:54 pm
Re: FDM 6.9
Congratulations on the stable release. It is working perfectly here so far.
My only suggestion is that you look into the OpenSSL issue the user reported as soon as possible because it concerns security. Can we upgrade this supposedly vulnerable component of FDM manually?
My only suggestion is that you look into the OpenSSL issue the user reported as soon as possible because it concerns security. Can we upgrade this supposedly vulnerable component of FDM manually?
FDM-6 wrote:FDM6 integrates OpenSSL version 1.1.1d
OpenSS has serious vulnerabilities on TLS 1.3
OpenSS has been updated in time, Affected OpenSSL 1.1.1 users should upgrade to 1.1.1g
https://www.openssl.org/news/secadv/20200421.txt
OpenSSL Security Advisory [21 April 2020]
=========================================
Segmentation fault in SSL_check_chain (CVE-2020-1967)
=====================================================
Severity: High
Server or client applications that call the SSL_check_chain() function during or
after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a
result of incorrect handling of the "signature_algorithms_cert" TLS extension.
The crash occurs if an invalid or unrecognised signature algorithm is received
from the peer. This could be exploited by a malicious peer in a Denial of
Service attack.
OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This
issue did not affect OpenSSL versions prior to 1.1.1d.
Affected OpenSSL 1.1.1 users should upgrade to 1.1.1g
This issue was found by Bernd Edlinger and reported to OpenSSL on 7th April
2020. It was found using the new static analysis pass being implemented in GCC,
-fanalyzer. Additional analysis was performed by Matt Caswell and Benjamin
Kaduk.
Re: FDM 6.9
SOCKS5? wrote:Manually configure proxy, does not support SOCKS5?
Manually configured SOCKS5 proxy mode cannot be downloaded.
This is a problem of your own setting, not the cause of FDM.
Re: FDM 6.9
Hello,
Congratulations on the release of FDM6 stable version!
It is recommended to add and delete the default "tag" option
Provide convenience for user-defined FDM style
Effect picture after custom deleting (Torrent, YouTube, Video, Music) "tag"
https://ibb.co/1TKsSzN
Congratulations on the release of FDM6 stable version!
It is recommended to add and delete the default "tag" option
Provide convenience for user-defined FDM style
Effect picture after custom deleting (Torrent, YouTube, Video, Music) "tag"
https://ibb.co/1TKsSzN
Re: FDM 6.9
So now can I use this instead of 3.xx and have it work as well as 3.xx did?
Would I need to uninstall 3.xx or just leave it installed?
Would I need to uninstall 3.xx or just leave it installed?
-
- FDM Team
- Posts: 1396
- Joined: Wed Nov 12, 2008 12:06 pm
Re: FDM 6.9
hoodlum8 wrote:So now can I use this instead of 3.xx and have it work as well as 3.xx did?
Would I need to uninstall 3.xx or just leave it installed?
It's a full-featured standalone release.
Re: FDM 6.9
Clive Sorensson wrote:hoodlum8 wrote:So now can I use this instead of 3.xx and have it work as well as 3.xx did?
Would I need to uninstall 3.xx or just leave it installed?
It's a full-featured standalone release.
I guess the option to add a downloaded file sound is gone. or I can't see it in preferences.
Also I'd like the main download screen to be a bit more re sizeable, its a bit too big the way its coded. Like 3.xx was.
Other than that it did seem to keep my settings from 3.97 after I installed this 6.9 and removed the start menu icon for 3.97.. Be nice to add a bit more color to the various selection icons.
Thanks though for a nice down-loader.
Re: FDM 6.9
I can't install fdm v6.9 in macos because it's blocked by avast. avast shield alert showed: "infected with MacOS:Bundlore-FC{Adw]. What ecxactly is that???
-
- FDM Team
- Posts: 1396
- Joined: Wed Nov 12, 2008 12:06 pm
Re: FDM 6.9
Yudhi wrote:I can't install fdm v6.9 in macos because it's blocked by avast. avast shield alert showed: "infected with MacOS:Bundlore-FC{Adw]. What ecxactly is that???
That's unexpected, thank your for alarming us to this.
Re: FDM 6.9
Where did you get that file from? Avast warns that the install package is bundled with some adware.Yudhi wrote: "infected with MacOS:Bundlore-FC{Adw]. What ecxactly is that???
Andrzej P. Wozniak, FDM user and forum moderator
Read FDM FAQ and the reporting rules
"How to report a bug or a problem with FDM" before posting
Read FDM FAQ and the reporting rules
"How to report a bug or a problem with FDM" before posting
Re: FDM 6.9
Usher wrote:Where did you get that file from? Avast warns that the install package is bundled with some adware.Yudhi wrote: "infected with MacOS:Bundlore-FC{Adw]. What ecxactly is that???
of course, downloaded from https://www.freedownloadmanager.org/
Who is online
Users browsing this forum: No registered users and 7 guests