===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/64.html,v
retrieving revision 1.50
retrieving revision 1.51
diff -c -r1.50 -r1.51
*** www/64.html	2018/10/14 15:55:39	1.50
--- www/64.html	2018/10/14 15:58:57	1.51
***************
*** 357,363 ****
  
  <li>LibreSSL 2.x.x
     <ul>
!    <li>
     </ul>
  <p>
  
--- 357,436 ----
  
  <li>LibreSSL 2.x.x
     <ul>
!    <li> Extensive documentation updates and additional API history.
!    <li>Fixed a pair of 20+ year-old bugs in X509_NAME_add_entry
!    <li> Tighten up checks for various X509_VERIFY_PARAM functions,
!      'poisoning' parameters so that an unverified certificate cannot be
!      used if it fails verification.
!    <li> Fixed a potential memory leak on failure in ASN1_item_digest
!    <li> Fixed a potential memory alignment crash in asn1_item_combine_free
!    <li> Removed unused SSL3_FLAGS_DELAY_CLIENT_FINISHED and
!      SSL3_FLAGS_POP_BUFFER flags in write path, simplifying IO paths.
!    <li> Removed SSL_OP_TLS_ROLLBACK_BUG buggy client workarounds.
!    <li> Made ENGINE_finish and ENGINE_free succeed on NULL and simplify callers
!      and matching OpenSSL behavior, rewrote ENGINE_* documentation.
!    <li> Added const annotations to many existing APIs from OpenSSL, making
!      interoperability easier for downstream applications.
!    <li> Fixed small timing side-channels in ecdsa_sign_setup and
!      dsa_sign_setup.
!    <li> Documented security pitfalls with BN_FLG_CONSTTIME and constant-time
!      operation of BN_* functions.
!    <li> Updated BN_clear to use explicit_bzero.
!    <li> Added a missing bounds check in c2i_ASN1_BIT_STRING.
!    <li> More CBS conversions, including simplifications to RSA key exchange,
!      and converted code to use dedicated buffers for secrets.
!    <li> Removed three remaining single DES cipher suites.
!    <li>Fixed a potential leak/incorrect return value in DSA signature
!      generation.
!    <li> Added a blinding value when generating DSA and ECDSA signatures, in
!      order to reduce the possibility of a side-channel attack leaking the
!      private key.
!    <li> Added ECC constant time scalar multiplication support.
!      From Billy Brumley and his team at Tampere University of Technology.
!    <li> Revised the implementation of RSASSA-PKCS1-v1_5 to match the
!      specification in RFC 8017. Based on an OpenSSL commit by David
!      Benjamin.
!    <li> Cleaned up BN_* implementations following changes made in OpenSSL by
!      Davide Galassi and others.
!    <li> Added Wycheproof test vectors for ECDH, RSASSA-PSS, AES-GCM,
!      AES-CMAC, AES-CCM, AES-CBC-PKCS5, DSA, ChaCha20-Poly1305, ECDSA,
!      X25519, and applied appropriate fixes for errors uncovered by tests.
!    <li> Simplified key exchange signature generation and verification.
!    <li> Fixed a one-byte buffer overrun in callers of EVP_read_pw_string
!    <li> Converted more code paths to use CBB/CBS. All handshake messages are
!      now created by CBB.
!    <li> Fixed various memory leaks found by Coverity.
!    <li> Simplfied session ticket parsing and handling, inspired by
!      BoringSSL.
!    <li> Modified signature of CRYPTO_mem_leaks_* to return -1. This function
!      is a no-op in LibreSSL, so this function returns an error to not
!      indicate the (non-)existence of memory leaks.
!    <li> SSL_copy_session_id, PEM_Sign, EVP_EncodeUpdate, BIO_set_cipher,
!      X509_OBJECT_up_ref_count now return an int for error handling,
!      matching OpenSSL.
!    <li> Converted a number of #defines into proper functions, matching
!      OpenSSL's ABI.
!    <li> Added X509_get0_serialNumber from OpenSSL.
!    <li> Removed EVP_PKEY2PKCS8_broken and PKCS8_set_broken, while adding
!      PKCS8_pkey_add1_attr_by_NID and PKCS8_pkey_get0_attrs, matching
!      OpenSSL.
!    <li> Removed broken pkcs8 formats from openssl(1).
!    <li> Converted more functions in public API to use const arguments.
!    <li> Stopped handing AES-GCM in ssl_cipher_get_evp, since they use the
!      EVP_AEAD interface.
!    <li>Stopped using composite EVP_CIPHER AEADs.
!    <li> Added timing-safe compares for checking results of signature
!      verification. There are no known attacks, this is just inexpensive
!      prudence.
!    <li> Correctly clear the current cipher state, when changing cipher state.
!      This fixed an issue where renegotion of cipher suites would fail
!      when switched from AEAD to non-AEAD or vice-versa.
!      Issue reported by Bernard Spil.
!    <li> Added more cipher tests to appstest.sh, including all TLSv1.2
!      ciphers.
!    <li> Added RSA_meth_get_finish() RSA_meth_set1_name() from OpenSSL.
!    <li> Added new EVP_CIPHER_CTX_(get|set)_iv() API that allows the IV to be
!      retrieved and set with appropriate validation.
     </ul>
  <p>