### Changes between 3.0 and 3.1 [xx XXX xxxx]
+ * Added a new BIO_s_dgram_mem() to read/write datagrams to memory
+
+ *Matt Caswell*
+
* Add a mac salt length option for the pkcs12 command.
*Xinping Chen*
*Dmitry Belyavskiy, Nicola Tuveri*
- * Add new SSL APIs to aid in efficiently implementing TLS/SSL fingerprinting. The
- SSL_CTRL_GET_IANA_GROUPS control code, exposed as the SSL_get0_iana_groups()
- function-like macro, retrieves the list of supported groups sent by the peer,
- and the function SSL_client_hello_get_extension_order() populates a caller-supplied
- array with the list of extension types present in the ClientHello, in order of
- appearance.
+ * Add new SSL APIs to aid in efficiently implementing TLS/SSL fingerprinting.
+ The SSL_CTRL_GET_IANA_GROUPS control code, exposed as the
+ SSL_get0_iana_groups() function-like macro, retrieves the list of
+ supported groups sent by the peer.
+ The function SSL_client_hello_get_extension_order() populates
+ a caller-supplied array with the list of extension types present in the
+ ClientHello, in order of appearance.
*Phus Lu*
*Hugo Landau*
+ * When generating safe-prime DH parameters set the recommended private key
+ length equivalent to minimum key lengths as in RFC 7919.
+
+ *Tomáš Mráz*
+
+ * Fix and extend certificate handling and the apps `x509`, `verify` etc.
+ such as adding a trace facility for debugging certificate chain building.
+
+ *David von Oheimb*
+
+ * Various fixes and extensions to the CMP+CRMF implementation and the `cmp` app
+ in particular supporting requests for central key generation, generalized
+ polling, and various types of genm/genp exchanges defined in CMP Updates.
+
+ *David von Oheimb*
+
+ * Fixes and extensions to the HTTP client and to the HTTP server in `apps/`
+ like correcting the TLS and proxy support and adding tracing for debugging.
+
+ *David von Oheimb*
+
+ * Extended the CMS API for handling `CMS_SignedData` and `CMS_EnvelopedData`.
+
+ *David von Oheimb*
+
+ * Fixed and extended `util/check-format.pl` for checking adherence to the
+ coding style <https://www.openssl.org/policies/technical/coding-style.html>.
+ The checks are meanwhile more complete and yield fewer false positives.
+
+ *David von Oheimb*
+
OpenSSL 3.0
-----------