=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/59.html,v retrieving revision 1.38 retrieving revision 1.39 diff -c -r1.38 -r1.39 *** www/59.html 2016/02/22 16:09:03 1.38 --- www/59.html 2016/02/23 01:10:19 1.39 *************** *** 112,118 ****

--- 112,118 ----

*************** *** 199,212 **** have been pledged.

  • The offline enqueue mode of smtpctl(8) ! has been redesigned to remove the need for a publically writeable directory which was a vector of multiple attacks in the Qualys Security audit.
  • The following improvements were brought in this release: --- 199,212 ---- have been pledged.
  • The offline enqueue mode of smtpctl(8) ! has been redesigned to remove the need for a publicly writable directory which was a vector of multiple attacks in the Qualys Security audit.
  • The following improvements were brought in this release: *************** *** 266,272 ****
  • This release corrects the handling of ClientHello messages that do not include TLS extensions, resulting in such handshakes being aborted. !
  • When loading a DSA key from an raw (without DH parameters) ASN.1 serialization, perform some consistency checks on its `p' and `q' values, and return an error if the checks failed.
  • Fixed a bug in ECDH_compute_key that can lead to silent --- 266,272 ----
  • This release corrects the handling of ClientHello messages that do not include TLS extensions, resulting in such handshakes being aborted. !
  • When loading a DSA key from a raw (without DH parameters) ASN.1 serialization, perform some consistency checks on its `p' and `q' values, and return an error if the checks failed.
  • Fixed a bug in ECDH_compute_key that can lead to silent *************** *** 276,282 **** are no longer supported.
  • The engine command and parameters are removed from openssl(1). ! Previous releases removed dynamic and builtin engine support already.
  • SHA-0 is removed, which was withdrawn shortly after publication twenty years ago.
  • Added Certplus CA root certificate to the default --- 276,282 ---- are no longer supported.
  • The engine command and parameters are removed from openssl(1). ! Previous releases removed dynamic and built-in engine support already.
  • SHA-0 is removed, which was withdrawn shortly after publication twenty years ago.
  • Added Certplus CA root certificate to the default