version 1.16, 2016/02/03 14:58:49 |
version 1.17, 2016/02/03 15:00:51 |
|
|
</ul> |
</ul> |
</ul> |
</ul> |
<p> |
<p> |
|
<li>LibreSSL 2.3.2 |
<li>LibreSSL |
|
<ul> |
<ul> |
<li>User-visible features: |
<li>User-visible features: |
<ul> |
<ul> |
<li>... |
<li>This release corrects the handling of <tt>ClientHello</tt> messages |
|
that do not include TLS extensions, resulting in such handshakes being |
|
aborted. |
|
<li>When loading a DSA key from an raw (without DH parameters) ASN.1 |
|
serialization, perform some consistency checks on its `p' and `q' |
|
values, and return an error if the checks failed. |
|
<li>Fixed a bug in <tt>ECDH_compute_key</tt> that can lead to silent |
|
truncation of the result key without error. A coding error could cause |
|
software to use much shorter keys than intended. |
|
<li>Removed support for <tt>DTLS_BAD_VER</tt>. Pre-DTLSv1 implementations |
|
are no longer supported. |
|
<li>The engine command and parameters are removed from |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=openssl&sektion=1">openssl(1)</a>. |
|
Previous releases removed dynamic and builtin engine support already. |
|
<li>SHA-0 is removed, which was withdrawn shortly after publication |
|
twenty years ago. |
|
<li>Added <tt>Certplus CA</tt> root certificate to the default |
|
<tt>cert.pem</tt> file. |
|
<li>Fixed a leak in <tt>SSL_new</tt> in the error path. |
|
<li>Fixed a memory leak and out-of-bounds access in <tt>OBJ_obj2txt</tt>. |
|
<li>Fixed an up-to 7 byte overflow in RC4 when len is not a multiple of |
|
<tt>sizeof(RC4_CHUNK)</tt>. |
|
<li>Added <tt>EVP_aead_chacha20_poly1305_ietf()</tt> which matches the |
|
AEAD construction introduced in RFC 7539, which is different than that |
|
already used in TLS with <tt>EVP_aead_chacha20_poly1305()</tt>. |
|
<li>More man pages converted from pod to mdoc format. |
|
<li>Added <tt>COMODO RSA Certification Authority</tt> and |
|
<tt>QuoVadis</tt> root certificates to <tt>cert.pem</tt>. |
|
<li>Removed Remhve "<tt>C=US, O=VeriSign, Inc., OU=Class 3 Public Primary |
|
Certification Authority</tt>" |
|
(serial 3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be) |
|
root certificate from <tt>cert.pem</tt>. |
|
<li>Fixed incorrect TLS certificate loading by |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nc&sektion=1">nc(1)</a>. |
|
<li>The following CVEs had been fixed: |
|
<ul> |
|
<li><tt>CVE-2015-3194</tt>—NULL pointer dereference in client |
|
side certificate validation. |
|
<li><tt>CVE-2015-3195</tt>—memory leak in PKCS7, not reachable |
|
from TLS/SSL. |
|
</ul> |
|
<li>Note: The following OpenSSL CVEs did not apply to LibreSSL: |
|
<ul> |
|
<li><tt>CVE-2015-3193</tt>—carry propagating bug in the x86_64 |
|
Montgomery squaring procedure. |
|
<li><tt>CVE-2015-3196</tt>—double free race condition of the |
|
identify hint data. |
|
</ul> |
</ul> |
</ul> |
<li>Code improvements: |
<li>Code improvements: |
<ul> |
<ul> |
<li>... |
<li>Added install target for <tt>cmake</tt> builds. |
|
<li>Updated <tt>pkgconfig</tt> files to correctly report the release |
|
version number, not the individual library ABI version numbers. |
|
<li>SSLv3 is now permanently removed from the tree. |
|
<li>The <tt>libtls</tt> API is changed from the 2.2.x series: |
|
<ul> |
|
<li>The tls_read/write functions now work better with external event |
|
libraries. |
|
<li>Client-side verification is now supported, with the client |
|
supplying the certificate to the server. |
|
<li>Also, when using <tt>tls_connect_fds</tt>, |
|
<tt>tls_connect_socket</tt> or <tt>tls_accept_fds</tt>, |
|
<tt>libtls</tt> no longer implicitly closes the passed in sockets. |
|
The caller is responsible for closing them in this case. |
|
</ul> |
|
<li>New interface <tt>OPENSSL_cpu_caps</tt> is provided that does not |
|
allow software to inadvertently modify cpu capability flags. |
|
<tt>OPENSSL_ia32cap</tt> and <tt>OPENSSL_ia32cap_loc</tt> are removed. |
|
<li>The <tt>out_len</tt> argument of AEAD changed from <tt>ssize_t</tt> |
|
to <tt>size_t</tt>. |
|
<li>Deduplicated DTLS code, sharing bugfixes and improvements with TLS. |
|
<li>Converted |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nc&sektion=1">nc(1)</a> |
|
to use <tt>libtls</tt> for client and server operations; it is |
|
included in the libressl-portable distribution as an example of how |
|
to use the <tt>libtls</tt> library. This is intended to be a simpler |
|
and more robust replacement for <tt>openssl s_client</tt> and |
|
<tt>openssl s_server</tt> for day-to-day operations. |
|
<li>ASN.1 cleanups and RFC5280 compliance fixes. |
|
<li>Time representations switched from <tt>unsigned long</tt> to |
|
<tt>time_t</tt>. LibreSSL now checks if the host OS supports 64-bit |
|
<tt>time_t</tt>. |
|
<li>Support always extracting the peer cipher and version with |
|
<tt>libtls</tt>. |
|
<li>Added ability to check certificate validity times with |
|
<tt>libtls</tt>, <tt>tls_peer_cert_notbefore</tt> and |
|
<tt>tls_peer_cert_notafter</tt>. |
|
<li>Changed tls_connect_servername to use the first address that |
|
resolves with getaddrinfo(). |
|
<li>Remove broken conditional <tt>EVP_CHECK_DES_KEY</tt> code |
|
(non-functional since initial commit in 2004). |
|
<li>Reject too small bits value in <tt>BN_generate_prime_ex()</tt>, |
|
so that it does not risk becoming negative in |
|
<tt>probable_prime_dh_safe()</tt>. |
|
<li>Changed format of LIBRESSL_VERSION_NUMBER to match that of |
|
<tt>OPENSSL_VERSION_NUMBER</tt>. |
|
<li>Avoid a potential undefined C99+ behavior due to shift overflow in |
|
<tt>AES_decrypt</tt>. |
|
<li>Deprecated the <tt>SSL_OP_SINGLE_DH_USE</tt> flag. |
</ul> |
</ul> |
</ul> |
</ul> |
<p> |
<p> |