===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/74.html,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- www/74.html 2023/10/04 05:51:39 1.6
+++ www/74.html 2023/10/04 08:42:20 1.7
@@ -174,27 +174,169 @@
...
-LibreSSL version X.X.X
+LibreSSL version 3.8.2
+ - Security fixes
+
+ - Disabled TLSv1.0 and TLSv1.1 in libssl so that they may no longer
+ be selected for use.
+
- BN_is_prime{,_fasttest}_ex() refuse to check numbers larger than
+ 32 kbits for primality. This mitigates various DoS vectors.
+
- Restricted the RFC 3779 code to IPv4 and IPv6. It was not written
+ to be able to deal with anything else.
+
+ - Portable changes
+
+ - Extended the endian.h compat header with hto* and *toh macros.
+
- Adapted more tests to the portable framework.
+
- Internal tools are now statically linked.
+
- Applications bundled as part of the LibreSSL package internally,
+ nc(1) and openssl(1), now are linked statically if static libraries
+ are built.
+
- Internal compatibility function symbols are no longer exported from
+ libcrypto. Instead, the libcompat library is linked to libcrypto,
+ libssl, and libtls separately. This increases size a little, but
+ ensures that the libraries are not exporting symbols to programs
+ unintentionally.
+
- Selective removal of CET implementation on platforms where it is
+ not supported (macOS).
+
- Integrated four more tests.
+
- Added Windows ARM64 architecture to tested platforms.
+
- Removed Solaris 10 support, fixed Solaris 11.
+
- libtls no longer links statically to libcrypto / libssl unless
+
--enable-libtls-only
is specified at configure time.
+ - Improved Windows compatibility library, namely handling of files vs
+ sockets, correcting an exception when operating on a closed socket.
+
- CMake builds no longer hardcode
-O2
into the compiler flags,
+ instead using flags from the CMake build type instead.
+ - Set the CMake default build type to
Release
. This can be overridden
+ during configuration.
+ - Fixed broken ASM support with MinGW builds.
+
- New features
- - ...
+
- Added support for truncated SHA-2 and for SHA-3.
+
- The BPSW primality test performs additional Miller-Rabin rounds
+ with random bases to reduce the likelihood of composites passing.
+
- Allow testing of ciphers and digests using badly aligned buffers
+ in openssl speed using -unalign.
+
- Ed25519 certificates are now supported in openssl(1) ca and req.
+ Prepared Ed25519 support in libssl.
+
- Add branch target information (BTI) support to amd64 and arm64
+ assembly.
-
- Compatibility changes
- - ...
+
- Added a workaround for a poorly thought-out change in OpenSSL 3 that
+ broke privilege separation support in libtls.
+
- Moved libtls from ECDSA_METHOD to EC_KEY_METHOD.
+
- Removed GF2m support: BIGNUM no longer supports binary extension
+ field arithmetic and all binary elliptic builtin curves were removed.
+
- Removed dangerous, "fast" NIST prime and elliptic curve implementations.
+ In particular, EC_GFp_nist_method() is no longer available.
+
- Removed most public symbols that were deprecated in OpenSSL 0.9.8.
+
- Removed the public X9.31 API (RSA_X931_PADDING is still available).
+
- Removed Cipher Text Stealing mode.
+ openssl(1) nseq command.
+
- Removed ENGINE support, including ECDH_METHOD and ECDSA_METHOD.
+
- Removed COMP, DSO, dynamic loading of conf modules and support for
+ custom ex_data and error stacks.
+
- Removed proxy certificate (RFC 3820) support.
+
- Removed SXNET and NETSCAPE_CERT_SEQUENCE support including the
+
- ENGINE support was removed and OPENSSL_NO_ENGINE is set. In spite
+ of this, some stub functions are provided to avoid patching some
+ applications that do not honor OPENSSL_NO_ENGINE.
+
- The POLICY_TREE and its related structures and API were removed.
+
- In X509_VERIFY_PARAM_inherit() copy hostflags independently of the
+ host list.
+
- Made CRYPTO_get_ex_new_index() not return 0 to allow applications
+ to use *_{get,set}_app_data() and *_{get,set}_ex_data() alongside
+ each other.
+
- X509_NAME_get_text_by_{NID,OBJ}() now only succeed if they contain
+ valid UTF-8 without embedded NUL.
+
- The explicitText user notice uses UTF8String instead of VisibleString
+ to reduce the risk of emitting certificates with invalid DER-encoding.
+
- Initial fixes for RSA-PSS support to make the TLSv1.3 stack more
+ compliant with RFC 8446.
+
- Fixed EVP_CIPHER_CTX_iv_length() to return what was set with
+ EVP_CTRL_AEAD_SET_IVLEN or one of its aliases.
-
+ - Internal improvements
+
+ - Improved sieve of Eratosthenes script used for generating a table
+ of small primes.
+
- Removed incomplete and dangerous BN_RECURSION code.
+
- Imported RFC 5280 policy checking code from BoringSSL and used it
+ to replace the old exponential time code.
+
- Converted more of libcrypto to use CBB/CBS.
+
- Started cleaning up and rewriting SHA internals.
+
- Reduced the dependency of hash implementations on many layers of
+ macros. This results in significant speedups since modern compilers
+ are now less confused.
+
- Improved BIGNUM internals and performance.
+
- Significantly simplified the BN_BLINDING internals used in RSA.
+
- Made BN_num_bits() independent of bn->top.
+
- Rewrote and simplified bn_sqr().
+
- Significantly improved Montgomery multiplication performance.
+
- Rewrote and improved BN_exp() and BN_copy().
+
- Changed ASN1_item_sign_ctx() and ASN1_item_verify() to work with
+ Ed25519 and fixed a few bugs in there.
+
- Lots of cleanup for DH, DSA, EC, RSA internals. Plugged numerous
+ memory leaks, fixed logic errors and inconsistencies.
+
- Cleaned up and simplified various ECDH and ECDSA internals.
+
- Removed EC_GROUP precomp machinery.
+
- Fixed various issues with EVP_PKEY_CTX_{new,dup}().
+
- Rewrote OBJ_find_sigid_algs() and OBJ_find_sigid_by_algs().
+
- Improved X.509 certificate version checks.
+
- Ensure no X.509v3 extensions appear more than once in certificates.
+
- Replaced ASN1_bn_print with a cleaner internal implementation.
+
- Fix OPENSSL_cpuid_setup() invocations on arm/aarch64.
+
- Improved checks for commonName in libtls.
+
- Fixed error check for X509_get_ext_d2i() failure in libtls.
+
- Removed code guarded by #ifdef ZLIB.
+
- Plug a potential memory leak in ASN1_TIME_normalize().
+
- Fixed a use of uninitialized in i2r_IPAddrBlocks().
+
- Rewrote CMS_SignerInfo_{sign,verify}().
+
- Bug fixes
- - ...
+
- Correctly handle negative input to various BIGNUM functions.
+
- Ensure ERR_load_ERR_strings() does not set errno unexpectedly.
+
- Fix error checking of i2d_ECDSA_SIG() in ossl_ecdsa_sign().
+
- Fixed aliasing issue in BN_mod_inverse().
+
- Fixed detection of extended operations (XOP) on AMD hardware.
+
- Ensure Montgomery exponentiation is used for the initial RSA blinding.
+
- Policy is always checked in X509 validation. Critical policy extensions
+ are no longer silently ignored.
+
- Fixed error handling in tls_check_common_name().
+
- Add missing pointer invalidation in SSL_free().
+
- Fixed X509err() and X509V3err() and their internal versions.
+
- Ensure that OBJ_obj2txt() always returns a C string again.
+
- Fixed aliasing issue in BN_mod_inverse().
+
- Made EVP_PKEY_set1_hkdf_key() fail on a NULL key.
+
- On socket errors in the poll loop, netcat could issue system calls
+ on invalidated file descriptors.
+
- Allow IP addresses to be specified in a URI.
+
- Fixed a copy-paste error in ASN1_TIME_compare() that could lead
+ to two UTCTimes or two GeneralizedTimes incorrectly being compared
+ as equal.
-
- - Internal improvements
+
- Documentation improvements
- - ...
+
- Improved documentation of BIO_ctrl(3), BIO_set_info_callback(3),
+ BIO_get_info_callback(3), BIO_method_type(3), and BIO_method_name(3).
+
- Marked BIO_CB_return(), BIO_cb_pre(), and BIO_cb_post() as intentionally
+ undocumented.
+
- Made it very explicit that the verify callback should not be used.
+
- Called out that the CRL lastUpdate is standardized as thisUpdate.
+
- Documented the RFC 3779 API and its shortcomings.
+ - Testing and Proactive Security
+
+ - Significantly improved test coverage of BN_mod_sqrt() and GCD.
+
- As always, new test coverage is added as bugs are fixed and subsystems
+ are cleaned up.
+
OpenSSH XXX.YYY
@@ -234,7 +376,7 @@
Some highlights:
-
+
- Asterisk 16.30.1, 18.19.0 and 20.4.0
- Audacity 3.3.3
- CMake 3.27.5
@@ -282,7 +424,7 @@
- As usual, steady improvements in manual pages and other documentation.
- The system includes the following major components from outside suppliers:
-
+
- Xenocara (based on X.Org 7.7 with xserver 21.1.8 + patches,
freetype 2.13.0, fontconfig 2.14.2, Mesa 22.3.7, xterm 378,
xkeyboard-config 2.20, fonttosfnt 1.2.2 and more)