]>
Commit | Line | Data |
---|---|---|
3b52c2e7 RE |
1 | |
2 | NEWS | |
3 | ==== | |
4 | ||
5 | This file gives a brief overview of the major changes between each OpenSSL | |
6 | release. For more details please read the CHANGES file. | |
7 | ||
3a63dbef | 8 | Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [under development] |
fc4e1ab4 | 9 | |
07822c51 SL |
10 | o Added 'openssl mac' that uses the EVP_MAC API. |
11 | o Added 'openssl kdf' that uses the EVP_KDF API. | |
0109e030 | 12 | o Add OPENSSL_info() and 'openssl info' to get built-in data. |
c699712f RL |
13 | o Add support for enabling instrumentation through trace and debug |
14 | output. | |
3a63dbef RL |
15 | o Changed our version number scheme and set the next major release to |
16 | 3.0.0 | |
828b5295 RL |
17 | o Added EVP_MAC, an EVP layer MAC API, and a generic EVP_PKEY to EVP_MAC |
18 | bridge. | |
558ea847 | 19 | o Removed the heartbeat message in DTLS feature. |
07822c51 SL |
20 | o Added EVP_KDF, an EVP layer KDF API, and a generic EVP_PKEY to EVP_KDF |
21 | bridge. | |
fc4e1ab4 | 22 | |
c1ef2852 MC |
23 | Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [20 Nov 2018] |
24 | ||
25 | o Timing vulnerability in DSA signature generation (CVE-2018-0734) | |
26 | o Timing vulnerability in ECDSA signature generation (CVE-2018-0735) | |
27 | ||
1708e3e8 | 28 | Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018] |
156e34f2 | 29 | |
6ccfc8fa MC |
30 | o Support for TLSv1.3 added (see https://wiki.openssl.org/index.php/TLS1.3 |
31 | for further important information). The TLSv1.3 implementation includes: | |
32 | o Fully compliant implementation of RFC8446 (TLSv1.3) on by default | |
33 | o Early data (0-RTT) | |
34 | o Post-handshake authentication and key update | |
35 | o Middlebox Compatibility Mode | |
36 | o TLSv1.3 PSKs | |
37 | o Support for all five RFC8446 ciphersuites | |
38 | o RSA-PSS signature algorithms (backported to TLSv1.2) | |
39 | o Configurable session ticket support | |
40 | o Stateless server support | |
41 | o Rewrite of the packet construction code for "safer" packet handling | |
42 | o Rewrite of the extension handling code | |
3f8b623a MC |
43 | o Complete rewrite of the OpenSSL random number generator to introduce the |
44 | following capabilities | |
45 | o The default RAND method now utilizes an AES-CTR DRBG according to | |
46 | NIST standard SP 800-90Ar1. | |
47 | o Support for multiple DRBG instances with seed chaining. | |
48 | o There is a public and private DRBG instance. | |
49 | o The DRBG instances are fork-safe. | |
50 | o Keep all global DRBG instances on the secure heap if it is enabled. | |
51 | o The public and private DRBG instance are per thread for lock free | |
52 | operation | |
53 | o Support for various new cryptographic algorithms including: | |
54 | o SHA3 | |
55 | o SHA512/224 and SHA512/256 | |
6ccfc8fa | 56 | o EdDSA (both Ed25519 and Ed448) including X509 and TLS support |
3f8b623a MC |
57 | o X448 (adding to the existing X25519 support in 1.1.0) |
58 | o Multi-prime RSA | |
59 | o SM2 | |
60 | o SM3 | |
61 | o SM4 | |
62 | o SipHash | |
63 | o ARIA (including TLS support) | |
64 | o Significant Side-Channel attack security improvements | |
6ccfc8fa MC |
65 | o Add a new ClientHello callback to provide the ability to adjust the SSL |
66 | object at an early stage. | |
3f8b623a MC |
67 | o Add 'Maximum Fragment Length' TLS extension negotiation and support |
68 | o A new STORE module, which implements a uniform and URI based reader of | |
69 | stores that can contain keys, certificates, CRLs and numerous other | |
70 | objects. | |
917a1b2e | 71 | o Move the display of configuration data to configdata.pm. |
3c0c6b97 | 72 | o Allow GNU style "make variables" to be used with Configure. |
4b2799c1 | 73 | o Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes |
1c5b57bc | 74 | o Rewrite of devcrypto engine |
156e34f2 | 75 | |
80162ad6 MC |
76 | Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [under development] |
77 | ||
78 | o Client DoS due to large DH parameter (CVE-2018-0732) | |
79 | o Cache timing vulnerability in RSA Key Generation (CVE-2018-0737) | |
80 | ||
f47270e1 MC |
81 | Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [under development] |
82 | ||
f6c024c2 MC |
83 | o Constructed ASN.1 types with a recursive definition could exceed the |
84 | stack (CVE-2018-0739) | |
85 | o Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733) | |
f47270e1 MC |
86 | o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) |
87 | ||
de8c19cd MC |
88 | Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017] |
89 | ||
90 | o bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) | |
91 | o Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735) | |
92 | ||
867a9170 MC |
93 | Major changes between OpenSSL 1.1.0e and OpenSSL 1.1.0f [25 May 2017] |
94 | ||
95 | o config now recognises 64-bit mingw and chooses mingw64 instead of mingw | |
96 | ||
d4da1bb5 MC |
97 | Major changes between OpenSSL 1.1.0d and OpenSSL 1.1.0e [16 Feb 2017] |
98 | ||
99 | o Encrypt-Then-Mac renegotiation crash (CVE-2017-3733) | |
100 | ||
536454e5 MC |
101 | Major changes between OpenSSL 1.1.0c and OpenSSL 1.1.0d [26 Jan 2017] |
102 | ||
103 | o Truncated packet could crash via OOB read (CVE-2017-3731) | |
104 | o Bad (EC)DHE parameters cause a client crash (CVE-2017-3730) | |
105 | o BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732) | |
106 | ||
107 | Major changes between OpenSSL 1.1.0b and OpenSSL 1.1.0c [10 Nov 2016] | |
3133c2d3 | 108 | |
6a69e869 MC |
109 | o ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054) |
110 | o CMS Null dereference (CVE-2016-7053) | |
111 | o Montgomery multiplication may produce incorrect results (CVE-2016-7055) | |
536454e5 MC |
112 | |
113 | Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.0b [26 Sep 2016] | |
114 | ||
3133c2d3 MC |
115 | o Fix Use After Free for large message sizes (CVE-2016-6309) |
116 | ||
39c136cc MC |
117 | Major changes between OpenSSL 1.1.0 and OpenSSL 1.1.0a [22 Sep 2016] |
118 | ||
119 | o OCSP Status Request extension unbounded memory growth (CVE-2016-6304) | |
120 | o SSL_peek() hang on empty record (CVE-2016-6305) | |
121 | o Excessive allocation of memory in tls_get_message_header() | |
122 | (CVE-2016-6307) | |
123 | o Excessive allocation of memory in dtls1_preprocess_fragment() | |
124 | (CVE-2016-6308) | |
125 | ||
156e34f2 | 126 | Major changes between OpenSSL 1.0.2h and OpenSSL 1.1.0 [25 Aug 2016] |
5fa30720 | 127 | |
b6cff313 | 128 | o Copyright text was shrunk to a boilerplate that points to the license |
ce942199 | 129 | o "shared" builds are now the default when possible |
9b13e27c MC |
130 | o Added support for "pipelining" |
131 | o Added the AFALG engine | |
4a4e250c | 132 | o New threading API implemented |
7c314196 | 133 | o Support for ChaCha20 and Poly1305 added to libcrypto and libssl |
d05775d7 DSH |
134 | o Support for extended master secret |
135 | o CCM ciphersuites | |
6f9a3c37 | 136 | o Reworked test suite, now based on perl, Test::Harness and Test::More |
5105ba5b RL |
137 | o *Most* libcrypto and libssl public structures were made opaque, |
138 | including: | |
139 | BIGNUM and associated types, EC_KEY and EC_KEY_METHOD, | |
140 | DH and DH_METHOD, DSA and DSA_METHOD, RSA and RSA_METHOD, | |
141 | BIO and BIO_METHOD, EVP_MD_CTX, EVP_MD, EVP_CIPHER_CTX, | |
142 | EVP_CIPHER, EVP_PKEY and associated types, HMAC_CTX, | |
143 | X509, X509_CRL, X509_OBJECT, X509_STORE_CTX, X509_STORE, | |
144 | X509_LOOKUP, X509_LOOKUP_METHOD | |
6f9a3c37 RL |
145 | o libssl internal structures made opaque |
146 | o SSLv2 support removed | |
147 | o Kerberos ciphersuite support removed | |
23fe34b4 RL |
148 | o RC4 removed from DEFAULT ciphersuites in libssl |
149 | o 40 and 56 bit cipher support removed from libssl | |
6f9a3c37 | 150 | o All public header files moved to include/openssl, no more symlinking |
7c314196 | 151 | o SSL/TLS state machine, version negotiation and record layer rewritten |
5e030525 | 152 | o EC revision: now operations use new EC_KEY_METHOD. |
7c314196 MC |
153 | o Support for OCB mode added to libcrypto |
154 | o Support for asynchronous crypto operations added to libcrypto and libssl | |
98186eb4 | 155 | o Deprecated interfaces can now be disabled at build time either |
46e64f6e | 156 | relative to the latest release via the "no-deprecated" Configure |
98186eb4 VD |
157 | argument, or via the "--api=1.1.0|1.0.0|0.9.8" option. |
158 | o Application software can be compiled with -DOPENSSL_API_COMPAT=version | |
46e64f6e | 159 | to ensure that features deprecated in that version are not exposed. |
59fd40d4 | 160 | o Support for RFC6698/RFC7671 DANE TLSA peer authentication |
d74dfafd RL |
161 | o Change of Configure to use --prefix as the main installation |
162 | directory location rather than --openssldir. The latter becomes | |
163 | the directory for certs, private key and openssl.cnf exclusively. | |
0f45c26f | 164 | o Reworked BIO networking library, with full support for IPv6. |
907d2c2f | 165 | o New "unified" build system |
bb8d14d5 DSH |
166 | o New security levels |
167 | o Support for scrypt algorithm | |
168 | o Support for X25519 | |
169 | o Extended SSL_CONF support using configuration files | |
170 | o KDF algorithm support. Implement TLS PRF as a KDF. | |
eb64a6c6 | 171 | o Support for Certificate Transparency |
8a0333c9 | 172 | o HKDF support. |
5fa30720 | 173 | |
6ac83779 MC |
174 | Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016] |
175 | ||
176 | o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107) | |
177 | o Fix EVP_EncodeUpdate overflow (CVE-2016-2105) | |
178 | o Fix EVP_EncryptUpdate overflow (CVE-2016-2106) | |
179 | o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109) | |
180 | o EBCDIC overread (CVE-2016-2176) | |
181 | o Modify behavior of ALPN to invoke callback after SNI/servername | |
182 | callback, such that updates to the SSL_CTX affect ALPN. | |
183 | o Remove LOW from the DEFAULT cipher list. This removes singles DES from | |
184 | the default. | |
185 | o Only remove the SSLv2 methods with the no-ssl2-method option. | |
186 | ||
09375d12 MC |
187 | Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016] |
188 | ||
189 | o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. | |
190 | o Disable SSLv2 default build, default negotiation and weak ciphers | |
191 | (CVE-2016-0800) | |
192 | o Fix a double-free in DSA code (CVE-2016-0705) | |
193 | o Disable SRP fake user seed to address a server memory leak | |
194 | (CVE-2016-0798) | |
195 | o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption | |
196 | (CVE-2016-0797) | |
197 | o Fix memory issues in BIO_*printf functions (CVE-2016-0799) | |
198 | o Fix side channel attack on modular exponentiation (CVE-2016-0702) | |
199 | ||
502bed22 MC |
200 | Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016] |
201 | ||
202 | o DH small subgroups (CVE-2016-0701) | |
203 | o SSLv2 doesn't block disabled ciphers (CVE-2015-3197) | |
204 | ||
5fa30720 DSH |
205 | Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015] |
206 | ||
207 | o BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193) | |
208 | o Certificate verify crash with missing PSS parameter (CVE-2015-3194) | |
209 | o X509_ATTRIBUTE memory leak (CVE-2015-3195) | |
210 | o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs | |
211 | o In DSA_generate_parameters_ex, if the provided seed is too short, | |
212 | return an error | |
213 | ||
214 | Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015] | |
6f47ced0 MC |
215 | |
216 | o Alternate chains certificate forgery (CVE-2015-1793) | |
5fa30720 | 217 | o Race condition handling PSK identify hint (CVE-2015-3196) |
6f47ced0 MC |
218 | |
219 | Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015] | |
220 | ||
221 | o Fix HMAC ABI incompatibility | |
222 | ||
223 | Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015] | |
063dccd0 MC |
224 | |
225 | o Malformed ECParameters causes infinite loop (CVE-2015-1788) | |
226 | o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) | |
227 | o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) | |
228 | o CMS verify infinite loop with unknown hash function (CVE-2015-1792) | |
229 | o Race condition handling NewSessionTicket (CVE-2015-1791) | |
230 | ||
231 | Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015] | |
367eab2f MC |
232 | |
233 | o OpenSSL 1.0.2 ClientHello sigalgs DoS fix (CVE-2015-0291) | |
234 | o Multiblock corrupted pointer fix (CVE-2015-0290) | |
235 | o Segmentation fault in DTLSv1_listen fix (CVE-2015-0207) | |
236 | o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286) | |
237 | o Segmentation fault for invalid PSS parameters fix (CVE-2015-0208) | |
238 | o ASN.1 structure reuse memory corruption fix (CVE-2015-0287) | |
239 | o PKCS7 NULL pointer dereferences fix (CVE-2015-0289) | |
240 | o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293) | |
241 | o Empty CKE with client auth and DHE fix (CVE-2015-1787) | |
242 | o Handshake with unseeded PRNG fix (CVE-2015-0285) | |
243 | o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209) | |
244 | o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288) | |
245 | o Removed the export ciphers from the DEFAULT ciphers | |
246 | ||
247 | Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015]: | |
f0170ebb DSH |
248 | |
249 | o Suite B support for TLS 1.2 and DTLS 1.2 | |
250 | o Support for DTLS 1.2 | |
251 | o TLS automatic EC curve selection. | |
252 | o API to set TLS supported signature algorithms and curves | |
253 | o SSL_CONF configuration API. | |
254 | o TLS Brainpool support. | |
255 | o ALPN support. | |
256 | o CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH. | |
257 | ||
367eab2f MC |
258 | Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015] |
259 | ||
260 | o Build fixes for the Windows and OpenVMS platforms | |
261 | ||
262 | Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015] | |
263 | ||
264 | o Fix for CVE-2014-3571 | |
265 | o Fix for CVE-2015-0206 | |
266 | o Fix for CVE-2014-3569 | |
267 | o Fix for CVE-2014-3572 | |
268 | o Fix for CVE-2015-0204 | |
269 | o Fix for CVE-2015-0205 | |
270 | o Fix for CVE-2014-8275 | |
271 | o Fix for CVE-2014-3570 | |
272 | ||
ed13270d MC |
273 | Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014] |
274 | ||
275 | o Fix for CVE-2014-3513 | |
276 | o Fix for CVE-2014-3567 | |
277 | o Mitigation for CVE-2014-3566 (SSL protocol vulnerability) | |
278 | o Fix for CVE-2014-3568 | |
279 | ||
280 | Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014] | |
281 | ||
282 | o Fix for CVE-2014-3512 | |
283 | o Fix for CVE-2014-3511 | |
284 | o Fix for CVE-2014-3510 | |
285 | o Fix for CVE-2014-3507 | |
286 | o Fix for CVE-2014-3506 | |
287 | o Fix for CVE-2014-3505 | |
288 | o Fix for CVE-2014-3509 | |
289 | o Fix for CVE-2014-5139 | |
290 | o Fix for CVE-2014-3508 | |
291 | ||
7178c711 DSH |
292 | Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014] |
293 | ||
294 | o Fix for CVE-2014-0224 | |
295 | o Fix for CVE-2014-0221 | |
367eab2f | 296 | o Fix for CVE-2014-0198 |
7178c711 DSH |
297 | o Fix for CVE-2014-0195 |
298 | o Fix for CVE-2014-3470 | |
299 | o Fix for CVE-2010-5298 | |
300 | ||
86f6e866 DSH |
301 | Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014] |
302 | ||
303 | o Fix for CVE-2014-0160 | |
304 | o Add TLS padding extension workaround for broken servers. | |
305 | o Fix for CVE-2014-0076 | |
306 | ||
9bd1e2b5 DSH |
307 | Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014] |
308 | ||
309 | o Don't include gmt_unix_time in TLS server and client random values | |
310 | o Fix for TLS record tampering bug CVE-2013-4353 | |
311 | o Fix for TLS version checking bug CVE-2013-6449 | |
312 | o Fix for DTLS retransmission bug CVE-2013-6450 | |
313 | ||
57d7ee3a | 314 | Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]: |
4dc83677 BM |
315 | |
316 | o Corrected fix for CVE-2013-0169 | |
317 | ||
57d7ee3a | 318 | Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]: |
5818a07a DSH |
319 | |
320 | o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. | |
321 | o Include the fips configuration module. | |
4dc83677 BM |
322 | o Fix OCSP bad key DoS attack CVE-2013-0166 |
323 | o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 | |
324 | o Fix for TLS AESNI record handling flaw CVE-2012-2686 | |
5818a07a | 325 | |
57d7ee3a | 326 | Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]: |
5818a07a DSH |
327 | |
328 | o Fix TLS/DTLS record length checking bug CVE-2012-2333 | |
329 | o Don't attempt to use non-FIPS composite ciphers in FIPS mode. | |
330 | ||
57d7ee3a | 331 | Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]: |
a9e6c091 DSH |
332 | |
333 | o Fix compilation error on non-x86 platforms. | |
334 | o Make FIPS capable OpenSSL ciphers work in non-FIPS mode. | |
335 | o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0 | |
336 | ||
57d7ee3a | 337 | Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]: |
579d5534 DSH |
338 | |
339 | o Fix for ASN1 overflow bug CVE-2012-2110 | |
340 | o Workarounds for some servers that hang on long client hellos. | |
341 | o Fix SEGV in AES code. | |
342 | ||
57d7ee3a | 343 | Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]: |
61ad8262 DSH |
344 | |
345 | o TLS/DTLS heartbeat support. | |
346 | o SCTP support. | |
347 | o RFC 5705 TLS key material exporter. | |
348 | o RFC 5764 DTLS-SRTP negotiation. | |
349 | o Next Protocol Negotiation. | |
350 | o PSS signatures in certificates, requests and CRLs. | |
351 | o Support for password based recipient info for CMS. | |
352 | o Support TLS v1.2 and TLS v1.1. | |
353 | o Preliminary FIPS capability for unvalidated 2.0 FIPS module. | |
354 | o SRP support. | |
355 | ||
57d7ee3a | 356 | Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]: |
13747c6f DSH |
357 | |
358 | o Fix for CMS/PKCS#7 MMA CVE-2012-0884 | |
359 | o Corrected fix for CVE-2011-4619 | |
360 | o Various DTLS fixes. | |
361 | ||
57d7ee3a | 362 | Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]: |
13747c6f DSH |
363 | |
364 | o Fix for DTLS DoS issue CVE-2012-0050 | |
365 | ||
57d7ee3a | 366 | Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]: |
13747c6f DSH |
367 | |
368 | o Fix for DTLS plaintext recovery attack CVE-2011-4108 | |
369 | o Clear block padding bytes of SSL 3.0 records CVE-2011-4576 | |
370 | o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619 | |
371 | o Check parameters are not NULL in GOST ENGINE CVE-2012-0027 | |
372 | o Check for malformed RFC3779 data CVE-2011-4577 | |
373 | ||
57d7ee3a | 374 | Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]: |
13747c6f DSH |
375 | |
376 | o Fix for CRL vulnerability issue CVE-2011-3207 | |
377 | o Fix for ECDH crashes CVE-2011-3210 | |
378 | o Protection against EC timing attacks. | |
379 | o Support ECDH ciphersuites for certificates using SHA2 algorithms. | |
380 | o Various DTLS fixes. | |
381 | ||
57d7ee3a | 382 | Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]: |
9770924f BM |
383 | |
384 | o Fix for security issue CVE-2011-0014 | |
385 | ||
57d7ee3a | 386 | Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]: |
88f2a4cf BM |
387 | |
388 | o Fix for security issue CVE-2010-4180 | |
389 | o Fix for CVE-2010-4252 | |
390 | o Fix mishandling of absent EC point format extension. | |
391 | o Fix various platform compilation issues. | |
392 | o Corrected fix for security issue CVE-2010-3864. | |
393 | ||
57d7ee3a | 394 | Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]: |
732d31be DSH |
395 | |
396 | o Fix for security issue CVE-2010-3864. | |
397 | o Fix for CVE-2010-2939 | |
398 | o Fix WIN32 build system for GOST ENGINE. | |
399 | ||
57d7ee3a | 400 | Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]: |
417a24db | 401 | |
3cbb15ee | 402 | o Fix for security issue CVE-2010-1633. |
417a24db DSH |
403 | o GOST MAC and CFB fixes. |
404 | ||
57d7ee3a | 405 | Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]: |
4e74239d DSH |
406 | |
407 | o RFC3280 path validation: sufficient to process PKITS tests. | |
408 | o Integrated support for PVK files and keyblobs. | |
409 | o Change default private key format to PKCS#8. | |
ef236ec3 | 410 | o CMS support: able to process all examples in RFC4134 |
4e74239d DSH |
411 | o Streaming ASN1 encode support for PKCS#7 and CMS. |
412 | o Multiple signer and signer add support for PKCS#7 and CMS. | |
413 | o ASN1 printing support. | |
414 | o Whirlpool hash algorithm added. | |
415 | o RFC3161 time stamp support. | |
416 | o New generalised public key API supporting ENGINE based algorithms. | |
417 | o New generalised public key API utilities. | |
418 | o New ENGINE supporting GOST algorithms. | |
419 | o SSL/TLS GOST ciphersuite support. | |
420 | o PKCS#7 and CMS GOST support. | |
421 | o RFC4279 PSK ciphersuite support. | |
422 | o Supported points format extension for ECC ciphersuites. | |
423 | o ecdsa-with-SHA224/256/384/512 signature types. | |
424 | o dsa-with-SHA224 and dsa-with-SHA256 signature types. | |
425 | o Opaque PRF Input TLS extension support. | |
14023fe3 | 426 | o Updated time routines to avoid OS limitations. |
4e74239d | 427 | |
57d7ee3a | 428 | Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]: |
417a24db DSH |
429 | |
430 | o CFB cipher definition fixes. | |
431 | o Fix security issues CVE-2010-0740 and CVE-2010-0433. | |
432 | ||
57d7ee3a | 433 | Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010]: |
5814d829 DSH |
434 | |
435 | o Cipher definition fixes. | |
436 | o Workaround for slow RAND_poll() on some WIN32 versions. | |
437 | o Remove MD2 from algorithm tables. | |
438 | o SPKAC handling fixes. | |
439 | o Support for RFC5746 TLS renegotiation extension. | |
440 | o Compression memory leak fixed. | |
441 | o Compression session resumption fixed. | |
442 | o Ticket and SNI coexistence fixes. | |
87411f05 | 443 | o Many fixes to DTLS handling. |
5814d829 | 444 | |
57d7ee3a | 445 | Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]: |
5814d829 DSH |
446 | |
447 | o Temporary work around for CVE-2009-3555: disable renegotiation. | |
448 | ||
57d7ee3a | 449 | Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009]: |
7f1c086b DSH |
450 | |
451 | o Fix various build issues. | |
452 | o Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789) | |
453 | ||
57d7ee3a | 454 | Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009]: |
7f1c086b DSH |
455 | |
456 | o Fix security issue (CVE-2008-5077) | |
457 | o Merge FIPS 140-2 branch code. | |
458 | ||
57d7ee3a | 459 | Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008]: |
7f1c086b DSH |
460 | |
461 | o CryptoAPI ENGINE support. | |
462 | o Various precautionary measures. | |
463 | o Fix for bugs affecting certificate request creation. | |
464 | o Support for local machine keyset attribute in PKCS#12 files. | |
465 | ||
57d7ee3a | 466 | Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007]: |
11d01d37 | 467 | |
7f1c086b | 468 | o Backport of CMS functionality to 0.9.8. |
11d01d37 LJ |
469 | o Fixes for bugs introduced with 0.9.8f. |
470 | ||
57d7ee3a | 471 | Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]: |
1948c7e6 BL |
472 | |
473 | o Add gcc 4.2 support. | |
df7421cc | 474 | o Add support for AES and SSE2 assembly language optimization |
1948c7e6 | 475 | for VC++ build. |
87411f05 | 476 | o Support for RFC4507bis and server name extensions if explicitly |
1948c7e6 BL |
477 | selected at compile time. |
478 | o DTLS improvements. | |
479 | o RFC4507bis support. | |
480 | o TLS Extensions support. | |
481 | ||
57d7ee3a | 482 | Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007]: |
ac63b837 DSH |
483 | |
484 | o Various ciphersuite selection fixes. | |
485 | o RFC3779 support. | |
486 | ||
57d7ee3a | 487 | Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006]: |
61118caa BM |
488 | |
489 | o Introduce limits to prevent malicious key DoS (CVE-2006-2940) | |
490 | o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343) | |
491 | o Changes to ciphersuite selection algorithm | |
492 | ||
57d7ee3a | 493 | Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006]: |
613e7d2a BM |
494 | |
495 | o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 | |
496 | o New cipher Camellia | |
497 | ||
57d7ee3a | 498 | Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006]: |
613e7d2a BM |
499 | |
500 | o Cipher string fixes. | |
501 | o Fixes for VC++ 2005. | |
502 | o Updated ECC cipher suite support. | |
503 | o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free(). | |
504 | o Zlib compression usage fixes. | |
505 | o Built in dynamic engine compilation support on Win32. | |
506 | o Fixes auto dynamic engine loading in Win32. | |
507 | ||
57d7ee3a | 508 | Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005]: |
72dce768 | 509 | |
b79aa05e | 510 | o Fix potential SSL 2.0 rollback, CVE-2005-2969 |
72dce768 BM |
511 | o Extended Windows CE support |
512 | ||
57d7ee3a | 513 | Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005]: |
7017605d RL |
514 | |
515 | o Major work on the BIGNUM library for higher efficiency and to | |
516 | make operations more streamlined and less contradictory. This | |
517 | is the result of a major audit of the BIGNUM library. | |
518 | o Addition of BIGNUM functions for fields GF(2^m) and NIST | |
519 | curves, to support the Elliptic Crypto functions. | |
520 | o Major work on Elliptic Crypto; ECDH and ECDSA added, including | |
521 | the use through EVP, X509 and ENGINE. | |
522 | o New ASN.1 mini-compiler that's usable through the OpenSSL | |
523 | configuration file. | |
524 | o Added support for ASN.1 indefinite length constructed encoding. | |
525 | o New PKCS#12 'medium level' API to manipulate PKCS#12 files. | |
526 | o Complete rework of shared library construction and linking | |
527 | programs with shared or static libraries, through a separate | |
528 | Makefile.shared. | |
c8310124 | 529 | o Rework of the passing of parameters from one Makefile to another. |
7017605d RL |
530 | o Changed ENGINE framework to load dynamic engine modules |
531 | automatically from specifically given directories. | |
532 | o New structure and ASN.1 functions for CertificatePair. | |
533 | o Changed the ZLIB compression method to be stateful. | |
534 | o Changed the key-generation and primality testing "progress" | |
535 | mechanism to take a structure that contains the ticker | |
536 | function and an argument. | |
537 | o New engine module: GMP (performs private key exponentiation). | |
538 | o New engine module: VIA PadLOck ACE extension in VIA C3 | |
539 | Nehemiah processors. | |
540 | o Added support for IPv6 addresses in certificate extensions. | |
541 | See RFC 1884, section 2.2. | |
542 | o Added support for certificate policy mappings, policy | |
543 | constraints and name constraints. | |
544 | o Added support for multi-valued AVAs in the OpenSSL | |
545 | configuration file. | |
546 | o Added support for multiple certificates with the same subject | |
547 | in the 'openssl ca' index file. | |
548 | o Make it possible to create self-signed certificates using | |
549 | 'openssl ca -selfsign'. | |
550 | o Make it possible to generate a serial number file with | |
551 | 'openssl ca -create_serial'. | |
552 | o New binary search functions with extended functionality. | |
553 | o New BUF functions. | |
554 | o New STORE structure and library to provide an interface to all | |
555 | sorts of data repositories. Supports storage of public and | |
556 | private keys, certificates, CRLs, numbers and arbitrary blobs. | |
f430ba31 F |
557 | This library is unfortunately unfinished and unused within |
558 | OpenSSL. | |
7017605d RL |
559 | o New control functions for the error stack. |
560 | o Changed the PKCS#7 library to support one-pass S/MIME | |
561 | processing. | |
562 | o Added the possibility to compile without old deprecated | |
563 | functionality with the OPENSSL_NO_DEPRECATED macro or the | |
564 | 'no-deprecated' argument to the config and Configure scripts. | |
565 | o Constification of all ASN.1 conversion functions, and other | |
566 | affected functions. | |
567 | o Improved platform support for PowerPC. | |
568 | o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512). | |
46f4e1be | 569 | o New X509_VERIFY_PARAM structure to support parameterisation |
7017605d RL |
570 | of X.509 path validation. |
571 | o Major overhaul of RC4 performance on Intel P4, IA-64 and | |
572 | AMD64. | |
573 | o Changed the Configure script to have some algorithms disabled | |
f430ba31 | 574 | by default. Those can be explicitly enabled with the new |
7017605d RL |
575 | argument form 'enable-xxx'. |
576 | o Change the default digest in 'openssl' commands from MD5 to | |
577 | SHA-1. | |
613e7d2a | 578 | o Added support for DTLS. |
7017605d RL |
579 | o New BIGNUM blinding. |
580 | o Added support for the RSA-PSS encryption scheme | |
581 | o Added support for the RSA X.931 padding. | |
c8310124 RL |
582 | o Added support for BSD sockets on NetWare. |
583 | o Added support for files larger than 2GB. | |
584 | o Added initial support for Win64. | |
585 | o Added alternate pkg-config files. | |
7017605d | 586 | |
57d7ee3a | 587 | Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007]: |
ac63b837 DSH |
588 | |
589 | o FIPS 1.1.1 module linking. | |
590 | o Various ciphersuite selection fixes. | |
591 | ||
57d7ee3a | 592 | Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006]: |
61118caa BM |
593 | |
594 | o Introduce limits to prevent malicious key DoS (CVE-2006-2940) | |
595 | o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343) | |
596 | ||
57d7ee3a | 597 | Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006]: |
613e7d2a BM |
598 | |
599 | o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 | |
600 | ||
57d7ee3a | 601 | Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006]: |
613e7d2a BM |
602 | |
603 | o Visual C++ 2005 fixes. | |
604 | o Update Windows build system for FIPS. | |
605 | ||
57d7ee3a | 606 | Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]: |
613e7d2a | 607 | |
68756b12 | 608 | o Give EVP_MAX_MD_SIZE its old value, except for a FIPS build. |
613e7d2a | 609 | |
57d7ee3a | 610 | Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]: |
613e7d2a BM |
611 | |
612 | o Fix SSL 2.0 Rollback, CVE-2005-2969 | |
613 | o Allow use of fixed-length exponent on DSA signing | |
614 | o Default fixed-window RSA, DSA, DH private-key operations | |
615 | ||
57d7ee3a | 616 | Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005]: |
36521f01 RL |
617 | |
618 | o More compilation issues fixed. | |
619 | o Adaptation to more modern Kerberos API. | |
620 | o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin. | |
621 | o Enhanced x86_64 assembler BIGNUM module. | |
622 | o More constification. | |
623 | o Added processing of proxy certificates (RFC 3820). | |
624 | ||
57d7ee3a | 625 | Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005]: |
36521f01 RL |
626 | |
627 | o Several compilation issues fixed. | |
628 | o Many memory allocation failure checks added. | |
629 | o Improved comparison of X509 Name type. | |
630 | o Mandatory basic checks on certificates. | |
631 | o Performance improvements. | |
632 | ||
57d7ee3a | 633 | Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004]: |
03386677 DSH |
634 | |
635 | o Fix race condition in CRL checking code. | |
636 | o Fixes to PKCS#7 (S/MIME) code. | |
637 | ||
57d7ee3a | 638 | Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004]: |
03386677 DSH |
639 | |
640 | o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug | |
641 | o Security: Fix null-pointer assignment in do_change_cipher_spec() | |
642 | o Allow multiple active certificates with same subject in CA index | |
643 | o Multiple X509 verification fixes | |
644 | o Speed up HMAC and other operations | |
645 | ||
57d7ee3a | 646 | Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003]: |
29902449 DSH |
647 | |
648 | o Security: fix various ASN1 parsing bugs. | |
649 | o New -ignore_err option to OCSP utility. | |
650 | o Various interop and bug fixes in S/MIME code. | |
651 | o SSL/TLS protocol fix for unrequested client certificates. | |
652 | ||
57d7ee3a | 653 | Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]: |
1774e22d RL |
654 | |
655 | o Security: counter the Klima-Pokorny-Rosa extension of | |
87411f05 | 656 | Bleichbacher's attack |
1774e22d RL |
657 | o Security: make RSA blinding default. |
658 | o Configuration: Irix fixes, AIX fixes, better mingw support. | |
659 | o Support for new platforms: linux-ia64-ecc. | |
660 | o Build: shared library support fixes. | |
661 | o ASN.1: treat domainComponent correctly. | |
662 | o Documentation: fixes and additions. | |
663 | ||
57d7ee3a | 664 | Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003]: |
d8cbc935 RL |
665 | |
666 | o Security: Important security related bugfixes. | |
667 | o Enhanced compatibility with MIT Kerberos. | |
668 | o Can be built without the ENGINE framework. | |
669 | o IA32 assembler enhancements. | |
670 | o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64. | |
671 | o Configuration: the no-err option now works properly. | |
672 | o SSL/TLS: now handles manual certificate chain building. | |
673 | o SSL/TLS: certain session ID malfunctions corrected. | |
674 | ||
57d7ee3a | 675 | Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002]: |
83f25717 RL |
676 | |
677 | o New library section OCSP. | |
e4fb4977 LJ |
678 | o Complete rewrite of ASN1 code. |
679 | o CRL checking in verify code and openssl utility. | |
680 | o Extension copying in 'ca' utility. | |
681 | o Flexible display options in 'ca' utility. | |
682 | o Provisional support for international characters with UTF8. | |
4dec4f64 BM |
683 | o Support for external crypto devices ('engine') is no longer |
684 | a separate distribution. | |
e4fb4977 LJ |
685 | o New elliptic curve library section. |
686 | o New AES (Rijndael) library section. | |
1fc73fef | 687 | o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit, |
29902449 | 688 | Linux x86_64, Linux 64-bit on Sparc v9 |
9801fb61 RL |
689 | o Extended support for some platforms: VxWorks |
690 | o Enhanced support for shared libraries. | |
29902449 | 691 | o Now only builds PIC code when shared library support is requested. |
9801fb61 RL |
692 | o Support for pkg-config. |
693 | o Lots of new manuals. | |
29902449 DSH |
694 | o Makes symbolic links to or copies of manuals to cover all described |
695 | functions. | |
e4fb4977 LJ |
696 | o Change DES API to clean up the namespace (some applications link also |
697 | against libdes providing similar functions having the same name). | |
698 | Provide macros for backward compatibility (will be removed in the | |
699 | future). | |
ece0bdf1 BM |
700 | o Unify handling of cryptographic algorithms (software and engine) |
701 | to be available via EVP routines for asymmetric and symmetric ciphers. | |
e4fb4977 LJ |
702 | o NCONF: new configuration handling routines. |
703 | o Change API to use more 'const' modifiers to improve error checking | |
704 | and help optimizers. | |
705 | o Finally remove references to RSAref. | |
706 | o Reworked parts of the BIGNUM code. | |
707 | o Support for new engines: Broadcom ubsec, Accelerated Encryption | |
708 | Processing, IBM 4758. | |
9801fb61 | 709 | o A few new engines added in the demos area. |
e1f7ea25 | 710 | o Extended and corrected OID (object identifier) table. |
e4fb4977 LJ |
711 | o PRNG: query at more locations for a random device, automatic query for |
712 | EGD style random sources at several locations. | |
713 | o SSL/TLS: allow optional cipher choice according to server's preference. | |
714 | o SSL/TLS: allow server to explicitly set new session ids. | |
715 | o SSL/TLS: support Kerberos cipher suites (RFC2712). | |
87411f05 | 716 | Only supports MIT Kerberos for now. |
e4fb4977 LJ |
717 | o SSL/TLS: allow more precise control of renegotiations and sessions. |
718 | o SSL/TLS: add callback to retrieve SSL/TLS messages. | |
ea4f109c | 719 | o SSL/TLS: support AES cipher suites (RFC3268). |
e4fb4977 | 720 | |
57d7ee3a | 721 | Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003]: |
29902449 DSH |
722 | |
723 | o Security: fix various ASN1 parsing bugs. | |
724 | o SSL/TLS protocol fix for unrequested client certificates. | |
725 | ||
57d7ee3a | 726 | Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]: |
138f970e RL |
727 | |
728 | o Security: counter the Klima-Pokorny-Rosa extension of | |
87411f05 | 729 | Bleichbacher's attack |
138f970e RL |
730 | o Security: make RSA blinding default. |
731 | o Build: shared library support fixes. | |
732 | ||
57d7ee3a | 733 | Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003]: |
d8cbc935 RL |
734 | |
735 | o Important security related bugfixes. | |
736 | ||
57d7ee3a | 737 | Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002]: |
9801fb61 RL |
738 | |
739 | o New configuration targets for Tandem OSS and A/UX. | |
740 | o New OIDs for Microsoft attributes. | |
741 | o Better handling of SSL session caching. | |
742 | o Better comparison of distinguished names. | |
743 | o Better handling of shared libraries in a mixed GNU/non-GNU environment. | |
744 | o Support assembler code with Borland C. | |
745 | o Fixes for length problems. | |
746 | o Fixes for uninitialised variables. | |
747 | o Fixes for memory leaks, some unusual crashes and some race conditions. | |
748 | o Fixes for smaller building problems. | |
749 | o Updates of manuals, FAQ and other instructive documents. | |
750 | ||
57d7ee3a | 751 | Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002]: |
36969082 RL |
752 | |
753 | o Important building fixes on Unix. | |
754 | ||
57d7ee3a | 755 | Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002]: |
fbe792f0 RL |
756 | |
757 | o Various important bugfixes. | |
758 | ||
57d7ee3a | 759 | Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002]: |
b218af2b LJ |
760 | |
761 | o Important security related bugfixes. | |
762 | o Various SSL/TLS library bugfixes. | |
763 | ||
57d7ee3a | 764 | Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002]: |
e4fb4977 LJ |
765 | |
766 | o Various SSL/TLS library bugfixes. | |
767 | o Fix DH parameter generation for 'non-standard' generators. | |
4dec4f64 | 768 | |
57d7ee3a | 769 | Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001]: |
ae52ec98 BM |
770 | |
771 | o Various SSL/TLS library bugfixes. | |
772 | o BIGNUM library fixes. | |
ef5f6a08 RL |
773 | o RSA OAEP and random number generation fixes. |
774 | o Object identifiers corrected and added. | |
775 | o Add assembler BN routines for IA64. | |
776 | o Add support for OS/390 Unix, UnixWare with gcc, OpenUNIX 8, | |
777 | MIPS Linux; shared library support for Irix, HP-UX. | |
a3790c0d | 778 | o Add crypto accelerator support for AEP, Baltimore SureWare, |
ef5f6a08 RL |
779 | Broadcom and Cryptographic Appliance's keyserver |
780 | [in 0.9.6c-engine release]. | |
ae52ec98 | 781 | |
57d7ee3a | 782 | Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001]: |
4dec4f64 BM |
783 | |
784 | o Security fix: PRNG improvements. | |
785 | o Security fix: RSA OAEP check. | |
786 | o Security fix: Reinsert and fix countermeasure to Bleichbacher's | |
787 | attack. | |
788 | o MIPS bug fix in BIGNUM. | |
789 | o Bug fix in "openssl enc". | |
790 | o Bug fix in X.509 printing routine. | |
791 | o Bug fix in DSA verification routine and DSA S/MIME verification. | |
792 | o Bug fix to make PRNG thread-safe. | |
793 | o Bug fix in RAND_file_name(). | |
794 | o Bug fix in compatibility mode trust settings. | |
795 | o Bug fix in blowfish EVP. | |
796 | o Increase default size for BIO buffering filter. | |
797 | o Compatibility fixes in some scripts. | |
83f25717 | 798 | |
57d7ee3a | 799 | Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001]: |
7cdd2aa1 RL |
800 | |
801 | o Security fix: change behavior of OpenSSL to avoid using | |
802 | environment variables when running as root. | |
803 | o Security fix: check the result of RSA-CRT to reduce the | |
804 | possibility of deducing the private key from an incorrectly | |
805 | calculated signature. | |
806 | o Security fix: prevent Bleichenbacher's DSA attack. | |
807 | o Security fix: Zero the premaster secret after deriving the | |
808 | master secret in DH ciphersuites. | |
4fea8145 | 809 | o Reimplement SSL_peek(), which had various problems. |
307bf4da RL |
810 | o Compatibility fix: the function des_encrypt() renamed to |
811 | des_encrypt1() to avoid clashes with some Unixen libc. | |
7cdd2aa1 RL |
812 | o Bug fixes for Win32, HP/UX and Irix. |
813 | o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and | |
814 | memory checking routines. | |
5012158a | 815 | o Bug fixes for RSA operations in threaded environments. |
7cdd2aa1 RL |
816 | o Bug fixes in misc. openssl applications. |
817 | o Remove a few potential memory leaks. | |
818 | o Add tighter checks of BIGNUM routines. | |
819 | o Shared library support has been reworked for generality. | |
820 | o More documentation. | |
4fea8145 | 821 | o New function BN_rand_range(). |
7cdd2aa1 RL |
822 | o Add "-rand" option to openssl s_client and s_server. |
823 | ||
57d7ee3a | 824 | Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000]: |
4e87e05b DSH |
825 | |
826 | o Some documentation for BIO and SSL libraries. | |
827 | o Enhanced chain verification using key identifiers. | |
828 | o New sign and verify options to 'dgst' application. | |
829 | o Support for DER and PEM encoded messages in 'smime' application. | |
830 | o New 'rsautl' application, low level RSA utility. | |
b38d84d8 BM |
831 | o MD4 now included. |
832 | o Bugfix for SSL rollback padding check. | |
4dec4f64 | 833 | o Support for external crypto devices [1]. |
fda05b21 | 834 | o Enhanced EVP interface. |
b22bda21 | 835 | |
4dec4f64 BM |
836 | [1] The support for external crypto devices is currently a separate |
837 | distribution. See the file README.ENGINE. | |
838 | ||
57d7ee3a | 839 | Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]: |
35a79ecb | 840 | |
87411f05 | 841 | o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 |
35a79ecb RL |
842 | o Shared library support for HPUX and Solaris-gcc |
843 | o Support of Linux/IA64 | |
b7a81df4 | 844 | o Assembler support for Mingw32 |
35a79ecb RL |
845 | o New 'rand' application |
846 | o New way to check for existence of algorithms from scripts | |
847 | ||
57d7ee3a | 848 | Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000]: |
0c235249 | 849 | |
90644dd7 | 850 | o S/MIME support in new 'smime' command |
0c235249 | 851 | o Documentation for the OpenSSL command line application |
90644dd7 DSH |
852 | o Automation of 'req' application |
853 | o Fixes to make s_client, s_server work under Windows | |
854 | o Support for multiple fieldnames in SPKACs | |
46f4e1be | 855 | o New SPKAC command line utility and associated library functions |
ae1bb4e5 | 856 | o Options to allow passwords to be obtained from various sources |
90644dd7 DSH |
857 | o New public key PEM format and options to handle it |
858 | o Many other fixes and enhancements to command line utilities | |
859 | o Usable certificate chain verification | |
860 | o Certificate purpose checking | |
861 | o Certificate trust settings | |
862 | o Support of authority information access extension | |
863 | o Extensions in certificate requests | |
864 | o Simplified X509 name and attribute routines | |
ae1bb4e5 | 865 | o Initial (incomplete) support for international character sets |
90644dd7 DSH |
866 | o New DH_METHOD, DSA_METHOD and enhanced RSA_METHOD |
867 | o Read only memory BIOs and simplified creation function | |
8bd5b794 BM |
868 | o TLS/SSL protocol bugfixes: Accept TLS 'client hello' in SSL 3.0 |
869 | record; allow fragmentation and interleaving of handshake and other | |
870 | data | |
90644dd7 | 871 | o TLS/SSL code now "tolerates" MS SGC |
8bd5b794 | 872 | o Work around for Netscape client certificate hang bug |
90644dd7 DSH |
873 | o RSA_NULL option that removes RSA patent code but keeps other |
874 | RSA functionality | |
07e6dbde BM |
875 | o Memory leak detection now allows applications to add extra information |
876 | via a per-thread stack | |
877 | o PRNG robustness improved | |
4d524e10 | 878 | o EGD support |
6d9ca500 | 879 | o BIGNUM library bug fixes |
4d524e10 | 880 | o Faster DSA parameter generation |
74235cc9 UM |
881 | o Enhanced support for Alpha Linux |
882 | o Experimental MacOS support | |
0c235249 | 883 | |
57d7ee3a | 884 | Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999]: |
ed7f60fb DSH |
885 | |
886 | o Transparent support for PKCS#8 format private keys: these are used | |
c97cbcb3 BM |
887 | by several software packages and are more secure than the standard |
888 | form | |
889 | o PKCS#5 v2.0 implementation | |
890 | o Password callbacks have a new void * argument for application data | |
891 | o Avoid various memory leaks | |
892 | o New pipe-like BIO that allows using the SSL library when actual I/O | |
893 | must be handled by the application (BIO pair) | |
ed7f60fb | 894 | |
57d7ee3a | 895 | Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999]: |
9de649ff UM |
896 | o Lots of enhancements and cleanups to the Configuration mechanism |
897 | o RSA OEAP related fixes | |
8e8a8a5f RE |
898 | o Added `openssl ca -revoke' option for revoking a certificate |
899 | o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs | |
900 | o Source tree cleanups: removed lots of obsolete files | |
703126f0 | 901 | o Thawte SXNet, certificate policies and CRL distribution points |
a03dd7a6 | 902 | extension support |
703126f0 DSH |
903 | o Preliminary (experimental) S/MIME support |
904 | o Support for ASN.1 UTF8String and VisibleString | |
905 | o Full integration of PKCS#12 code | |
2cf9fcda | 906 | o Sparc assembler bignum implementation, optimized hash functions |
b0759f87 | 907 | o Option to disable selected ciphers |
8e8a8a5f | 908 | |
57d7ee3a | 909 | Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999]: |
738769ff RE |
910 | o Fixed a security hole related to session resumption |
911 | o Fixed RSA encryption routines for the p < q case | |
912 | o "ALL" in cipher lists now means "everything except NULL ciphers" | |
3b52c2e7 RE |
913 | o Support for Triple-DES CBCM cipher |
914 | o Support of Optimal Asymmetric Encryption Padding (OAEP) for RSA | |
915 | o First support for new TLSv1 ciphers | |
916 | o Added a few new BIOs (syslog BIO, reliable BIO) | |
917 | o Extended support for DSA certificate/keys. | |
03e20a1a | 918 | o Extended support for Certificate Signing Requests (CSR) |
3b52c2e7 RE |
919 | o Initial support for X.509v3 extensions |
920 | o Extended support for compression inside the SSL record layer | |
921 | o Overhauled Win32 builds | |
922 | o Cleanups and fixes to the Big Number (BN) library | |
923 | o Support for ASN.1 GeneralizedTime | |
924 | o Splitted ASN.1 SETs from SEQUENCEs | |
925 | o ASN1 and PEM support for Netscape Certificate Sequences | |
926 | o Overhauled Perl interface | |
927 | o Lots of source tree cleanups. | |
928 | o Lots of memory leak fixes. | |
929 | o Lots of bug fixes. | |
930 | ||
57d7ee3a | 931 | Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998]: |
3b52c2e7 RE |
932 | o Integration of the popular NO_RSA/NO_DSA patches |
933 | o Initial support for compression inside the SSL record layer | |
934 | o Added BIO proxy and filtering functionality | |
935 | o Extended Big Number (BN) library | |
936 | o Added RIPE MD160 message digest | |
46f4e1be | 937 | o Added support for RC2/64bit cipher |
3b52c2e7 | 938 | o Extended ASN.1 parser routines |
46f4e1be | 939 | o Adjustments of the source tree for CVS |
3b52c2e7 | 940 | o Support for various new platforms |