https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
- Changes between 1.1.0i and 1.1.1 [xx XXX xxxx]
+ Changes between 1.1.1 and 1.1.2 [xx XXX xxxx]
+
+ *) Instead of having the source directories listed in Configure, add
+ a 'build.info' keyword SUBDIRS to indicate what sub-directories to
+ look into.
+ [Richard Levitte]
+
+ *) Add GMAC to EVP_MAC.
+ [Paul Dale]
+
+ *) Ported the HMAC, CMAC and SipHash EVP_PKEY_METHODs to EVP_MAC.
+ [Richard Levitte]
+
+ *) Added EVP_MAC, an EVP layer MAC API, to simplify adding MAC
+ implementations. This includes a generic EVP_PKEY to EVP_MAC bridge,
+ to facilitate the continued use of MACs through raw private keys in
+ functionality such as EVP_DigestSign* and EVP_DigestVerify*.
+ [Richard Levitte]
+
+ *) Deprecate ECDH_KDF_X9_62() and mark its replacement as internal. Users
+ should use the EVP interface instead (EVP_PKEY_CTX_set_ecdh_kdf_type).
+ [Antoine Salon]
+
+ *) Added EVP_PKEY_ECDH_KDF_X9_63 and ecdh_KDF_X9_63() as replacements for
+ the EVP_PKEY_ECDH_KDF_X9_62 KDF type and ECDH_KDF_X9_62(). The old names
+ are retained for backwards compatibility.
+ [Antoine Salon]
+
+ *) AES-XTS mode now enforces that its two keys are different to mitigate
+ the attacked described in "Efficient Instantiations of Tweakable
+ Blockciphers and Refinements to Modes OCB and PMAC" by Phillip Rogaway.
+ Details of this attack can be obtained from:
+ http://web.cs.ucdavis.edu/%7Erogaway/papers/offsets.pdf
+ [Paul Dale]
+
+ *) Rename the object files, i.e. give them other names than in previous
+ versions. Their names now include the name of the final product, as
+ well as its type mnemonic (bin, lib, shlib).
+ [Richard Levitte]
+
+ *) Added new option for 'openssl list', '-objects', which will display the
+ list of built in objects, i.e. OIDs with names.
+ [Richard Levitte]
+
+ Changes between 1.1.1 and 1.1.1a [xx XXX xxxx]
+
+ *) Fixed the issue that RAND_add()/RAND_seed() silently discards random input
+ if its length exceeds 4096 bytes. The limit has been raised to a buffer size
+ of two gigabytes and the error handling improved.
+
+ This issue was reported to OpenSSL by Dr. Falko Strenzke. It has been
+ categorized as a normal bug, not a security issue, because the DRBG reseeds
+ automatically and is fully functional even without additional randomness
+ provided by the application.
+
+ Changes between 1.1.0i and 1.1.1 [11 Sep 2018]
+
+ *) Add a new ClientHello callback. Provides a callback interface that gives
+ the application the ability to adjust the nascent SSL object at the
+ earliest stage of ClientHello processing, immediately after extensions have
+ been collected but before they have been processed. In particular, this
+ callback can adjust the supported TLS versions in response to the contents
+ of the ClientHello
+ [Benjamin Kaduk]
*) Add SM2 base algorithm support.
[Jack Lloyd]
*) A minor bug in ssl/s3_clnt.c where there would always be 4 0
bytes sent in the client random.
[Edward Bishop <ebishop@spyglass.com>]
-