This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
- Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [under development]
+ Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [under development]
o
- Known issues in OpenSL 1.0.1f
+ Known issues in OpenSSL 1.0.1h:
- o Warning when compiling s23_clnt.c on Windows. Fixed in 1.0.1g-dev.
- o On Windows 8 GetVersion is deprecated: no workaround yet.
+ o EAP-FAST and other applications using tls_session_secret_cb
+ wont resume sessions. Fixed in 1.0.1i-dev
+
+ Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
+
+ o Fix for CVE-2014-0224
+ o Fix for CVE-2014-0221
+ o Fix for CVE-2014-0198
+ o Fix for CVE-2014-0195
+ o Fix for CVE-2014-3470
+ o Fix for CVE-2010-5298
+
+ Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
+
+ o Fix for CVE-2014-0160
+ o Add TLS padding extension workaround for broken servers.
+ o Fix for CVE-2014-0076
Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]