update release notes for 2.2.2

author: Brent Cook <bcook@openbsd.org> 2015-08-02 23:42:48 -0500
committer: Brent Cook <bcook@openbsd.org> 2015-08-02 23:42:48 -0500
commit: a6d5b322762107cb4892dd66c83a427e99a13929 (patch)
tree: b73712a81d59b429ed1619b5629f17057fdc8166
parent: 6527c320394ffa025b1faad79ce38e782a3c104b (diff)
download: portable-a6d5b322762107cb4892dd66c83a427e99a13929.tar.gz
portable-a6d5b322762107cb4892dd66c83a427e99a13929.tar.bz2
portable-a6d5b322762107cb4892dd66c83a427e99a13929.zip
1 files changed, 45 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index d63545a..b668761 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,8 +28,51 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
-This release primarily addresses a number of security issues in coordination
+2.2.2 - More TLS parser rework, bug fixes, expanded portable build support
-with the OpenSSL project.
+        * Switched 'openssl dhparam' default from 512 to 2048 bits
+        * Reworked openssl(1) option handling
+        * More CRYPTO ByteString (CBC) packet parsing conversions
+        * Fixed 'openssl pkeyutl -verify' to exit with a 0 on success
+        * Fixed dozens of Coverity issues including dead code, memory leaks,
+          logic errors and more.
+        * Ensure that openssl(1) restores terminal echo state after reading a
+          password.
+        * Incorporated fix for OpenSSL Issue #3683
+        * LibreSSL version define LIBRESSL_VERSION_NUMBER will now be bumped
+          for each portable release.
+        * Removed workarounds for TLS client padding bugs.
+        * No longer disable ECDHE-ECDSA on OS X
+        * Removed SSLv3 support from openssl(1)
+        * Removed IE 6 SSLv3 workarounds.
+        * Modifie tls_write in libtls to allow partial writes, clarified with
+          examples in the documentation.
+        * Removed RSAX engine
+        * Tested SSLv3 removal with the OpenBSD ports tree and found several
+          applications that were not ready to build without SSLv3 yet. For
+          now, building a program that intentionally uses SSLv3 will result in
+          a linker warning.
+        * Added TLS_method, TLS_client_method and TLS_server_method as a
+          replacement for the SSLv23_*method calls.
+        * Added initial cmake build support, including support for building with
+          Visual Studio, currently tested with Visual Studio 2013 Community
+          Edition.
 2.2.1 - Build fixes, feature added, features removed
author	Brent Cook <bcook@openbsd.org>	2015-08-02 23:42:48 -0500
committer	Brent Cook <bcook@openbsd.org>	2015-08-02 23:42:48 -0500
commit	a6d5b322762107cb4892dd66c83a427e99a13929 (patch)
tree	b73712a81d59b429ed1619b5629f17057fdc8166
parent	6527c320394ffa025b1faad79ce38e782a3c104b (diff)
download	portable-a6d5b322762107cb4892dd66c83a427e99a13929.tar.gz portable-a6d5b322762107cb4892dd66c83a427e99a13929.tar.bz2 portable-a6d5b322762107cb4892dd66c83a427e99a13929.zip

diff --git a/ChangeLog b/ChangeLog index d63545a..b668761 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,8 +28,51 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
31	This release primarily addresses a number of security issues in coordination	31	2.2.2 - More TLS parser rework, bug fixes, expanded portable build support
32	with the OpenSSL project.	32
		33	* Switched 'openssl dhparam' default from 512 to 2048 bits
		34
		35	* Reworked openssl(1) option handling
		36
		37	* More CRYPTO ByteString (CBC) packet parsing conversions
		38
		39	* Fixed 'openssl pkeyutl -verify' to exit with a 0 on success
		40
		41	* Fixed dozens of Coverity issues including dead code, memory leaks,
		42	logic errors and more.
		43
		44	* Ensure that openssl(1) restores terminal echo state after reading a
		45	password.
		46
		47	* Incorporated fix for OpenSSL Issue #3683
		48
		49	* LibreSSL version define LIBRESSL_VERSION_NUMBER will now be bumped
		50	for each portable release.
		51
		52	* Removed workarounds for TLS client padding bugs.
		53
		54	* No longer disable ECDHE-ECDSA on OS X
		55
		56	* Removed SSLv3 support from openssl(1)
		57
		58	* Removed IE 6 SSLv3 workarounds.
		59
		60	* Modifie tls_write in libtls to allow partial writes, clarified with
		61	examples in the documentation.
		62
		63	* Removed RSAX engine
		64
		65	* Tested SSLv3 removal with the OpenBSD ports tree and found several
		66	applications that were not ready to build without SSLv3 yet. For
		67	now, building a program that intentionally uses SSLv3 will result in
		68	a linker warning.
		69
		70	* Added TLS_method, TLS_client_method and TLS_server_method as a
		71	replacement for the SSLv23_*method calls.
		72
		73	* Added initial cmake build support, including support for building with
		74	Visual Studio, currently tested with Visual Studio 2013 Community
		75	Edition.
33		76
34	2.2.1 - Build fixes, feature added, features removed	77	2.2.1 - Build fixes, feature added, features removed
35		78