This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
- Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [under development]
+ Major changes between OpenSSL 1.0.2l and OpenSSL 1.0.2m [under development]
o
+ Major changes between OpenSSL 1.0.2k and OpenSSL 1.0.2l [25 May 2017]
+
+ o config now recognises 64-bit mingw and chooses mingw64 instead of mingw
+
+ Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017]
+
+ o Truncated packet could crash via OOB read (CVE-2017-3731)
+ o BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
+ o Montgomery multiplication may produce incorrect results (CVE-2016-7055)
+
Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016]
o Missing CRL sanity check (CVE-2016-7052)