Update 2.3.2 release notes

1 files changed, 34 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 67f573d..e4bbc82 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,40 @@ history is also available from Git.
 
 LibreSSL Portable Release Notes:
 
+2.3.2 - Compatibility and Reliability fixes
+
+        * Changed format of LIBRESSL_VERSION_NUMBER to match that of
+          OPENSSL_VERSION_NUMBER, see:
+          https://wiki.openssl.org/index.php/Manual:OPENSSL_VERSION_NUMBER(3)
+
+        * Added EVP_aead_chacha20_poly1305_ietf() which matches the AEAD
+          construction introduced in RFC 7539, which is different than that
+          already used in TLS with EVP_aead_chacha20_poly1305()
+
+        * Avoid a potential undefined C99+ behavior due to shift overflow in
+          AES_decrypt, reported by Pascal Cuoq <cuoq at trust-in-soft.com>
+
+        * More man pages converted from pod to mdoc format
+
+        * Added QuoVadis root certificates to cert.pem
+
+        * Added support for building nc(1) on Solaris
+
+        * Fixed GCC 5.x+ preprocessor checks, reported by Ruslan Babayev
+
+        * Fixes from OpenSSL 1.0.1q
+         - CVE-2015-3194 - NULL pointer dereference in client side certificate
+                           validation.
+         - CVE-2015-3195 - Memory leak in PKCS7 - not reachable from TLS/SSL
+
+        * The following OpenSSL CVEs did not apply to LibreSSL
+         - CVE-2015-3193 - Carry propagating bug in the x86_64 Montgomery
+                           squaring procedure.
+         - CVE-2015-3196 - Double free race condition of the identify hint
+                           data.
+
+         See https://marc.info/?l=openbsd-announce&m=144925068504102
+
 2.3.1 - ASN.1 and time handling cleanups
 
         * ASN.1 cleanups and RFC5280 compliance fixes.