X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=NEWS;h=f8cb8c08311ec09230a1e9c448b9eb9260d94699;hp=31077d2094158172f09b444659ea8466e16da218;hb=80bb905d3dddc1fb1ba34c03f656f00e7f3707cf;hpb=4e87e05b25ad89fc2bc4f650d717926fe863be8d diff --git a/NEWS b/NEWS index 31077d2094..f8cb8c0831 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,68 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7: + + o New library section OCSP. + o Complete haul-over of the ASN.1 library section. + o Support for external crypto devices ('engine') is no longer + a separate distribution. + + Changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c: + + o Various SSL/TLS library bugfixes. + o BIGNUM library fixes. + o RSA OAEP and random number generation fixes. + o Object identifiers corrected and added. + o Add assembler BN routines for IA64. + o Add support for OS/390 Unix, UnixWare with gcc, OpenUNIX 8, + MIPS Linux; shared library support for Irix, HP-UX. + o Add crypto accelerator support for AEP, Baltimore SureWare, + Broadcom and Cryptographic Appliance's keyserver + [in 0.9.6c-engine release]. + + Changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b: + + o Security fix: PRNG improvements. + o Security fix: RSA OAEP check. + o Security fix: Reinsert and fix countermeasure to Bleichbacher's + attack. + o MIPS bug fix in BIGNUM. + o Bug fix in "openssl enc". + o Bug fix in X.509 printing routine. + o Bug fix in DSA verification routine and DSA S/MIME verification. + o Bug fix to make PRNG thread-safe. + o Bug fix in RAND_file_name(). + o Bug fix in compatibility mode trust settings. + o Bug fix in blowfish EVP. + o Increase default size for BIO buffering filter. + o Compatibility fixes in some scripts. + + Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a: + + o Security fix: change behavior of OpenSSL to avoid using + environment variables when running as root. + o Security fix: check the result of RSA-CRT to reduce the + possibility of deducing the private key from an incorrectly + calculated signature. + o Security fix: prevent Bleichenbacher's DSA attack. + o Security fix: Zero the premaster secret after deriving the + master secret in DH ciphersuites. + o Reimplement SSL_peek(), which had various problems. + o Compatibility fix: the function des_encrypt() renamed to + des_encrypt1() to avoid clashes with some Unixen libc. + o Bug fixes for Win32, HP/UX and Irix. + o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and + memory checking routines. + o Bug fixes for RSA operations in threaded enviroments. + o Bug fixes in misc. openssl applications. + o Remove a few potential memory leaks. + o Add tighter checks of BIGNUM routines. + o Shared library support has been reworked for generality. + o More documentation. + o New function BN_rand_range(). + o Add "-rand" option to openssl s_client and s_server. + Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6: o Some documentation for BIO and SSL libraries. @@ -12,7 +74,13 @@ o New sign and verify options to 'dgst' application. o Support for DER and PEM encoded messages in 'smime' application. o New 'rsautl' application, low level RSA utility. + o MD4 now included. + o Bugfix for SSL rollback padding check. + o Support for external crypto devices [1]. + o Enhanced EVP interface. + [1] The support for external crypto devices is currently a separate + distribution. See the file README.ENGINE. Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a: