155714Skris 255714Skris NEWS 355714Skris ==== 455714Skris 555714Skris This file gives a brief overview of the major changes between each OpenSSL 655714Skris release. For more details please read the CHANGES file. 755714Skris 8296317Sdelphij Major changes between OpenSSL 1.0.1r and OpenSSL 1.0.1s [1 Mar 2016] 9296317Sdelphij 10296317Sdelphij o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. 11296317Sdelphij o Disable SSLv2 default build, default negotiation and weak ciphers 12296317Sdelphij (CVE-2016-0800) 13296317Sdelphij o Fix a double-free in DSA code (CVE-2016-0705) 14296317Sdelphij o Disable SRP fake user seed to address a server memory leak 15296317Sdelphij (CVE-2016-0798) 16296317Sdelphij o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption 17296317Sdelphij (CVE-2016-0797) 18296317Sdelphij o Fix memory issues in BIO_*printf functions (CVE-2016-0799) 19296317Sdelphij o Fix side channel attack on modular exponentiation (CVE-2016-0702) 20296317Sdelphij 21295016Sjkim Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016] 22295016Sjkim 23295016Sjkim o Protection for DH small subgroup attacks 24295016Sjkim o SSLv2 doesn't block disabled ciphers (CVE-2015-3197) 25295016Sjkim 26291721Sjkim Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015] 27291721Sjkim 28291721Sjkim o Certificate verify crash with missing PSS parameter (CVE-2015-3194) 29291721Sjkim o X509_ATTRIBUTE memory leak (CVE-2015-3195) 30291721Sjkim o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs 31291721Sjkim o In DSA_generate_parameters_ex, if the provided seed is too short, 32291721Sjkim return an error 33291721Sjkim 34285330Sjkim Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015] 35285330Sjkim 36285330Sjkim o Alternate chains certificate forgery (CVE-2015-1793) 37291721Sjkim o Race condition handling PSK identify hint (CVE-2015-3196) 38285330Sjkim 39284330Sjkim Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015] 40284330Sjkim 41284330Sjkim o Fix HMAC ABI incompatibility 42284330Sjkim 43284285Sjkim Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015] 44284285Sjkim 45284285Sjkim o Malformed ECParameters causes infinite loop (CVE-2015-1788) 46284285Sjkim o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) 47284285Sjkim o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) 48284285Sjkim o CMS verify infinite loop with unknown hash function (CVE-2015-1792) 49284285Sjkim o Race condition handling NewSessionTicket (CVE-2015-1791) 50284285Sjkim 51280304Sjkim Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015] 52280304Sjkim 53280304Sjkim o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286) 54280304Sjkim o ASN.1 structure reuse memory corruption fix (CVE-2015-0287) 55280304Sjkim o PKCS7 NULL pointer dereferences fix (CVE-2015-0289) 56280304Sjkim o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293) 57280304Sjkim o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209) 58280304Sjkim o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288) 59280304Sjkim o Removed the export ciphers from the DEFAULT ciphers 60280304Sjkim 61277597Sjkim Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015] 62277597Sjkim 63277597Sjkim o Build fixes for the Windows and OpenVMS platforms 64277597Sjkim 65276864Sjkim Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015] 66276864Sjkim 67276864Sjkim o Fix for CVE-2014-3571 68276864Sjkim o Fix for CVE-2015-0206 69276864Sjkim o Fix for CVE-2014-3569 70276864Sjkim o Fix for CVE-2014-3572 71276864Sjkim o Fix for CVE-2015-0204 72276864Sjkim o Fix for CVE-2015-0205 73276864Sjkim o Fix for CVE-2014-8275 74276864Sjkim o Fix for CVE-2014-3570 75276864Sjkim 76273149Sjkim Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014] 77273149Sjkim 78273149Sjkim o Fix for CVE-2014-3513 79273149Sjkim o Fix for CVE-2014-3567 80273149Sjkim o Mitigation for CVE-2014-3566 (SSL protocol vulnerability) 81273149Sjkim o Fix for CVE-2014-3568 82273149Sjkim 83269686Sjkim Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014] 84269686Sjkim 85269686Sjkim o Fix for CVE-2014-3512 86269686Sjkim o Fix for CVE-2014-3511 87269686Sjkim o Fix for CVE-2014-3510 88269686Sjkim o Fix for CVE-2014-3507 89269686Sjkim o Fix for CVE-2014-3506 90269686Sjkim o Fix for CVE-2014-3505 91269686Sjkim o Fix for CVE-2014-3509 92269686Sjkim o Fix for CVE-2014-5139 93269686Sjkim o Fix for CVE-2014-3508 94269686Sjkim 95267258Sjkim Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014] 96267258Sjkim 97267258Sjkim o Fix for CVE-2014-0224 98267258Sjkim o Fix for CVE-2014-0221 99269686Sjkim o Fix for CVE-2014-0198 100267258Sjkim o Fix for CVE-2014-0195 101267258Sjkim o Fix for CVE-2014-3470 102267258Sjkim o Fix for CVE-2010-5298 103267258Sjkim 104264331Sjkim Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014] 105246772Sjkim 106264331Sjkim o Fix for CVE-2014-0160 107264331Sjkim o Add TLS padding extension workaround for broken servers. 108264331Sjkim o Fix for CVE-2014-0076 109264331Sjkim 110264331Sjkim Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014] 111264331Sjkim 112264331Sjkim o Don't include gmt_unix_time in TLS server and client random values 113264331Sjkim o Fix for TLS record tampering bug CVE-2013-4353 114264331Sjkim o Fix for TLS version checking bug CVE-2013-6449 115264331Sjkim o Fix for DTLS retransmission bug CVE-2013-6450 116264331Sjkim 117264331Sjkim Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]: 118264331Sjkim 119246772Sjkim o Corrected fix for CVE-2013-0169 120246772Sjkim 121264331Sjkim Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]: 122246772Sjkim 123246772Sjkim o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. 124246772Sjkim o Include the fips configuration module. 125246772Sjkim o Fix OCSP bad key DoS attack CVE-2013-0166 126246772Sjkim o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 127246772Sjkim o Fix for TLS AESNI record handling flaw CVE-2012-2686 128246772Sjkim 129264331Sjkim Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]: 130237657Sjkim 131238405Sjkim o Fix TLS/DTLS record length checking bug CVE-2012-2333 132238405Sjkim o Don't attempt to use non-FIPS composite ciphers in FIPS mode. 133237657Sjkim 134264331Sjkim Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]: 135237657Sjkim 136238405Sjkim o Fix compilation error on non-x86 platforms. 137238405Sjkim o Make FIPS capable OpenSSL ciphers work in non-FIPS mode. 138238405Sjkim o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0 139237657Sjkim 140264331Sjkim Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]: 141237657Sjkim 142237657Sjkim o Fix for ASN1 overflow bug CVE-2012-2110 143238405Sjkim o Workarounds for some servers that hang on long client hellos. 144238405Sjkim o Fix SEGV in AES code. 145237657Sjkim 146264331Sjkim Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]: 147237657Sjkim 148238405Sjkim o TLS/DTLS heartbeat support. 149238405Sjkim o SCTP support. 150238405Sjkim o RFC 5705 TLS key material exporter. 151238405Sjkim o RFC 5764 DTLS-SRTP negotiation. 152238405Sjkim o Next Protocol Negotiation. 153238405Sjkim o PSS signatures in certificates, requests and CRLs. 154238405Sjkim o Support for password based recipient info for CMS. 155238405Sjkim o Support TLS v1.2 and TLS v1.1. 156238405Sjkim o Preliminary FIPS capability for unvalidated 2.0 FIPS module. 157238405Sjkim o SRP support. 158238405Sjkim 159264331Sjkim Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]: 160264331Sjkim 161237657Sjkim o Fix for CMS/PKCS#7 MMA CVE-2012-0884 162237657Sjkim o Corrected fix for CVE-2011-4619 163237657Sjkim o Various DTLS fixes. 164237657Sjkim 165264331Sjkim Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]: 166237657Sjkim 167237657Sjkim o Fix for DTLS DoS issue CVE-2012-0050 168237657Sjkim 169264331Sjkim Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]: 170237657Sjkim 171237657Sjkim o Fix for DTLS plaintext recovery attack CVE-2011-4108 172237657Sjkim o Clear block padding bytes of SSL 3.0 records CVE-2011-4576 173237657Sjkim o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619 174238405Sjkim o Check parameters are not NULL in GOST ENGINE CVE-2012-0027 175237657Sjkim o Check for malformed RFC3779 data CVE-2011-4577 176237657Sjkim 177264331Sjkim Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]: 178238405Sjkim 179238405Sjkim o Fix for CRL vulnerability issue CVE-2011-3207 180238405Sjkim o Fix for ECDH crashes CVE-2011-3210 181238405Sjkim o Protection against EC timing attacks. 182238405Sjkim o Support ECDH ciphersuites for certificates using SHA2 algorithms. 183238405Sjkim o Various DTLS fixes. 184238405Sjkim 185264331Sjkim Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]: 186238405Sjkim 187238405Sjkim o Fix for security issue CVE-2011-0014 188238405Sjkim 189264331Sjkim Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]: 190238405Sjkim 191238405Sjkim o Fix for security issue CVE-2010-4180 192238405Sjkim o Fix for CVE-2010-4252 193238405Sjkim o Fix mishandling of absent EC point format extension. 194238405Sjkim o Fix various platform compilation issues. 195238405Sjkim o Corrected fix for security issue CVE-2010-3864. 196238405Sjkim 197264331Sjkim Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]: 198238405Sjkim 199238405Sjkim o Fix for security issue CVE-2010-3864. 200238405Sjkim o Fix for CVE-2010-2939 201238405Sjkim o Fix WIN32 build system for GOST ENGINE. 202238405Sjkim 203264331Sjkim Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]: 204238405Sjkim 205238405Sjkim o Fix for security issue CVE-2010-1633. 206238405Sjkim o GOST MAC and CFB fixes. 207238405Sjkim 208264331Sjkim Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]: 209238405Sjkim 210238405Sjkim o RFC3280 path validation: sufficient to process PKITS tests. 211238405Sjkim o Integrated support for PVK files and keyblobs. 212238405Sjkim o Change default private key format to PKCS#8. 213238405Sjkim o CMS support: able to process all examples in RFC4134 214238405Sjkim o Streaming ASN1 encode support for PKCS#7 and CMS. 215238405Sjkim o Multiple signer and signer add support for PKCS#7 and CMS. 216238405Sjkim o ASN1 printing support. 217238405Sjkim o Whirlpool hash algorithm added. 218238405Sjkim o RFC3161 time stamp support. 219238405Sjkim o New generalised public key API supporting ENGINE based algorithms. 220238405Sjkim o New generalised public key API utilities. 221238405Sjkim o New ENGINE supporting GOST algorithms. 222238405Sjkim o SSL/TLS GOST ciphersuite support. 223238405Sjkim o PKCS#7 and CMS GOST support. 224238405Sjkim o RFC4279 PSK ciphersuite support. 225238405Sjkim o Supported points format extension for ECC ciphersuites. 226238405Sjkim o ecdsa-with-SHA224/256/384/512 signature types. 227238405Sjkim o dsa-with-SHA224 and dsa-with-SHA256 signature types. 228238405Sjkim o Opaque PRF Input TLS extension support. 229238405Sjkim o Updated time routines to avoid OS limitations. 230238405Sjkim 231264331Sjkim Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]: 232206046Ssimon 233206046Ssimon o CFB cipher definition fixes. 234206046Ssimon o Fix security issues CVE-2010-0740 and CVE-2010-0433. 235206046Ssimon 236264331Sjkim Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010]: 237205128Ssimon 238205128Ssimon o Cipher definition fixes. 239205128Ssimon o Workaround for slow RAND_poll() on some WIN32 versions. 240205128Ssimon o Remove MD2 from algorithm tables. 241205128Ssimon o SPKAC handling fixes. 242205128Ssimon o Support for RFC5746 TLS renegotiation extension. 243205128Ssimon o Compression memory leak fixed. 244205128Ssimon o Compression session resumption fixed. 245205128Ssimon o Ticket and SNI coexistence fixes. 246205128Ssimon o Many fixes to DTLS handling. 247205128Ssimon 248264331Sjkim Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]: 249205128Ssimon 250205128Ssimon o Temporary work around for CVE-2009-3555: disable renegotiation. 251205128Ssimon 252264331Sjkim Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009]: 253194206Ssimon 254194206Ssimon o Fix various build issues. 255194206Ssimon o Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789) 256194206Ssimon 257264331Sjkim Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009]: 258194206Ssimon 259194206Ssimon o Fix security issue (CVE-2008-5077) 260194206Ssimon o Merge FIPS 140-2 branch code. 261194206Ssimon 262264331Sjkim Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008]: 263194206Ssimon 264194206Ssimon o CryptoAPI ENGINE support. 265194206Ssimon o Various precautionary measures. 266194206Ssimon o Fix for bugs affecting certificate request creation. 267194206Ssimon o Support for local machine keyset attribute in PKCS#12 files. 268194206Ssimon 269264331Sjkim Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007]: 270194206Ssimon 271194206Ssimon o Backport of CMS functionality to 0.9.8. 272194206Ssimon o Fixes for bugs introduced with 0.9.8f. 273194206Ssimon 274264331Sjkim Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]: 275194206Ssimon 276194206Ssimon o Add gcc 4.2 support. 277194206Ssimon o Add support for AES and SSE2 assembly lanugauge optimization 278194206Ssimon for VC++ build. 279194206Ssimon o Support for RFC4507bis and server name extensions if explicitly 280194206Ssimon selected at compile time. 281194206Ssimon o DTLS improvements. 282194206Ssimon o RFC4507bis support. 283194206Ssimon o TLS Extensions support. 284194206Ssimon 285264331Sjkim Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007]: 286162911Ssimon 287167612Ssimon o Various ciphersuite selection fixes. 288167612Ssimon o RFC3779 support. 289167612Ssimon 290264331Sjkim Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006]: 291167612Ssimon 292162911Ssimon o Introduce limits to prevent malicious key DoS (CVE-2006-2940) 293162911Ssimon o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343) 294162911Ssimon o Changes to ciphersuite selection algorithm 295162911Ssimon 296264331Sjkim Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006]: 297162911Ssimon 298162911Ssimon o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 299162911Ssimon o New cipher Camellia 300162911Ssimon 301264331Sjkim Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006]: 302160814Ssimon 303160814Ssimon o Cipher string fixes. 304160814Ssimon o Fixes for VC++ 2005. 305160814Ssimon o Updated ECC cipher suite support. 306160814Ssimon o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free(). 307160814Ssimon o Zlib compression usage fixes. 308160814Ssimon o Built in dynamic engine compilation support on Win32. 309160814Ssimon o Fixes auto dynamic engine loading in Win32. 310160814Ssimon 311264331Sjkim Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005]: 312160814Ssimon 313162911Ssimon o Fix potential SSL 2.0 rollback, CVE-2005-2969 314160814Ssimon o Extended Windows CE support 315160814Ssimon 316264331Sjkim Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005]: 317160814Ssimon 318160814Ssimon o Major work on the BIGNUM library for higher efficiency and to 319160814Ssimon make operations more streamlined and less contradictory. This 320160814Ssimon is the result of a major audit of the BIGNUM library. 321160814Ssimon o Addition of BIGNUM functions for fields GF(2^m) and NIST 322160814Ssimon curves, to support the Elliptic Crypto functions. 323160814Ssimon o Major work on Elliptic Crypto; ECDH and ECDSA added, including 324160814Ssimon the use through EVP, X509 and ENGINE. 325160814Ssimon o New ASN.1 mini-compiler that's usable through the OpenSSL 326160814Ssimon configuration file. 327160814Ssimon o Added support for ASN.1 indefinite length constructed encoding. 328160814Ssimon o New PKCS#12 'medium level' API to manipulate PKCS#12 files. 329160814Ssimon o Complete rework of shared library construction and linking 330160814Ssimon programs with shared or static libraries, through a separate 331160814Ssimon Makefile.shared. 332160814Ssimon o Rework of the passing of parameters from one Makefile to another. 333160814Ssimon o Changed ENGINE framework to load dynamic engine modules 334160814Ssimon automatically from specifically given directories. 335160814Ssimon o New structure and ASN.1 functions for CertificatePair. 336160814Ssimon o Changed the ZLIB compression method to be stateful. 337160814Ssimon o Changed the key-generation and primality testing "progress" 338160814Ssimon mechanism to take a structure that contains the ticker 339160814Ssimon function and an argument. 340160814Ssimon o New engine module: GMP (performs private key exponentiation). 341160814Ssimon o New engine module: VIA PadLOck ACE extension in VIA C3 342160814Ssimon Nehemiah processors. 343160814Ssimon o Added support for IPv6 addresses in certificate extensions. 344160814Ssimon See RFC 1884, section 2.2. 345160814Ssimon o Added support for certificate policy mappings, policy 346160814Ssimon constraints and name constraints. 347160814Ssimon o Added support for multi-valued AVAs in the OpenSSL 348160814Ssimon configuration file. 349160814Ssimon o Added support for multiple certificates with the same subject 350160814Ssimon in the 'openssl ca' index file. 351160814Ssimon o Make it possible to create self-signed certificates using 352160814Ssimon 'openssl ca -selfsign'. 353160814Ssimon o Make it possible to generate a serial number file with 354160814Ssimon 'openssl ca -create_serial'. 355160814Ssimon o New binary search functions with extended functionality. 356160814Ssimon o New BUF functions. 357160814Ssimon o New STORE structure and library to provide an interface to all 358160814Ssimon sorts of data repositories. Supports storage of public and 359160814Ssimon private keys, certificates, CRLs, numbers and arbitrary blobs. 360160814Ssimon This library is unfortunately unfinished and unused withing 361160814Ssimon OpenSSL. 362160814Ssimon o New control functions for the error stack. 363160814Ssimon o Changed the PKCS#7 library to support one-pass S/MIME 364160814Ssimon processing. 365160814Ssimon o Added the possibility to compile without old deprecated 366160814Ssimon functionality with the OPENSSL_NO_DEPRECATED macro or the 367160814Ssimon 'no-deprecated' argument to the config and Configure scripts. 368160814Ssimon o Constification of all ASN.1 conversion functions, and other 369160814Ssimon affected functions. 370160814Ssimon o Improved platform support for PowerPC. 371160814Ssimon o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512). 372160814Ssimon o New X509_VERIFY_PARAM structure to support parametrisation 373160814Ssimon of X.509 path validation. 374160814Ssimon o Major overhaul of RC4 performance on Intel P4, IA-64 and 375160814Ssimon AMD64. 376160814Ssimon o Changed the Configure script to have some algorithms disabled 377160814Ssimon by default. Those can be explicitely enabled with the new 378160814Ssimon argument form 'enable-xxx'. 379160814Ssimon o Change the default digest in 'openssl' commands from MD5 to 380160814Ssimon SHA-1. 381160814Ssimon o Added support for DTLS. 382160814Ssimon o New BIGNUM blinding. 383160814Ssimon o Added support for the RSA-PSS encryption scheme 384160814Ssimon o Added support for the RSA X.931 padding. 385160814Ssimon o Added support for BSD sockets on NetWare. 386160814Ssimon o Added support for files larger than 2GB. 387160814Ssimon o Added initial support for Win64. 388160814Ssimon o Added alternate pkg-config files. 389160814Ssimon 390264331Sjkim Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007]: 391237657Sjkim 392237657Sjkim o FIPS 1.1.1 module linking. 393237657Sjkim o Various ciphersuite selection fixes. 394237657Sjkim 395264331Sjkim Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006]: 396167612Ssimon 397167612Ssimon o Introduce limits to prevent malicious key DoS (CVE-2006-2940) 398167612Ssimon o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343) 399167612Ssimon 400264331Sjkim Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006]: 401162911Ssimon 402162911Ssimon o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 403162911Ssimon 404264331Sjkim Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006]: 405160814Ssimon 406160814Ssimon o Visual C++ 2005 fixes. 407160814Ssimon o Update Windows build system for FIPS. 408160814Ssimon 409264331Sjkim Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]: 410160814Ssimon 411160814Ssimon o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build. 412160814Ssimon 413264331Sjkim Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]: 414160814Ssimon 415162911Ssimon o Fix SSL 2.0 Rollback, CVE-2005-2969 416160814Ssimon o Allow use of fixed-length exponent on DSA signing 417160814Ssimon o Default fixed-window RSA, DSA, DH private-key operations 418160814Ssimon 419264331Sjkim Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005]: 420160814Ssimon 421160814Ssimon o More compilation issues fixed. 422160814Ssimon o Adaptation to more modern Kerberos API. 423160814Ssimon o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin. 424160814Ssimon o Enhanced x86_64 assembler BIGNUM module. 425160814Ssimon o More constification. 426160814Ssimon o Added processing of proxy certificates (RFC 3820). 427160814Ssimon 428264331Sjkim Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005]: 429160814Ssimon 430160814Ssimon o Several compilation issues fixed. 431160814Ssimon o Many memory allocation failure checks added. 432160814Ssimon o Improved comparison of X509 Name type. 433160814Ssimon o Mandatory basic checks on certificates. 434160814Ssimon o Performance improvements. 435160814Ssimon 436264331Sjkim Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004]: 437142425Snectar 438142425Snectar o Fix race condition in CRL checking code. 439142425Snectar o Fixes to PKCS#7 (S/MIME) code. 440142425Snectar 441264331Sjkim Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004]: 442127128Snectar 443127128Snectar o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug 444127128Snectar o Security: Fix null-pointer assignment in do_change_cipher_spec() 445127128Snectar o Allow multiple active certificates with same subject in CA index 446142425Snectar o Multiple X509 verification fixes 447127128Snectar o Speed up HMAC and other operations 448127128Snectar 449264331Sjkim Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003]: 450120631Snectar 451120631Snectar o Security: fix various ASN1 parsing bugs. 452120631Snectar o New -ignore_err option to OCSP utility. 453120631Snectar o Various interop and bug fixes in S/MIME code. 454120631Snectar o SSL/TLS protocol fix for unrequested client certificates. 455120631Snectar 456264331Sjkim Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]: 457120631Snectar 458120631Snectar o Security: counter the Klima-Pokorny-Rosa extension of 459120631Snectar Bleichbacher's attack 460120631Snectar o Security: make RSA blinding default. 461120631Snectar o Configuration: Irix fixes, AIX fixes, better mingw support. 462120631Snectar o Support for new platforms: linux-ia64-ecc. 463120631Snectar o Build: shared library support fixes. 464120631Snectar o ASN.1: treat domainComponent correctly. 465120631Snectar o Documentation: fixes and additions. 466120631Snectar 467264331Sjkim Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003]: 468111147Snectar 469111147Snectar o Security: Important security related bugfixes. 470111147Snectar o Enhanced compatibility with MIT Kerberos. 471111147Snectar o Can be built without the ENGINE framework. 472111147Snectar o IA32 assembler enhancements. 473111147Snectar o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64. 474111147Snectar o Configuration: the no-err option now works properly. 475111147Snectar o SSL/TLS: now handles manual certificate chain building. 476111147Snectar o SSL/TLS: certain session ID malfunctions corrected. 477111147Snectar 478264331Sjkim Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002]: 479109998Smarkm 480109998Smarkm o New library section OCSP. 481109998Smarkm o Complete rewrite of ASN1 code. 482109998Smarkm o CRL checking in verify code and openssl utility. 483109998Smarkm o Extension copying in 'ca' utility. 484109998Smarkm o Flexible display options in 'ca' utility. 485109998Smarkm o Provisional support for international characters with UTF8. 486109998Smarkm o Support for external crypto devices ('engine') is no longer 487109998Smarkm a separate distribution. 488109998Smarkm o New elliptic curve library section. 489109998Smarkm o New AES (Rijndael) library section. 490109998Smarkm o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit, 491109998Smarkm Linux x86_64, Linux 64-bit on Sparc v9 492109998Smarkm o Extended support for some platforms: VxWorks 493109998Smarkm o Enhanced support for shared libraries. 494109998Smarkm o Now only builds PIC code when shared library support is requested. 495109998Smarkm o Support for pkg-config. 496109998Smarkm o Lots of new manuals. 497109998Smarkm o Makes symbolic links to or copies of manuals to cover all described 498109998Smarkm functions. 499109998Smarkm o Change DES API to clean up the namespace (some applications link also 500109998Smarkm against libdes providing similar functions having the same name). 501109998Smarkm Provide macros for backward compatibility (will be removed in the 502109998Smarkm future). 503109998Smarkm o Unify handling of cryptographic algorithms (software and engine) 504109998Smarkm to be available via EVP routines for asymmetric and symmetric ciphers. 505109998Smarkm o NCONF: new configuration handling routines. 506109998Smarkm o Change API to use more 'const' modifiers to improve error checking 507109998Smarkm and help optimizers. 508109998Smarkm o Finally remove references to RSAref. 509109998Smarkm o Reworked parts of the BIGNUM code. 510109998Smarkm o Support for new engines: Broadcom ubsec, Accelerated Encryption 511109998Smarkm Processing, IBM 4758. 512109998Smarkm o A few new engines added in the demos area. 513109998Smarkm o Extended and corrected OID (object identifier) table. 514109998Smarkm o PRNG: query at more locations for a random device, automatic query for 515109998Smarkm EGD style random sources at several locations. 516109998Smarkm o SSL/TLS: allow optional cipher choice according to server's preference. 517109998Smarkm o SSL/TLS: allow server to explicitly set new session ids. 518109998Smarkm o SSL/TLS: support Kerberos cipher suites (RFC2712). 519109998Smarkm Only supports MIT Kerberos for now. 520109998Smarkm o SSL/TLS: allow more precise control of renegotiations and sessions. 521109998Smarkm o SSL/TLS: add callback to retrieve SSL/TLS messages. 522109998Smarkm o SSL/TLS: support AES cipher suites (RFC3268). 523109998Smarkm 524264331Sjkim Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003]: 525120631Snectar 526120631Snectar o Security: fix various ASN1 parsing bugs. 527120631Snectar o SSL/TLS protocol fix for unrequested client certificates. 528120631Snectar 529264331Sjkim Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]: 530120631Snectar 531120631Snectar o Security: counter the Klima-Pokorny-Rosa extension of 532120631Snectar Bleichbacher's attack 533120631Snectar o Security: make RSA blinding default. 534120631Snectar o Build: shared library support fixes. 535120631Snectar 536264331Sjkim Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003]: 537111147Snectar 538111147Snectar o Important security related bugfixes. 539111147Snectar 540264331Sjkim Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002]: 541109998Smarkm 542109998Smarkm o New configuration targets for Tandem OSS and A/UX. 543109998Smarkm o New OIDs for Microsoft attributes. 544109998Smarkm o Better handling of SSL session caching. 545109998Smarkm o Better comparison of distinguished names. 546109998Smarkm o Better handling of shared libraries in a mixed GNU/non-GNU environment. 547109998Smarkm o Support assembler code with Borland C. 548109998Smarkm o Fixes for length problems. 549109998Smarkm o Fixes for uninitialised variables. 550109998Smarkm o Fixes for memory leaks, some unusual crashes and some race conditions. 551109998Smarkm o Fixes for smaller building problems. 552109998Smarkm o Updates of manuals, FAQ and other instructive documents. 553109998Smarkm 554264331Sjkim Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002]: 555101618Snectar 556101618Snectar o Important building fixes on Unix. 557101618Snectar 558264331Sjkim Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002]: 559101613Snectar 560101613Snectar o Various important bugfixes. 561101613Snectar 562264331Sjkim Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002]: 563101613Snectar 564101613Snectar o Important security related bugfixes. 565101613Snectar o Various SSL/TLS library bugfixes. 566101613Snectar 567264331Sjkim Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002]: 56889837Skris 56989837Skris o Various SSL/TLS library bugfixes. 570100928Snectar o Fix DH parameter generation for 'non-standard' generators. 571100928Snectar 572264331Sjkim Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001]: 573100928Snectar 574100928Snectar o Various SSL/TLS library bugfixes. 57589837Skris o BIGNUM library fixes. 57689837Skris o RSA OAEP and random number generation fixes. 57789837Skris o Object identifiers corrected and added. 57889837Skris o Add assembler BN routines for IA64. 57989837Skris o Add support for OS/390 Unix, UnixWare with gcc, OpenUNIX 8, 58089837Skris MIPS Linux; shared library support for Irix, HP-UX. 58189837Skris o Add crypto accelerator support for AEP, Baltimore SureWare, 58289837Skris Broadcom and Cryptographic Appliance's keyserver 58389837Skris [in 0.9.6c-engine release]. 58489837Skris 585264331Sjkim Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001]: 58679998Skris 58779998Skris o Security fix: PRNG improvements. 58879998Skris o Security fix: RSA OAEP check. 58979998Skris o Security fix: Reinsert and fix countermeasure to Bleichbacher's 59079998Skris attack. 59179998Skris o MIPS bug fix in BIGNUM. 59279998Skris o Bug fix in "openssl enc". 59379998Skris o Bug fix in X.509 printing routine. 59479998Skris o Bug fix in DSA verification routine and DSA S/MIME verification. 59579998Skris o Bug fix to make PRNG thread-safe. 59679998Skris o Bug fix in RAND_file_name(). 59779998Skris o Bug fix in compatibility mode trust settings. 59879998Skris o Bug fix in blowfish EVP. 59979998Skris o Increase default size for BIO buffering filter. 60079998Skris o Compatibility fixes in some scripts. 60179998Skris 602264331Sjkim Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001]: 60376866Skris 60476866Skris o Security fix: change behavior of OpenSSL to avoid using 60576866Skris environment variables when running as root. 60676866Skris o Security fix: check the result of RSA-CRT to reduce the 60776866Skris possibility of deducing the private key from an incorrectly 60876866Skris calculated signature. 60976866Skris o Security fix: prevent Bleichenbacher's DSA attack. 61076866Skris o Security fix: Zero the premaster secret after deriving the 61176866Skris master secret in DH ciphersuites. 61276866Skris o Reimplement SSL_peek(), which had various problems. 61376866Skris o Compatibility fix: the function des_encrypt() renamed to 61476866Skris des_encrypt1() to avoid clashes with some Unixen libc. 61576866Skris o Bug fixes for Win32, HP/UX and Irix. 61676866Skris o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and 61776866Skris memory checking routines. 618100936Snectar o Bug fixes for RSA operations in threaded environments. 61976866Skris o Bug fixes in misc. openssl applications. 62076866Skris o Remove a few potential memory leaks. 62176866Skris o Add tighter checks of BIGNUM routines. 62276866Skris o Shared library support has been reworked for generality. 62376866Skris o More documentation. 62476866Skris o New function BN_rand_range(). 62576866Skris o Add "-rand" option to openssl s_client and s_server. 62676866Skris 627264331Sjkim Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000]: 62868651Skris 62968651Skris o Some documentation for BIO and SSL libraries. 63068651Skris o Enhanced chain verification using key identifiers. 63168651Skris o New sign and verify options to 'dgst' application. 63268651Skris o Support for DER and PEM encoded messages in 'smime' application. 63368651Skris o New 'rsautl' application, low level RSA utility. 63468651Skris o MD4 now included. 63568651Skris o Bugfix for SSL rollback padding check. 63668651Skris o Support for external crypto devices [1]. 63768651Skris o Enhanced EVP interface. 63868651Skris 63968651Skris [1] The support for external crypto devices is currently a separate 64068651Skris distribution. See the file README.ENGINE. 64168651Skris 642264331Sjkim Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]: 64359191Skris 64459191Skris o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 64559191Skris o Shared library support for HPUX and Solaris-gcc 64659191Skris o Support of Linux/IA64 64759191Skris o Assembler support for Mingw32 64859191Skris o New 'rand' application 64959191Skris o New way to check for existence of algorithms from scripts 65059191Skris 651264331Sjkim Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000]: 65259191Skris 65359191Skris o S/MIME support in new 'smime' command 65459191Skris o Documentation for the OpenSSL command line application 65559191Skris o Automation of 'req' application 65659191Skris o Fixes to make s_client, s_server work under Windows 65759191Skris o Support for multiple fieldnames in SPKACs 65859191Skris o New SPKAC command line utilty and associated library functions 65959191Skris o Options to allow passwords to be obtained from various sources 66059191Skris o New public key PEM format and options to handle it 66159191Skris o Many other fixes and enhancements to command line utilities 66259191Skris o Usable certificate chain verification 66359191Skris o Certificate purpose checking 66459191Skris o Certificate trust settings 66559191Skris o Support of authority information access extension 66659191Skris o Extensions in certificate requests 66759191Skris o Simplified X509 name and attribute routines 66859191Skris o Initial (incomplete) support for international character sets 66959191Skris o New DH_METHOD, DSA_METHOD and enhanced RSA_METHOD 67059191Skris o Read only memory BIOs and simplified creation function 67159191Skris o TLS/SSL protocol bugfixes: Accept TLS 'client hello' in SSL 3.0 67259191Skris record; allow fragmentation and interleaving of handshake and other 67359191Skris data 67459191Skris o TLS/SSL code now "tolerates" MS SGC 67559191Skris o Work around for Netscape client certificate hang bug 67659191Skris o RSA_NULL option that removes RSA patent code but keeps other 67759191Skris RSA functionality 67859191Skris o Memory leak detection now allows applications to add extra information 67959191Skris via a per-thread stack 68059191Skris o PRNG robustness improved 68159191Skris o EGD support 68259191Skris o BIGNUM library bug fixes 68359191Skris o Faster DSA parameter generation 68459191Skris o Enhanced support for Alpha Linux 68559191Skris o Experimental MacOS support 68659191Skris 687264331Sjkim Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999]: 68855714Skris 68955714Skris o Transparent support for PKCS#8 format private keys: these are used 69055714Skris by several software packages and are more secure than the standard 69155714Skris form 69255714Skris o PKCS#5 v2.0 implementation 69355714Skris o Password callbacks have a new void * argument for application data 69455714Skris o Avoid various memory leaks 69555714Skris o New pipe-like BIO that allows using the SSL library when actual I/O 69655714Skris must be handled by the application (BIO pair) 69755714Skris 698264331Sjkim Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999]: 69955714Skris o Lots of enhancements and cleanups to the Configuration mechanism 70055714Skris o RSA OEAP related fixes 70155714Skris o Added `openssl ca -revoke' option for revoking a certificate 70255714Skris o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs 70355714Skris o Source tree cleanups: removed lots of obsolete files 70455714Skris o Thawte SXNet, certificate policies and CRL distribution points 70555714Skris extension support 70655714Skris o Preliminary (experimental) S/MIME support 70755714Skris o Support for ASN.1 UTF8String and VisibleString 70855714Skris o Full integration of PKCS#12 code 70955714Skris o Sparc assembler bignum implementation, optimized hash functions 71055714Skris o Option to disable selected ciphers 71155714Skris 712264331Sjkim Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999]: 71355714Skris o Fixed a security hole related to session resumption 71455714Skris o Fixed RSA encryption routines for the p < q case 71555714Skris o "ALL" in cipher lists now means "everything except NULL ciphers" 71655714Skris o Support for Triple-DES CBCM cipher 71755714Skris o Support of Optimal Asymmetric Encryption Padding (OAEP) for RSA 71855714Skris o First support for new TLSv1 ciphers 71955714Skris o Added a few new BIOs (syslog BIO, reliable BIO) 72055714Skris o Extended support for DSA certificate/keys. 72155714Skris o Extended support for Certificate Signing Requests (CSR) 72255714Skris o Initial support for X.509v3 extensions 72355714Skris o Extended support for compression inside the SSL record layer 72455714Skris o Overhauled Win32 builds 72555714Skris o Cleanups and fixes to the Big Number (BN) library 72655714Skris o Support for ASN.1 GeneralizedTime 72755714Skris o Splitted ASN.1 SETs from SEQUENCEs 72855714Skris o ASN1 and PEM support for Netscape Certificate Sequences 72955714Skris o Overhauled Perl interface 73055714Skris o Lots of source tree cleanups. 73155714Skris o Lots of memory leak fixes. 73255714Skris o Lots of bug fixes. 73355714Skris 734264331Sjkim Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998]: 73555714Skris o Integration of the popular NO_RSA/NO_DSA patches 73655714Skris o Initial support for compression inside the SSL record layer 73755714Skris o Added BIO proxy and filtering functionality 73855714Skris o Extended Big Number (BN) library 73955714Skris o Added RIPE MD160 message digest 74055714Skris o Addeed support for RC2/64bit cipher 74155714Skris o Extended ASN.1 parser routines 74255714Skris o Adjustations of the source tree for CVS 74355714Skris o Support for various new platforms 74455714Skris 745