155714Skris 255714Skris NEWS 355714Skris ==== 455714Skris 555714Skris This file gives a brief overview of the major changes between each OpenSSL 655714Skris release. For more details please read the CHANGES file. 755714Skris 8306196Sjkim Major changes between OpenSSL 1.0.1t and OpenSSL 1.0.1u [22 Sep 2016] 9306196Sjkim 10306196Sjkim o OCSP Status Request extension unbounded memory growth (CVE-2016-6304) 11306196Sjkim o SWEET32 Mitigation (CVE-2016-2183) 12306196Sjkim o OOB write in MDC2_Update() (CVE-2016-6303) 13306196Sjkim o Malformed SHA512 ticket DoS (CVE-2016-6302) 14306196Sjkim o OOB write in BN_bn2dec() (CVE-2016-2182) 15306196Sjkim o OOB read in TS_OBJ_print_bio() (CVE-2016-2180) 16306196Sjkim o Pointer arithmetic undefined behaviour (CVE-2016-2177) 17306196Sjkim o Constant time flag not preserved in DSA signing (CVE-2016-2178) 18306196Sjkim o DTLS buffered message DoS (CVE-2016-2179) 19306196Sjkim o DTLS replay protection DoS (CVE-2016-2181) 20306196Sjkim o Certificate message OOB reads (CVE-2016-6306) 21306196Sjkim 22298999Sjkim Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016] 23298999Sjkim 24298999Sjkim o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107) 25298999Sjkim o Fix EVP_EncodeUpdate overflow (CVE-2016-2105) 26298999Sjkim o Fix EVP_EncryptUpdate overflow (CVE-2016-2106) 27298999Sjkim o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109) 28298999Sjkim o EBCDIC overread (CVE-2016-2176) 29298999Sjkim o Modify behavior of ALPN to invoke callback after SNI/servername 30298999Sjkim callback, such that updates to the SSL_CTX affect ALPN. 31298999Sjkim o Remove LOW from the DEFAULT cipher list. This removes singles DES from 32298999Sjkim the default. 33298999Sjkim o Only remove the SSLv2 methods with the no-ssl2-method option. 34298999Sjkim 35296317Sdelphij Major changes between OpenSSL 1.0.1r and OpenSSL 1.0.1s [1 Mar 2016] 36296317Sdelphij 37296317Sdelphij o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. 38296317Sdelphij o Disable SSLv2 default build, default negotiation and weak ciphers 39296317Sdelphij (CVE-2016-0800) 40296317Sdelphij o Fix a double-free in DSA code (CVE-2016-0705) 41296317Sdelphij o Disable SRP fake user seed to address a server memory leak 42296317Sdelphij (CVE-2016-0798) 43296317Sdelphij o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption 44296317Sdelphij (CVE-2016-0797) 45296317Sdelphij o Fix memory issues in BIO_*printf functions (CVE-2016-0799) 46296317Sdelphij o Fix side channel attack on modular exponentiation (CVE-2016-0702) 47296317Sdelphij 48295016Sjkim Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016] 49295016Sjkim 50295016Sjkim o Protection for DH small subgroup attacks 51295016Sjkim o SSLv2 doesn't block disabled ciphers (CVE-2015-3197) 52295016Sjkim 53291721Sjkim Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015] 54291721Sjkim 55291721Sjkim o Certificate verify crash with missing PSS parameter (CVE-2015-3194) 56291721Sjkim o X509_ATTRIBUTE memory leak (CVE-2015-3195) 57291721Sjkim o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs 58291721Sjkim o In DSA_generate_parameters_ex, if the provided seed is too short, 59291721Sjkim return an error 60291721Sjkim 61285330Sjkim Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015] 62285330Sjkim 63285330Sjkim o Alternate chains certificate forgery (CVE-2015-1793) 64291721Sjkim o Race condition handling PSK identify hint (CVE-2015-3196) 65285330Sjkim 66284330Sjkim Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015] 67284330Sjkim 68284330Sjkim o Fix HMAC ABI incompatibility 69284330Sjkim 70284285Sjkim Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015] 71284285Sjkim 72284285Sjkim o Malformed ECParameters causes infinite loop (CVE-2015-1788) 73284285Sjkim o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) 74284285Sjkim o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) 75284285Sjkim o CMS verify infinite loop with unknown hash function (CVE-2015-1792) 76284285Sjkim o Race condition handling NewSessionTicket (CVE-2015-1791) 77284285Sjkim 78280304Sjkim Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015] 79280304Sjkim 80280304Sjkim o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286) 81280304Sjkim o ASN.1 structure reuse memory corruption fix (CVE-2015-0287) 82280304Sjkim o PKCS7 NULL pointer dereferences fix (CVE-2015-0289) 83280304Sjkim o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293) 84280304Sjkim o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209) 85280304Sjkim o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288) 86280304Sjkim o Removed the export ciphers from the DEFAULT ciphers 87280304Sjkim 88277597Sjkim Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015] 89277597Sjkim 90277597Sjkim o Build fixes for the Windows and OpenVMS platforms 91277597Sjkim 92276864Sjkim Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015] 93276864Sjkim 94276864Sjkim o Fix for CVE-2014-3571 95276864Sjkim o Fix for CVE-2015-0206 96276864Sjkim o Fix for CVE-2014-3569 97276864Sjkim o Fix for CVE-2014-3572 98276864Sjkim o Fix for CVE-2015-0204 99276864Sjkim o Fix for CVE-2015-0205 100276864Sjkim o Fix for CVE-2014-8275 101276864Sjkim o Fix for CVE-2014-3570 102276864Sjkim 103273149Sjkim Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014] 104273149Sjkim 105273149Sjkim o Fix for CVE-2014-3513 106273149Sjkim o Fix for CVE-2014-3567 107273149Sjkim o Mitigation for CVE-2014-3566 (SSL protocol vulnerability) 108273149Sjkim o Fix for CVE-2014-3568 109273149Sjkim 110269686Sjkim Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014] 111269686Sjkim 112269686Sjkim o Fix for CVE-2014-3512 113269686Sjkim o Fix for CVE-2014-3511 114269686Sjkim o Fix for CVE-2014-3510 115269686Sjkim o Fix for CVE-2014-3507 116269686Sjkim o Fix for CVE-2014-3506 117269686Sjkim o Fix for CVE-2014-3505 118269686Sjkim o Fix for CVE-2014-3509 119269686Sjkim o Fix for CVE-2014-5139 120269686Sjkim o Fix for CVE-2014-3508 121269686Sjkim 122267258Sjkim Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014] 123267258Sjkim 124267258Sjkim o Fix for CVE-2014-0224 125267258Sjkim o Fix for CVE-2014-0221 126269686Sjkim o Fix for CVE-2014-0198 127267258Sjkim o Fix for CVE-2014-0195 128267258Sjkim o Fix for CVE-2014-3470 129267258Sjkim o Fix for CVE-2010-5298 130267258Sjkim 131264331Sjkim Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014] 132246772Sjkim 133264331Sjkim o Fix for CVE-2014-0160 134264331Sjkim o Add TLS padding extension workaround for broken servers. 135264331Sjkim o Fix for CVE-2014-0076 136264331Sjkim 137264331Sjkim Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014] 138264331Sjkim 139264331Sjkim o Don't include gmt_unix_time in TLS server and client random values 140264331Sjkim o Fix for TLS record tampering bug CVE-2013-4353 141264331Sjkim o Fix for TLS version checking bug CVE-2013-6449 142264331Sjkim o Fix for DTLS retransmission bug CVE-2013-6450 143264331Sjkim 144264331Sjkim Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]: 145264331Sjkim 146246772Sjkim o Corrected fix for CVE-2013-0169 147246772Sjkim 148264331Sjkim Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]: 149246772Sjkim 150246772Sjkim o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. 151246772Sjkim o Include the fips configuration module. 152246772Sjkim o Fix OCSP bad key DoS attack CVE-2013-0166 153246772Sjkim o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 154246772Sjkim o Fix for TLS AESNI record handling flaw CVE-2012-2686 155246772Sjkim 156264331Sjkim Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]: 157237657Sjkim 158238405Sjkim o Fix TLS/DTLS record length checking bug CVE-2012-2333 159238405Sjkim o Don't attempt to use non-FIPS composite ciphers in FIPS mode. 160237657Sjkim 161264331Sjkim Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]: 162237657Sjkim 163238405Sjkim o Fix compilation error on non-x86 platforms. 164238405Sjkim o Make FIPS capable OpenSSL ciphers work in non-FIPS mode. 165238405Sjkim o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0 166237657Sjkim 167264331Sjkim Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]: 168237657Sjkim 169237657Sjkim o Fix for ASN1 overflow bug CVE-2012-2110 170238405Sjkim o Workarounds for some servers that hang on long client hellos. 171238405Sjkim o Fix SEGV in AES code. 172237657Sjkim 173264331Sjkim Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]: 174237657Sjkim 175238405Sjkim o TLS/DTLS heartbeat support. 176238405Sjkim o SCTP support. 177238405Sjkim o RFC 5705 TLS key material exporter. 178238405Sjkim o RFC 5764 DTLS-SRTP negotiation. 179238405Sjkim o Next Protocol Negotiation. 180238405Sjkim o PSS signatures in certificates, requests and CRLs. 181238405Sjkim o Support for password based recipient info for CMS. 182238405Sjkim o Support TLS v1.2 and TLS v1.1. 183238405Sjkim o Preliminary FIPS capability for unvalidated 2.0 FIPS module. 184238405Sjkim o SRP support. 185238405Sjkim 186264331Sjkim Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]: 187264331Sjkim 188237657Sjkim o Fix for CMS/PKCS#7 MMA CVE-2012-0884 189237657Sjkim o Corrected fix for CVE-2011-4619 190237657Sjkim o Various DTLS fixes. 191237657Sjkim 192264331Sjkim Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]: 193237657Sjkim 194237657Sjkim o Fix for DTLS DoS issue CVE-2012-0050 195237657Sjkim 196264331Sjkim Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]: 197237657Sjkim 198237657Sjkim o Fix for DTLS plaintext recovery attack CVE-2011-4108 199237657Sjkim o Clear block padding bytes of SSL 3.0 records CVE-2011-4576 200237657Sjkim o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619 201238405Sjkim o Check parameters are not NULL in GOST ENGINE CVE-2012-0027 202237657Sjkim o Check for malformed RFC3779 data CVE-2011-4577 203237657Sjkim 204264331Sjkim Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]: 205238405Sjkim 206238405Sjkim o Fix for CRL vulnerability issue CVE-2011-3207 207238405Sjkim o Fix for ECDH crashes CVE-2011-3210 208238405Sjkim o Protection against EC timing attacks. 209238405Sjkim o Support ECDH ciphersuites for certificates using SHA2 algorithms. 210238405Sjkim o Various DTLS fixes. 211238405Sjkim 212264331Sjkim Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]: 213238405Sjkim 214238405Sjkim o Fix for security issue CVE-2011-0014 215238405Sjkim 216264331Sjkim Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]: 217238405Sjkim 218238405Sjkim o Fix for security issue CVE-2010-4180 219238405Sjkim o Fix for CVE-2010-4252 220238405Sjkim o Fix mishandling of absent EC point format extension. 221238405Sjkim o Fix various platform compilation issues. 222238405Sjkim o Corrected fix for security issue CVE-2010-3864. 223238405Sjkim 224264331Sjkim Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]: 225238405Sjkim 226238405Sjkim o Fix for security issue CVE-2010-3864. 227238405Sjkim o Fix for CVE-2010-2939 228238405Sjkim o Fix WIN32 build system for GOST ENGINE. 229238405Sjkim 230264331Sjkim Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]: 231238405Sjkim 232238405Sjkim o Fix for security issue CVE-2010-1633. 233238405Sjkim o GOST MAC and CFB fixes. 234238405Sjkim 235264331Sjkim Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]: 236238405Sjkim 237238405Sjkim o RFC3280 path validation: sufficient to process PKITS tests. 238238405Sjkim o Integrated support for PVK files and keyblobs. 239238405Sjkim o Change default private key format to PKCS#8. 240238405Sjkim o CMS support: able to process all examples in RFC4134 241238405Sjkim o Streaming ASN1 encode support for PKCS#7 and CMS. 242238405Sjkim o Multiple signer and signer add support for PKCS#7 and CMS. 243238405Sjkim o ASN1 printing support. 244238405Sjkim o Whirlpool hash algorithm added. 245238405Sjkim o RFC3161 time stamp support. 246238405Sjkim o New generalised public key API supporting ENGINE based algorithms. 247238405Sjkim o New generalised public key API utilities. 248238405Sjkim o New ENGINE supporting GOST algorithms. 249238405Sjkim o SSL/TLS GOST ciphersuite support. 250238405Sjkim o PKCS#7 and CMS GOST support. 251238405Sjkim o RFC4279 PSK ciphersuite support. 252238405Sjkim o Supported points format extension for ECC ciphersuites. 253238405Sjkim o ecdsa-with-SHA224/256/384/512 signature types. 254238405Sjkim o dsa-with-SHA224 and dsa-with-SHA256 signature types. 255238405Sjkim o Opaque PRF Input TLS extension support. 256238405Sjkim o Updated time routines to avoid OS limitations. 257238405Sjkim 258264331Sjkim Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]: 259206046Ssimon 260206046Ssimon o CFB cipher definition fixes. 261206046Ssimon o Fix security issues CVE-2010-0740 and CVE-2010-0433. 262206046Ssimon 263264331Sjkim Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010]: 264205128Ssimon 265205128Ssimon o Cipher definition fixes. 266205128Ssimon o Workaround for slow RAND_poll() on some WIN32 versions. 267205128Ssimon o Remove MD2 from algorithm tables. 268205128Ssimon o SPKAC handling fixes. 269205128Ssimon o Support for RFC5746 TLS renegotiation extension. 270205128Ssimon o Compression memory leak fixed. 271205128Ssimon o Compression session resumption fixed. 272205128Ssimon o Ticket and SNI coexistence fixes. 273205128Ssimon o Many fixes to DTLS handling. 274205128Ssimon 275264331Sjkim Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]: 276205128Ssimon 277205128Ssimon o Temporary work around for CVE-2009-3555: disable renegotiation. 278205128Ssimon 279264331Sjkim Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009]: 280194206Ssimon 281194206Ssimon o Fix various build issues. 282194206Ssimon o Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789) 283194206Ssimon 284264331Sjkim Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009]: 285194206Ssimon 286194206Ssimon o Fix security issue (CVE-2008-5077) 287194206Ssimon o Merge FIPS 140-2 branch code. 288194206Ssimon 289264331Sjkim Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008]: 290194206Ssimon 291194206Ssimon o CryptoAPI ENGINE support. 292194206Ssimon o Various precautionary measures. 293194206Ssimon o Fix for bugs affecting certificate request creation. 294194206Ssimon o Support for local machine keyset attribute in PKCS#12 files. 295194206Ssimon 296264331Sjkim Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007]: 297194206Ssimon 298194206Ssimon o Backport of CMS functionality to 0.9.8. 299194206Ssimon o Fixes for bugs introduced with 0.9.8f. 300194206Ssimon 301264331Sjkim Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]: 302194206Ssimon 303194206Ssimon o Add gcc 4.2 support. 304194206Ssimon o Add support for AES and SSE2 assembly lanugauge optimization 305194206Ssimon for VC++ build. 306194206Ssimon o Support for RFC4507bis and server name extensions if explicitly 307194206Ssimon selected at compile time. 308194206Ssimon o DTLS improvements. 309194206Ssimon o RFC4507bis support. 310194206Ssimon o TLS Extensions support. 311194206Ssimon 312264331Sjkim Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007]: 313162911Ssimon 314167612Ssimon o Various ciphersuite selection fixes. 315167612Ssimon o RFC3779 support. 316167612Ssimon 317264331Sjkim Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006]: 318167612Ssimon 319162911Ssimon o Introduce limits to prevent malicious key DoS (CVE-2006-2940) 320162911Ssimon o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343) 321162911Ssimon o Changes to ciphersuite selection algorithm 322162911Ssimon 323264331Sjkim Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006]: 324162911Ssimon 325162911Ssimon o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 326162911Ssimon o New cipher Camellia 327162911Ssimon 328264331Sjkim Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006]: 329160814Ssimon 330160814Ssimon o Cipher string fixes. 331160814Ssimon o Fixes for VC++ 2005. 332160814Ssimon o Updated ECC cipher suite support. 333160814Ssimon o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free(). 334160814Ssimon o Zlib compression usage fixes. 335160814Ssimon o Built in dynamic engine compilation support on Win32. 336160814Ssimon o Fixes auto dynamic engine loading in Win32. 337160814Ssimon 338264331Sjkim Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005]: 339160814Ssimon 340162911Ssimon o Fix potential SSL 2.0 rollback, CVE-2005-2969 341160814Ssimon o Extended Windows CE support 342160814Ssimon 343264331Sjkim Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005]: 344160814Ssimon 345160814Ssimon o Major work on the BIGNUM library for higher efficiency and to 346160814Ssimon make operations more streamlined and less contradictory. This 347160814Ssimon is the result of a major audit of the BIGNUM library. 348160814Ssimon o Addition of BIGNUM functions for fields GF(2^m) and NIST 349160814Ssimon curves, to support the Elliptic Crypto functions. 350160814Ssimon o Major work on Elliptic Crypto; ECDH and ECDSA added, including 351160814Ssimon the use through EVP, X509 and ENGINE. 352160814Ssimon o New ASN.1 mini-compiler that's usable through the OpenSSL 353160814Ssimon configuration file. 354160814Ssimon o Added support for ASN.1 indefinite length constructed encoding. 355160814Ssimon o New PKCS#12 'medium level' API to manipulate PKCS#12 files. 356160814Ssimon o Complete rework of shared library construction and linking 357160814Ssimon programs with shared or static libraries, through a separate 358160814Ssimon Makefile.shared. 359160814Ssimon o Rework of the passing of parameters from one Makefile to another. 360160814Ssimon o Changed ENGINE framework to load dynamic engine modules 361160814Ssimon automatically from specifically given directories. 362160814Ssimon o New structure and ASN.1 functions for CertificatePair. 363160814Ssimon o Changed the ZLIB compression method to be stateful. 364160814Ssimon o Changed the key-generation and primality testing "progress" 365160814Ssimon mechanism to take a structure that contains the ticker 366160814Ssimon function and an argument. 367160814Ssimon o New engine module: GMP (performs private key exponentiation). 368160814Ssimon o New engine module: VIA PadLOck ACE extension in VIA C3 369160814Ssimon Nehemiah processors. 370160814Ssimon o Added support for IPv6 addresses in certificate extensions. 371160814Ssimon See RFC 1884, section 2.2. 372160814Ssimon o Added support for certificate policy mappings, policy 373160814Ssimon constraints and name constraints. 374160814Ssimon o Added support for multi-valued AVAs in the OpenSSL 375160814Ssimon configuration file. 376160814Ssimon o Added support for multiple certificates with the same subject 377160814Ssimon in the 'openssl ca' index file. 378160814Ssimon o Make it possible to create self-signed certificates using 379160814Ssimon 'openssl ca -selfsign'. 380160814Ssimon o Make it possible to generate a serial number file with 381160814Ssimon 'openssl ca -create_serial'. 382160814Ssimon o New binary search functions with extended functionality. 383160814Ssimon o New BUF functions. 384160814Ssimon o New STORE structure and library to provide an interface to all 385160814Ssimon sorts of data repositories. Supports storage of public and 386160814Ssimon private keys, certificates, CRLs, numbers and arbitrary blobs. 387160814Ssimon This library is unfortunately unfinished and unused withing 388160814Ssimon OpenSSL. 389160814Ssimon o New control functions for the error stack. 390160814Ssimon o Changed the PKCS#7 library to support one-pass S/MIME 391160814Ssimon processing. 392160814Ssimon o Added the possibility to compile without old deprecated 393160814Ssimon functionality with the OPENSSL_NO_DEPRECATED macro or the 394160814Ssimon 'no-deprecated' argument to the config and Configure scripts. 395160814Ssimon o Constification of all ASN.1 conversion functions, and other 396160814Ssimon affected functions. 397160814Ssimon o Improved platform support for PowerPC. 398160814Ssimon o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512). 399160814Ssimon o New X509_VERIFY_PARAM structure to support parametrisation 400160814Ssimon of X.509 path validation. 401160814Ssimon o Major overhaul of RC4 performance on Intel P4, IA-64 and 402160814Ssimon AMD64. 403160814Ssimon o Changed the Configure script to have some algorithms disabled 404160814Ssimon by default. Those can be explicitely enabled with the new 405160814Ssimon argument form 'enable-xxx'. 406160814Ssimon o Change the default digest in 'openssl' commands from MD5 to 407160814Ssimon SHA-1. 408160814Ssimon o Added support for DTLS. 409160814Ssimon o New BIGNUM blinding. 410160814Ssimon o Added support for the RSA-PSS encryption scheme 411160814Ssimon o Added support for the RSA X.931 padding. 412160814Ssimon o Added support for BSD sockets on NetWare. 413160814Ssimon o Added support for files larger than 2GB. 414160814Ssimon o Added initial support for Win64. 415160814Ssimon o Added alternate pkg-config files. 416160814Ssimon 417264331Sjkim Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007]: 418237657Sjkim 419237657Sjkim o FIPS 1.1.1 module linking. 420237657Sjkim o Various ciphersuite selection fixes. 421237657Sjkim 422264331Sjkim Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006]: 423167612Ssimon 424167612Ssimon o Introduce limits to prevent malicious key DoS (CVE-2006-2940) 425167612Ssimon o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343) 426167612Ssimon 427264331Sjkim Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006]: 428162911Ssimon 429162911Ssimon o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 430162911Ssimon 431264331Sjkim Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006]: 432160814Ssimon 433160814Ssimon o Visual C++ 2005 fixes. 434160814Ssimon o Update Windows build system for FIPS. 435160814Ssimon 436264331Sjkim Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]: 437160814Ssimon 438160814Ssimon o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build. 439160814Ssimon 440264331Sjkim Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]: 441160814Ssimon 442162911Ssimon o Fix SSL 2.0 Rollback, CVE-2005-2969 443160814Ssimon o Allow use of fixed-length exponent on DSA signing 444160814Ssimon o Default fixed-window RSA, DSA, DH private-key operations 445160814Ssimon 446264331Sjkim Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005]: 447160814Ssimon 448160814Ssimon o More compilation issues fixed. 449160814Ssimon o Adaptation to more modern Kerberos API. 450160814Ssimon o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin. 451160814Ssimon o Enhanced x86_64 assembler BIGNUM module. 452160814Ssimon o More constification. 453160814Ssimon o Added processing of proxy certificates (RFC 3820). 454160814Ssimon 455264331Sjkim Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005]: 456160814Ssimon 457160814Ssimon o Several compilation issues fixed. 458160814Ssimon o Many memory allocation failure checks added. 459160814Ssimon o Improved comparison of X509 Name type. 460160814Ssimon o Mandatory basic checks on certificates. 461160814Ssimon o Performance improvements. 462160814Ssimon 463264331Sjkim Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004]: 464142425Snectar 465142425Snectar o Fix race condition in CRL checking code. 466142425Snectar o Fixes to PKCS#7 (S/MIME) code. 467142425Snectar 468264331Sjkim Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004]: 469127128Snectar 470127128Snectar o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug 471127128Snectar o Security: Fix null-pointer assignment in do_change_cipher_spec() 472127128Snectar o Allow multiple active certificates with same subject in CA index 473142425Snectar o Multiple X509 verification fixes 474127128Snectar o Speed up HMAC and other operations 475127128Snectar 476264331Sjkim Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003]: 477120631Snectar 478120631Snectar o Security: fix various ASN1 parsing bugs. 479120631Snectar o New -ignore_err option to OCSP utility. 480120631Snectar o Various interop and bug fixes in S/MIME code. 481120631Snectar o SSL/TLS protocol fix for unrequested client certificates. 482120631Snectar 483264331Sjkim Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]: 484120631Snectar 485120631Snectar o Security: counter the Klima-Pokorny-Rosa extension of 486120631Snectar Bleichbacher's attack 487120631Snectar o Security: make RSA blinding default. 488120631Snectar o Configuration: Irix fixes, AIX fixes, better mingw support. 489120631Snectar o Support for new platforms: linux-ia64-ecc. 490120631Snectar o Build: shared library support fixes. 491120631Snectar o ASN.1: treat domainComponent correctly. 492120631Snectar o Documentation: fixes and additions. 493120631Snectar 494264331Sjkim Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003]: 495111147Snectar 496111147Snectar o Security: Important security related bugfixes. 497111147Snectar o Enhanced compatibility with MIT Kerberos. 498111147Snectar o Can be built without the ENGINE framework. 499111147Snectar o IA32 assembler enhancements. 500111147Snectar o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64. 501111147Snectar o Configuration: the no-err option now works properly. 502111147Snectar o SSL/TLS: now handles manual certificate chain building. 503111147Snectar o SSL/TLS: certain session ID malfunctions corrected. 504111147Snectar 505264331Sjkim Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002]: 506109998Smarkm 507109998Smarkm o New library section OCSP. 508109998Smarkm o Complete rewrite of ASN1 code. 509109998Smarkm o CRL checking in verify code and openssl utility. 510109998Smarkm o Extension copying in 'ca' utility. 511109998Smarkm o Flexible display options in 'ca' utility. 512109998Smarkm o Provisional support for international characters with UTF8. 513109998Smarkm o Support for external crypto devices ('engine') is no longer 514109998Smarkm a separate distribution. 515109998Smarkm o New elliptic curve library section. 516109998Smarkm o New AES (Rijndael) library section. 517109998Smarkm o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit, 518109998Smarkm Linux x86_64, Linux 64-bit on Sparc v9 519109998Smarkm o Extended support for some platforms: VxWorks 520109998Smarkm o Enhanced support for shared libraries. 521109998Smarkm o Now only builds PIC code when shared library support is requested. 522109998Smarkm o Support for pkg-config. 523109998Smarkm o Lots of new manuals. 524109998Smarkm o Makes symbolic links to or copies of manuals to cover all described 525109998Smarkm functions. 526109998Smarkm o Change DES API to clean up the namespace (some applications link also 527109998Smarkm against libdes providing similar functions having the same name). 528109998Smarkm Provide macros for backward compatibility (will be removed in the 529109998Smarkm future). 530109998Smarkm o Unify handling of cryptographic algorithms (software and engine) 531109998Smarkm to be available via EVP routines for asymmetric and symmetric ciphers. 532109998Smarkm o NCONF: new configuration handling routines. 533109998Smarkm o Change API to use more 'const' modifiers to improve error checking 534109998Smarkm and help optimizers. 535109998Smarkm o Finally remove references to RSAref. 536109998Smarkm o Reworked parts of the BIGNUM code. 537109998Smarkm o Support for new engines: Broadcom ubsec, Accelerated Encryption 538109998Smarkm Processing, IBM 4758. 539109998Smarkm o A few new engines added in the demos area. 540109998Smarkm o Extended and corrected OID (object identifier) table. 541109998Smarkm o PRNG: query at more locations for a random device, automatic query for 542109998Smarkm EGD style random sources at several locations. 543109998Smarkm o SSL/TLS: allow optional cipher choice according to server's preference. 544109998Smarkm o SSL/TLS: allow server to explicitly set new session ids. 545109998Smarkm o SSL/TLS: support Kerberos cipher suites (RFC2712). 546109998Smarkm Only supports MIT Kerberos for now. 547109998Smarkm o SSL/TLS: allow more precise control of renegotiations and sessions. 548109998Smarkm o SSL/TLS: add callback to retrieve SSL/TLS messages. 549109998Smarkm o SSL/TLS: support AES cipher suites (RFC3268). 550109998Smarkm 551264331Sjkim Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003]: 552120631Snectar 553120631Snectar o Security: fix various ASN1 parsing bugs. 554120631Snectar o SSL/TLS protocol fix for unrequested client certificates. 555120631Snectar 556264331Sjkim Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]: 557120631Snectar 558120631Snectar o Security: counter the Klima-Pokorny-Rosa extension of 559120631Snectar Bleichbacher's attack 560120631Snectar o Security: make RSA blinding default. 561120631Snectar o Build: shared library support fixes. 562120631Snectar 563264331Sjkim Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003]: 564111147Snectar 565111147Snectar o Important security related bugfixes. 566111147Snectar 567264331Sjkim Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002]: 568109998Smarkm 569109998Smarkm o New configuration targets for Tandem OSS and A/UX. 570109998Smarkm o New OIDs for Microsoft attributes. 571109998Smarkm o Better handling of SSL session caching. 572109998Smarkm o Better comparison of distinguished names. 573109998Smarkm o Better handling of shared libraries in a mixed GNU/non-GNU environment. 574109998Smarkm o Support assembler code with Borland C. 575109998Smarkm o Fixes for length problems. 576109998Smarkm o Fixes for uninitialised variables. 577109998Smarkm o Fixes for memory leaks, some unusual crashes and some race conditions. 578109998Smarkm o Fixes for smaller building problems. 579109998Smarkm o Updates of manuals, FAQ and other instructive documents. 580109998Smarkm 581264331Sjkim Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002]: 582101618Snectar 583101618Snectar o Important building fixes on Unix. 584101618Snectar 585264331Sjkim Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002]: 586101613Snectar 587101613Snectar o Various important bugfixes. 588101613Snectar 589264331Sjkim Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002]: 590101613Snectar 591101613Snectar o Important security related bugfixes. 592101613Snectar o Various SSL/TLS library bugfixes. 593101613Snectar 594264331Sjkim Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002]: 59589837Skris 59689837Skris o Various SSL/TLS library bugfixes. 597100928Snectar o Fix DH parameter generation for 'non-standard' generators. 598100928Snectar 599264331Sjkim Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001]: 600100928Snectar 601100928Snectar o Various SSL/TLS library bugfixes. 60289837Skris o BIGNUM library fixes. 60389837Skris o RSA OAEP and random number generation fixes. 60489837Skris o Object identifiers corrected and added. 60589837Skris o Add assembler BN routines for IA64. 60689837Skris o Add support for OS/390 Unix, UnixWare with gcc, OpenUNIX 8, 60789837Skris MIPS Linux; shared library support for Irix, HP-UX. 60889837Skris o Add crypto accelerator support for AEP, Baltimore SureWare, 60989837Skris Broadcom and Cryptographic Appliance's keyserver 61089837Skris [in 0.9.6c-engine release]. 61189837Skris 612264331Sjkim Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001]: 61379998Skris 61479998Skris o Security fix: PRNG improvements. 61579998Skris o Security fix: RSA OAEP check. 61679998Skris o Security fix: Reinsert and fix countermeasure to Bleichbacher's 61779998Skris attack. 61879998Skris o MIPS bug fix in BIGNUM. 61979998Skris o Bug fix in "openssl enc". 62079998Skris o Bug fix in X.509 printing routine. 62179998Skris o Bug fix in DSA verification routine and DSA S/MIME verification. 62279998Skris o Bug fix to make PRNG thread-safe. 62379998Skris o Bug fix in RAND_file_name(). 62479998Skris o Bug fix in compatibility mode trust settings. 62579998Skris o Bug fix in blowfish EVP. 62679998Skris o Increase default size for BIO buffering filter. 62779998Skris o Compatibility fixes in some scripts. 62879998Skris 629264331Sjkim Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001]: 63076866Skris 63176866Skris o Security fix: change behavior of OpenSSL to avoid using 63276866Skris environment variables when running as root. 63376866Skris o Security fix: check the result of RSA-CRT to reduce the 63476866Skris possibility of deducing the private key from an incorrectly 63576866Skris calculated signature. 63676866Skris o Security fix: prevent Bleichenbacher's DSA attack. 63776866Skris o Security fix: Zero the premaster secret after deriving the 63876866Skris master secret in DH ciphersuites. 63976866Skris o Reimplement SSL_peek(), which had various problems. 64076866Skris o Compatibility fix: the function des_encrypt() renamed to 64176866Skris des_encrypt1() to avoid clashes with some Unixen libc. 64276866Skris o Bug fixes for Win32, HP/UX and Irix. 64376866Skris o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and 64476866Skris memory checking routines. 645100936Snectar o Bug fixes for RSA operations in threaded environments. 64676866Skris o Bug fixes in misc. openssl applications. 64776866Skris o Remove a few potential memory leaks. 64876866Skris o Add tighter checks of BIGNUM routines. 64976866Skris o Shared library support has been reworked for generality. 65076866Skris o More documentation. 65176866Skris o New function BN_rand_range(). 65276866Skris o Add "-rand" option to openssl s_client and s_server. 65376866Skris 654264331Sjkim Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000]: 65568651Skris 65668651Skris o Some documentation for BIO and SSL libraries. 65768651Skris o Enhanced chain verification using key identifiers. 65868651Skris o New sign and verify options to 'dgst' application. 65968651Skris o Support for DER and PEM encoded messages in 'smime' application. 66068651Skris o New 'rsautl' application, low level RSA utility. 66168651Skris o MD4 now included. 66268651Skris o Bugfix for SSL rollback padding check. 66368651Skris o Support for external crypto devices [1]. 66468651Skris o Enhanced EVP interface. 66568651Skris 66668651Skris [1] The support for external crypto devices is currently a separate 66768651Skris distribution. See the file README.ENGINE. 66868651Skris 669264331Sjkim Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]: 67059191Skris 67159191Skris o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 67259191Skris o Shared library support for HPUX and Solaris-gcc 67359191Skris o Support of Linux/IA64 67459191Skris o Assembler support for Mingw32 67559191Skris o New 'rand' application 67659191Skris o New way to check for existence of algorithms from scripts 67759191Skris 678264331Sjkim Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000]: 67959191Skris 68059191Skris o S/MIME support in new 'smime' command 68159191Skris o Documentation for the OpenSSL command line application 68259191Skris o Automation of 'req' application 68359191Skris o Fixes to make s_client, s_server work under Windows 68459191Skris o Support for multiple fieldnames in SPKACs 68559191Skris o New SPKAC command line utilty and associated library functions 68659191Skris o Options to allow passwords to be obtained from various sources 68759191Skris o New public key PEM format and options to handle it 68859191Skris o Many other fixes and enhancements to command line utilities 68959191Skris o Usable certificate chain verification 69059191Skris o Certificate purpose checking 69159191Skris o Certificate trust settings 69259191Skris o Support of authority information access extension 69359191Skris o Extensions in certificate requests 69459191Skris o Simplified X509 name and attribute routines 69559191Skris o Initial (incomplete) support for international character sets 69659191Skris o New DH_METHOD, DSA_METHOD and enhanced RSA_METHOD 69759191Skris o Read only memory BIOs and simplified creation function 69859191Skris o TLS/SSL protocol bugfixes: Accept TLS 'client hello' in SSL 3.0 69959191Skris record; allow fragmentation and interleaving of handshake and other 70059191Skris data 70159191Skris o TLS/SSL code now "tolerates" MS SGC 70259191Skris o Work around for Netscape client certificate hang bug 70359191Skris o RSA_NULL option that removes RSA patent code but keeps other 70459191Skris RSA functionality 70559191Skris o Memory leak detection now allows applications to add extra information 70659191Skris via a per-thread stack 70759191Skris o PRNG robustness improved 70859191Skris o EGD support 70959191Skris o BIGNUM library bug fixes 71059191Skris o Faster DSA parameter generation 71159191Skris o Enhanced support for Alpha Linux 71259191Skris o Experimental MacOS support 71359191Skris 714264331Sjkim Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999]: 71555714Skris 71655714Skris o Transparent support for PKCS#8 format private keys: these are used 71755714Skris by several software packages and are more secure than the standard 71855714Skris form 71955714Skris o PKCS#5 v2.0 implementation 72055714Skris o Password callbacks have a new void * argument for application data 72155714Skris o Avoid various memory leaks 72255714Skris o New pipe-like BIO that allows using the SSL library when actual I/O 72355714Skris must be handled by the application (BIO pair) 72455714Skris 725264331Sjkim Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999]: 72655714Skris o Lots of enhancements and cleanups to the Configuration mechanism 72755714Skris o RSA OEAP related fixes 72855714Skris o Added `openssl ca -revoke' option for revoking a certificate 72955714Skris o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs 73055714Skris o Source tree cleanups: removed lots of obsolete files 73155714Skris o Thawte SXNet, certificate policies and CRL distribution points 73255714Skris extension support 73355714Skris o Preliminary (experimental) S/MIME support 73455714Skris o Support for ASN.1 UTF8String and VisibleString 73555714Skris o Full integration of PKCS#12 code 73655714Skris o Sparc assembler bignum implementation, optimized hash functions 73755714Skris o Option to disable selected ciphers 73855714Skris 739264331Sjkim Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999]: 74055714Skris o Fixed a security hole related to session resumption 74155714Skris o Fixed RSA encryption routines for the p < q case 74255714Skris o "ALL" in cipher lists now means "everything except NULL ciphers" 74355714Skris o Support for Triple-DES CBCM cipher 74455714Skris o Support of Optimal Asymmetric Encryption Padding (OAEP) for RSA 74555714Skris o First support for new TLSv1 ciphers 74655714Skris o Added a few new BIOs (syslog BIO, reliable BIO) 74755714Skris o Extended support for DSA certificate/keys. 74855714Skris o Extended support for Certificate Signing Requests (CSR) 74955714Skris o Initial support for X.509v3 extensions 75055714Skris o Extended support for compression inside the SSL record layer 75155714Skris o Overhauled Win32 builds 75255714Skris o Cleanups and fixes to the Big Number (BN) library 75355714Skris o Support for ASN.1 GeneralizedTime 75455714Skris o Splitted ASN.1 SETs from SEQUENCEs 75555714Skris o ASN1 and PEM support for Netscape Certificate Sequences 75655714Skris o Overhauled Perl interface 75755714Skris o Lots of source tree cleanups. 75855714Skris o Lots of memory leak fixes. 75955714Skris o Lots of bug fixes. 76055714Skris 761264331Sjkim Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998]: 76255714Skris o Integration of the popular NO_RSA/NO_DSA patches 76355714Skris o Initial support for compression inside the SSL record layer 76455714Skris o Added BIO proxy and filtering functionality 76555714Skris o Extended Big Number (BN) library 76655714Skris o Added RIPE MD160 message digest 76755714Skris o Addeed support for RC2/64bit cipher 76855714Skris o Extended ASN.1 parser routines 76955714Skris o Adjustations of the source tree for CVS 77055714Skris o Support for various new platforms 77155714Skris 772