| version 1.38, 2016/02/22 16:09:03 |
version 1.39, 2016/02/23 01:10:19 |
|
|
| <ul> |
<ul> |
| <li>Remove support for obsolete IPv6 socket options. |
<li>Remove support for obsolete IPv6 socket options. |
| <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=etherip&sektion=4">etherip(4)</a> |
<li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=etherip&sektion=4">etherip(4)</a> |
| pseude-device for tunnelling Ethernet frames across IP[46] networks using RFC 3378 EtherIP encapsulation. |
pseudo-device for tunnelling Ethernet frames across IP[46] networks using RFC 3378 EtherIP encapsulation. |
| <li>... |
<li>... |
| </ul> |
</ul> |
| <p> |
<p> |
|
|
| have been pledged. |
have been pledged. |
| <li>The offline enqueue mode of |
<li>The offline enqueue mode of |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smtpctl&sektion=8">smtpctl(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smtpctl&sektion=8">smtpctl(8)</a> |
| has been redesigned to remove the need for a publically writeable directory which was a vector of multiple attacks in the Qualys Security audit. |
has been redesigned to remove the need for a publicly writable directory which was a vector of multiple attacks in the Qualys Security audit. |
| </ul> |
</ul> |
| <li>The following improvements were brought in this release: |
<li>The following improvements were brought in this release: |
| <ul> |
<ul> |
| <li>Experimental support for filters API is now available with several filters available in ports. |
<li>Experimental support for filters API is now available with several filters available in ports. |
| <li>Add Message-Id header if necessary. |
<li>Add Message-Id header if necessary. |
| <li>Removed the kick mechanism which was misbehaving. |
<li>Removed the kick mechanism which was misbehaving. |
| <li>Increased the lenght of acceptable headers lines. |
<li>Increased the length of acceptable headers lines. |
| <li>Assume messages are 8-bit bytes by default. |
<li>Assume messages are 8-bit bytes by default. |
| </ul> |
</ul> |
| </ul> |
</ul> |
|
|
| <li>This release corrects the handling of <tt>ClientHello</tt> messages |
<li>This release corrects the handling of <tt>ClientHello</tt> messages |
| that do not include TLS extensions, resulting in such handshakes being |
that do not include TLS extensions, resulting in such handshakes being |
| aborted. |
aborted. |
| <li>When loading a DSA key from an raw (without DH parameters) ASN.1 |
<li>When loading a DSA key from a raw (without DH parameters) ASN.1 |
| serialization, perform some consistency checks on its `p' and `q' |
serialization, perform some consistency checks on its `p' and `q' |
| values, and return an error if the checks failed. |
values, and return an error if the checks failed. |
| <li>Fixed a bug in <tt>ECDH_compute_key</tt> that can lead to silent |
<li>Fixed a bug in <tt>ECDH_compute_key</tt> that can lead to silent |
|
|
| are no longer supported. |
are no longer supported. |
| <li>The engine command and parameters are removed from |
<li>The engine command and parameters are removed from |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=openssl&sektion=1">openssl(1)</a>. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=openssl&sektion=1">openssl(1)</a>. |
| Previous releases removed dynamic and builtin engine support already. |
Previous releases removed dynamic and built-in engine support already. |
| <li>SHA-0 is removed, which was withdrawn shortly after publication |
<li>SHA-0 is removed, which was withdrawn shortly after publication |
| twenty years ago. |
twenty years ago. |
| <li>Added <tt>Certplus CA</tt> root certificate to the default |
<li>Added <tt>Certplus CA</tt> root certificate to the default |
![[BACK]](/icons/back.gif){kind=icon}
Return to 59.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www