X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=NEWS;h=a2084af8e654f1c5d071074501374df143f098a6;hp=87721ee80647daa538c34015c29e66a5e01b9cbc;hb=e45b3305b78658ee444f2c7fea6fc877625d6dcc;hpb=9de649ff052c04163ee0c00fdbf7116066124562 diff --git a/NEWS b/NEWS index 87721ee806..a2084af8e6 100644 --- a/NEWS +++ b/NEWS @@ -5,15 +5,66 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5: + + o S/MIME support in new 'smime' command + o Documentation for the OpenSSL command line application + o Automation of 'req' application + o Fixes to make s_client, s_server work under Windows + o Support for multiple fieldnames in SPKACs + o New SPKAC command line utilty and associated library functions + o Options to allow passwords to be obtained from various sources + o New public key PEM format and options to handle it + o Many other fixes and enhancements to command line utilities + o Usable certificate chain verification + o Certificate purpose checking + o Certificate trust settings + o Support of authority information access extension + o Extensions in certificate requests + o Simplified X509 name and attribute routines + o Initial (incomplete) support for international character sets + o New DH_METHOD, DSA_METHOD and enhanced RSA_METHOD + o Read only memory BIOs and simplified creation function + o TLS/SSL protocol bugfixes: Accept TLS 'client hello' in SSL 3.0 + record; allow fragmentation and interleaving of handshake and other + data + o TLS/SSL code now "tolerates" MS SGC + o Work around for Netscape client certificate hang bug + o RSA_NULL option that removes RSA patent code but keeps other + RSA functionality + o Memory leak detection now allows applications to add extra information + via a per-thread stack + o PRNG robustness improved + o EGD support + o BIGNUM library bug fixes + o Faster DSA parameter generation + o Enhanced support for Alpha Linux + o Experimental MacOS support + + Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4: + + o Transparent support for PKCS#8 format private keys: these are used + by several software packages and are more secure than the standard + form + o PKCS#5 v2.0 implementation + o Password callbacks have a new void * argument for application data + o Avoid various memory leaks + o New pipe-like BIO that allows using the SSL library when actual I/O + must be handled by the application (BIO pair) + Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3: o Lots of enhancements and cleanups to the Configuration mechanism o RSA OEAP related fixes - o Support for PKCS#5 v2.0 ASN1 PBES2 structures o Added `openssl ca -revoke' option for revoking a certificate o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs o Source tree cleanups: removed lots of obsolete files - o Support for Thawte SXNet extensions - o Full integration of PKCS#12 support + o Thawte SXNet, certificate policies and CRL distribution points + extension support + o Preliminary (experimental) S/MIME support + o Support for ASN.1 UTF8String and VisibleString + o Full integration of PKCS#12 code + o Sparc assembler bignum implementation, optimized hash functions + o Option to disable selected ciphers Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b: o Fixed a security hole related to session resumption