version 1.77, 2016/03/22 10:54:42 |
version 1.78, 2016/03/25 02:04:22 |
|
|
software to use much shorter keys than intended. |
software to use much shorter keys than intended. |
<li>Removed support for <tt>DTLS_BAD_VER</tt>. Pre-DTLSv1 implementations |
<li>Removed support for <tt>DTLS_BAD_VER</tt>. Pre-DTLSv1 implementations |
are no longer supported. |
are no longer supported. |
<li>The engine command and parameters are removed from |
<li>The <tt>engine</tt> command and parameters are removed from |
<a href="http://man.openbsd.org/?query=openssl"> |
<a href="http://man.openbsd.org/?query=openssl"> |
openssl(1)</a>. |
openssl(1)</a>. |
Previous releases removed dynamic and built-in engine support already. |
Previous releases removed dynamic and built-in engine support already. |
|
|
root certificate from <tt>cert.pem</tt>. |
root certificate from <tt>cert.pem</tt>. |
<li>Fixed incorrect TLS certificate loading by |
<li>Fixed incorrect TLS certificate loading by |
<a href="http://man.openbsd.org/?query=nc">nc(1)</a>. |
<a href="http://man.openbsd.org/?query=nc">nc(1)</a>. |
|
<li>The |
|
<a href="http://man.openbsd.org/?query=openssl"> |
|
openssl(1)</a> |
|
<tt>s_time</tt> command now performs a proper shutdown which allows a |
|
full TLS connection to be benchmarked more accurately. A new |
|
<tt>-no_shutdown</tt> flag |
|
makes <tt>s_time</tt> adopt the previous behavior so that comparisons |
|
can still be made with OpenSSL's version. |
|
<li>Removed support for the <tt>SSLEAY_CONF</tt> backwards compatibility |
|
environment variable in |
|
<a href="http://man.openbsd.org/?query=openssl"> |
|
openssl(1)</a>. |
<li>The following CVEs had been fixed: |
<li>The following CVEs had been fixed: |
<ul> |
<ul> |
<li><tt>CVE-2015-3194</tt>—NULL pointer dereference in client |
<li><tt>CVE-2015-3194</tt>—NULL pointer dereference in client |