### Changes between 3.0 and 3.1 [xx XXX xxxx]
+ * Add more SRTP protection profiles from RFC8723 and RFC8269.
+
+ *Kijin Kim*
+
* Extended Kernel TLS (KTLS) to support TLS 1.3 receive offload.
*Daiki Ueno, John Baldwin and Dmitry Podgorny*
[Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod
+### Changes between 3.0.3 and 3.0.4
+
+ * Case insensitive string comparison no longer uses locales. It has instead
+ been directly implemented.
+
+ *Paul Dale*
+
### Changes between 3.0.2 and 3.0.3
+ * Case insensitive string comparison is reimplemented via new locale-agnostic
+ comparison functions OPENSSL_str[n]casecmp always using the POSIX locale for
+ comparison. The previous implementation had problems when the Turkish locale
+ was used.
+
+ *Dmitry Belyavskiy*
+
* Fixed a bug in the c_rehash script which was not properly sanitising shell
metacharacters to prevent command injection. This script is distributed by
some operating systems in a manner where it is automatically executed. On
others that both endpoints have in common
(CVE-2022-1434)
- *Matt Caswell *
+ *Matt Caswell*
* Fix a bug in the OPENSSL_LH_flush() function that breaks reuse of the memory
occuppied by the removed hash table entries.
configured to accept client certificate authentication.
(CVE-2022-1473)
- *Tomáš Mráz*
+ *Hugo Landau, Aliaksei Levin*
* The functions `OPENSSL_LH_stats` and `OPENSSL_LH_stats_bio` now only report
the `num_items`, `num_nodes` and `num_alloc_nodes` statistics. All other