version 1.7, 2023/10/04 08:42:20 |
version 1.8, 2023/10/04 15:00:14 |
|
|
<li>Removed most public symbols that were deprecated in OpenSSL 0.9.8. |
<li>Removed most public symbols that were deprecated in OpenSSL 0.9.8. |
<li>Removed the public X9.31 API (RSA_X931_PADDING is still available). |
<li>Removed the public X9.31 API (RSA_X931_PADDING is still available). |
<li>Removed Cipher Text Stealing mode. |
<li>Removed Cipher Text Stealing mode. |
openssl(1) nseq command. |
|
<li>Removed ENGINE support, including ECDH_METHOD and ECDSA_METHOD. |
<li>Removed ENGINE support, including ECDH_METHOD and ECDSA_METHOD. |
<li>Removed COMP, DSO, dynamic loading of conf modules and support for |
<li>Removed COMP, DSO, dynamic loading of conf modules and support for |
custom ex_data and error stacks. |
custom ex_data and error stacks. |
<li>Removed proxy certificate (RFC 3820) support. |
<li>Removed proxy certificate (RFC 3820) support. |
<li>Removed SXNET and NETSCAPE_CERT_SEQUENCE support including the |
<li>Removed SXNET and NETSCAPE_CERT_SEQUENCE support including the |
|
openssl(1) nseq command. |
<li>ENGINE support was removed and OPENSSL_NO_ENGINE is set. In spite |
<li>ENGINE support was removed and OPENSSL_NO_ENGINE is set. In spite |
of this, some stub functions are provided to avoid patching some |
of this, some stub functions are provided to avoid patching some |
applications that do not honor OPENSSL_NO_ENGINE. |
applications that do not honor OPENSSL_NO_ENGINE. |
|
|
<li>Correctly handle negative input to various BIGNUM functions. |
<li>Correctly handle negative input to various BIGNUM functions. |
<li>Ensure ERR_load_ERR_strings() does not set errno unexpectedly. |
<li>Ensure ERR_load_ERR_strings() does not set errno unexpectedly. |
<li>Fix error checking of i2d_ECDSA_SIG() in ossl_ecdsa_sign(). |
<li>Fix error checking of i2d_ECDSA_SIG() in ossl_ecdsa_sign(). |
<li>Fixed aliasing issue in BN_mod_inverse(). |
<li>Fixed aliasing issue in BN_mod_inverse(). Disallowed aliasing of result |
|
and modulus in various BN_mod_* functions. |
<li>Fixed detection of extended operations (XOP) on AMD hardware. |
<li>Fixed detection of extended operations (XOP) on AMD hardware. |
<li>Ensure Montgomery exponentiation is used for the initial RSA blinding. |
<li>Ensure Montgomery exponentiation is used for the initial RSA blinding. |
<li>Policy is always checked in X509 validation. Critical policy extensions |
<li>Policy is always checked in X509 validation. Critical policy extensions |
|
|
<li>Add missing pointer invalidation in SSL_free(). |
<li>Add missing pointer invalidation in SSL_free(). |
<li>Fixed X509err() and X509V3err() and their internal versions. |
<li>Fixed X509err() and X509V3err() and their internal versions. |
<li>Ensure that OBJ_obj2txt() always returns a C string again. |
<li>Ensure that OBJ_obj2txt() always returns a C string again. |
<li>Fixed aliasing issue in BN_mod_inverse(). |
|
<li>Made EVP_PKEY_set1_hkdf_key() fail on a NULL key. |
<li>Made EVP_PKEY_set1_hkdf_key() fail on a NULL key. |
<li>On socket errors in the poll loop, netcat could issue system calls |
<li>On socket errors in the poll loop, netcat could issue system calls |
on invalidated file descriptors. |
on invalidated file descriptors. |