===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/70.html,v
retrieving revision 1.66
retrieving revision 1.67
diff -c -r1.66 -r1.67
*** www/70.html 2021/10/04 13:17:16 1.66
--- www/70.html 2021/10/04 14:18:08 1.67
***************
*** 678,718 ****
Allowed specification of TLS ciphers and protocols in smtp(1).
! LibreSSL 3.4.0 XXX
- New Features
- Portable Improvements
- API and Documentation Enhancements
- Compatibility Changes
- Testing and Proactive Security
- Internal Improvements
!
- Bug Fixes
--- 678,761 ----
Allowed specification of TLS ciphers and protocols in smtp(1).
! LibreSSL 3.4.1 XXX
- New Features
! - Added support for OpenSSL 1.1.1 TLSv1.3 APIs.
! - Enabled the new x509 validator.
- Portable Improvements
! - Ported continuous integration and test infrastructure to Github actions.
! - Added Universal Windows Platform (UWP) build support.
! - Fixed mingw-w64 builds on newer versions with missing SSP support.
! - Added non-executable stack annotations for CMake builds.
- API and Documentation Enhancements
! - Added the following APIs from OpenSSL
!
! BN_bn2binpad
! BN_bn2lebinpad
! BN_lebin2bn
! EC_GROUP_get_curve
! EC_GROUP_order_bits
! EC_GROUP_set_curve
! EC_POINT_get_affine_coordinates
! EC_POINT_set_affine_coordinates
! EC_POINT_set_compressed_coordinates
! EVP_DigestSign
! EVP_DigestVerify
! SSL_CIPHER_find
! SSL_CTX_get0_privatekey
! SSL_CTX_get_max_early_data
! SSL_CTX_get_ssl_method
! SSL_CTX_set_ciphersuites
! SSL_CTX_set_max_early_data
! SSL_CTX_set_post_handshake_auth
! SSL_SESSION_get0_cipher
! SSL_SESSION_get_max_early_data
! SSL_SESSION_is_resumable
! SSL_SESSION_set_max_early_data
! SSL_get_early_data_status
! SSL_get_max_early_data
! SSL_read_early_data
! SSL_set0_rbio
! SSL_set_ciphersuites
! SSL_set_max_early_data
! SSL_set_post_handshake_auth
! SSL_set_psk_use_session_callback
! SSL_verify_client_post_handshake
! SSL_write_early_data
!
! - Added AES-GCM constants from RFC 7714 for SRTP.
- Compatibility Changes
! - Implement flushing for TLSv1.3 handshakes behavior, needed for Apache.
! - Call the info callback on connect/accept exit in TLSv1.3, needed for p5-Net-SSLeay.
! - Default to using named curve parameter encoding from pre-OpenSSL 1.1.0, adding OPENSSL_EC_EXPLICIT_CURVE.
! - Do not ignore SSL_TLSEXT_ERR_FATAL from the ALPN callback.
- Testing and Proactive Security
! - Added additional state machine test coverage.
! - Improved integration test support with ruby/openssl and p5-Net_SSLeay
- Internal Improvements
!
- Bug Fixes