+ o Add multi-prime RSA (RFC 8017) support
+ o Add SM3 implemented according to GB/T 32905-2016
+ o Add SM4 implemented according to GB/T 32907-2016.
+ o Add 'Maximum Fragment Length' TLS extension negotiation and support
+ o Add ARIA support
+ o Add SHA3
+ o Rewrite of devcrypto engine
+ o Add support for SipHash
+ o Grand redesign of the OpenSSL random generator
+
+ Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [under development]
+
+ o Constructed ASN.1 types with a recursive definition could exceed the
+ stack (CVE-2018-0739)
+ o Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733)
+ o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
+
+ Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017]
+
+ o bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
+ o Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)