update changelog for 2.3.1v2.3.1

author: Brent Cook <bcook@openbsd.org> 2015-10-26 05:58:08 -0500
committer: Brent Cook <bcook@openbsd.org> 2015-10-26 05:58:08 -0500
commit: 7180bed3bb78144e19c1dfe3180b0dd2f426bf60 (patch)
tree: 1d7bfb0f745f9380350728bfb24a425c732a7eb4
parent: 24b5a96a7c848dfd4f9a29319ecac4ef5db692c0 (diff)
download: portable-2.3.1.tar.gz
portable-2.3.1.tar.bz2
portable-2.3.1.zip
1 files changed, 32 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 0241e5b..67f573d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,38 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
+2.3.1 - ASN.1 and time handling cleanups
+        * ASN.1 cleanups and RFC5280 compliance fixes.
+        * Time representations switched from 'unsigned long' to 'time_t'. LibreSSL
+          now checks if the host OS supports 64-bit time_t.
+        * Fixed a leak in SSL_new in the error path.
+        * Support always extracting the peer cipher and version with libtls.
+        * Added ability to check certificate validity times with libtls,
+          tls_peer_cert_notbefore and tls_peer_cert_notafter.
+        * Changed tls_connect_servername to use the first address that resolves with
+          getaddrinfo().
+        * Remove broken conditional EVP_CHECK_DES_KEY code (non-functional since
+          initial commit in 2004).
+        * Fixed a memory leak and out-of-bounds access in OBJ_obj2txt, reported
+          by Qualys Security.
+        * Fixed an up-to 7 byte overflow in RC4 when len is not a multiple of
+          sizeof(RC4_CHUNK), reported by Pascal Cuoq <cuoq at trust-in-soft.com>.
+        * Reject too small bits value in BN_generate_prime_ex(), so that it does
+          not risk becoming negative in probable_prime_dh_safe(), reported by
+                Franck Denis.
+        * Enable nc(1) builds on more platforms.
 2.3.0 - SSLv3 removed, libtls API changes, portability improvements
        * SSLv3 is now permanently removed from the tree.
author	Brent Cook <bcook@openbsd.org>	2015-10-26 05:58:08 -0500
committer	Brent Cook <bcook@openbsd.org>	2015-10-26 05:58:08 -0500
commit	7180bed3bb78144e19c1dfe3180b0dd2f426bf60 (patch)
tree	1d7bfb0f745f9380350728bfb24a425c732a7eb4
parent	24b5a96a7c848dfd4f9a29319ecac4ef5db692c0 (diff)
download	portable-2.3.1.tar.gz portable-2.3.1.tar.bz2 portable-2.3.1.zip

diff --git a/ChangeLog b/ChangeLog index 0241e5b..67f573d 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,6 +28,38 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
		31	2.3.1 - ASN.1 and time handling cleanups
		32
		33	* ASN.1 cleanups and RFC5280 compliance fixes.
		34
		35	* Time representations switched from 'unsigned long' to 'time_t'. LibreSSL
		36	now checks if the host OS supports 64-bit time_t.
		37
		38	* Fixed a leak in SSL_new in the error path.
		39
		40	* Support always extracting the peer cipher and version with libtls.
		41
		42	* Added ability to check certificate validity times with libtls,
		43	tls_peer_cert_notbefore and tls_peer_cert_notafter.
		44
		45	* Changed tls_connect_servername to use the first address that resolves with
		46	getaddrinfo().
		47
		48	* Remove broken conditional EVP_CHECK_DES_KEY code (non-functional since
		49	initial commit in 2004).
		50
		51	* Fixed a memory leak and out-of-bounds access in OBJ_obj2txt, reported
		52	by Qualys Security.
		53
		54	* Fixed an up-to 7 byte overflow in RC4 when len is not a multiple of
		55	sizeof(RC4_CHUNK), reported by Pascal Cuoq <cuoq at trust-in-soft.com>.
		56
		57	* Reject too small bits value in BN_generate_prime_ex(), so that it does
		58	not risk becoming negative in probable_prime_dh_safe(), reported by
		59	Franck Denis.
		60
		61	* Enable nc(1) builds on more platforms.
		62
31	2.3.0 - SSLv3 removed, libtls API changes, portability improvements	63	2.3.0 - SSLv3 removed, libtls API changes, portability improvements
32		64
33	* SSLv3 is now permanently removed from the tree.	65	* SSLv3 is now permanently removed from the tree.