X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=NEWS;h=34312cd052272462f9b5cb004ea7a8f26fd8bb2e;hp=cbf847a19256d9ba8964ac4c84ac47610792ebf1;hb=1f9e00a6fcd7138f399c6a968625cf0d2d61a438;hpb=367eab2f9f1d1131356118507d21534558863365 diff --git a/NEWS b/NEWS index cbf847a192..34312cd052 100644 --- a/NEWS +++ b/NEWS @@ -5,7 +5,141 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. - Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [under development] + Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.1 [under development] + + o + + Major changes between OpenSSL 1.1.0c and OpenSSL 1.1.0d [26 Jan 2017] + + o Truncated packet could crash via OOB read (CVE-2017-3731) + o Bad (EC)DHE parameters cause a client crash (CVE-2017-3730) + o BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732) + + Major changes between OpenSSL 1.1.0b and OpenSSL 1.1.0c [10 Nov 2016] + + o ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054) + o CMS Null dereference (CVE-2016-7053) + o Montgomery multiplication may produce incorrect results (CVE-2016-7055) + + Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.0b [26 Sep 2016] + + o Fix Use After Free for large message sizes (CVE-2016-6309) + + Major changes between OpenSSL 1.1.0 and OpenSSL 1.1.0a [22 Sep 2016] + + o OCSP Status Request extension unbounded memory growth (CVE-2016-6304) + o SSL_peek() hang on empty record (CVE-2016-6305) + o Excessive allocation of memory in tls_get_message_header() + (CVE-2016-6307) + o Excessive allocation of memory in dtls1_preprocess_fragment() + (CVE-2016-6308) + + Major changes between OpenSSL 1.0.2h and OpenSSL 1.1.0 [25 Aug 2016] + + o Copyright text was shrunk to a boilerplate that points to the license + o "shared" builds are now the default when possible + o Added support for "pipelining" + o Added the AFALG engine + o New threading API implemented + o Support for ChaCha20 and Poly1305 added to libcrypto and libssl + o Support for extended master secret + o CCM ciphersuites + o Reworked test suite, now based on perl, Test::Harness and Test::More + o *Most* libcrypto and libssl public structures were made opaque, + including: + BIGNUM and associated types, EC_KEY and EC_KEY_METHOD, + DH and DH_METHOD, DSA and DSA_METHOD, RSA and RSA_METHOD, + BIO and BIO_METHOD, EVP_MD_CTX, EVP_MD, EVP_CIPHER_CTX, + EVP_CIPHER, EVP_PKEY and associated types, HMAC_CTX, + X509, X509_CRL, X509_OBJECT, X509_STORE_CTX, X509_STORE, + X509_LOOKUP, X509_LOOKUP_METHOD + o libssl internal structures made opaque + o SSLv2 support removed + o Kerberos ciphersuite support removed + o RC4 removed from DEFAULT ciphersuites in libssl + o 40 and 56 bit cipher support removed from libssl + o All public header files moved to include/openssl, no more symlinking + o SSL/TLS state machine, version negotiation and record layer rewritten + o EC revision: now operations use new EC_KEY_METHOD. + o Support for OCB mode added to libcrypto + o Support for asynchronous crypto operations added to libcrypto and libssl + o Deprecated interfaces can now be disabled at build time either + relative to the latest release via the "no-deprecated" Configure + argument, or via the "--api=1.1.0|1.0.0|0.9.8" option. + o Application software can be compiled with -DOPENSSL_API_COMPAT=version + to ensure that features deprecated in that version are not exposed. + o Support for RFC6698/RFC7671 DANE TLSA peer authentication + o Change of Configure to use --prefix as the main installation + directory location rather than --openssldir. The latter becomes + the directory for certs, private key and openssl.cnf exclusively. + o Reworked BIO networking library, with full support for IPv6. + o New "unified" build system + o New security levels + o Support for scrypt algorithm + o Support for X25519 + o Extended SSL_CONF support using configuration files + o KDF algorithm support. Implement TLS PRF as a KDF. + o Support for Certificate Transparency + o HKDF support. + + Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016] + + o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107) + o Fix EVP_EncodeUpdate overflow (CVE-2016-2105) + o Fix EVP_EncryptUpdate overflow (CVE-2016-2106) + o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109) + o EBCDIC overread (CVE-2016-2176) + o Modify behavior of ALPN to invoke callback after SNI/servername + callback, such that updates to the SSL_CTX affect ALPN. + o Remove LOW from the DEFAULT cipher list. This removes singles DES from + the default. + o Only remove the SSLv2 methods with the no-ssl2-method option. + + Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016] + + o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. + o Disable SSLv2 default build, default negotiation and weak ciphers + (CVE-2016-0800) + o Fix a double-free in DSA code (CVE-2016-0705) + o Disable SRP fake user seed to address a server memory leak + (CVE-2016-0798) + o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption + (CVE-2016-0797) + o Fix memory issues in BIO_*printf functions (CVE-2016-0799) + o Fix side channel attack on modular exponentiation (CVE-2016-0702) + + Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016] + + o DH small subgroups (CVE-2016-0701) + o SSLv2 doesn't block disabled ciphers (CVE-2015-3197) + + Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015] + + o BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193) + o Certificate verify crash with missing PSS parameter (CVE-2015-3194) + o X509_ATTRIBUTE memory leak (CVE-2015-3195) + o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs + o In DSA_generate_parameters_ex, if the provided seed is too short, + return an error + + Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015] + + o Alternate chains certificate forgery (CVE-2015-1793) + o Race condition handling PSK identify hint (CVE-2015-3196) + + Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015] + + o Fix HMAC ABI incompatibility + + Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015] + + o Malformed ECParameters causes infinite loop (CVE-2015-1788) + o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) + o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) + o CMS verify infinite loop with unknown hash function (CVE-2015-1792) + o Race condition handling NewSessionTicket (CVE-2015-1791) + + Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015] o OpenSSL 1.0.2 ClientHello sigalgs DoS fix (CVE-2015-0291) o Multiblock corrupted pointer fix (CVE-2015-0290) @@ -248,7 +382,7 @@ Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]: o Add gcc 4.2 support. - o Add support for AES and SSE2 assembly lanugauge optimization + o Add support for AES and SSE2 assembly language optimization for VC++ build. o Support for RFC4507bis and server name extensions if explicitly selected at compile time. @@ -331,8 +465,8 @@ o New STORE structure and library to provide an interface to all sorts of data repositories. Supports storage of public and private keys, certificates, CRLs, numbers and arbitrary blobs. - This library is unfortunately unfinished and unused withing - OpenSSL. + This library is unfortunately unfinished and unused within + OpenSSL. o New control functions for the error stack. o Changed the PKCS#7 library to support one-pass S/MIME processing. @@ -348,7 +482,7 @@ o Major overhaul of RC4 performance on Intel P4, IA-64 and AMD64. o Changed the Configure script to have some algorithms disabled - by default. Those can be explicitely enabled with the new + by default. Those can be explicitly enabled with the new argument form 'enable-xxx'. o Change the default digest in 'openssl' commands from MD5 to SHA-1.