3.1.4 ChangeLog

author: Theo Buehler <tb@openbsd.org> 2020-08-08 15:56:55 +0200
committer: Theo Buehler <tb@openbsd.org> 2020-08-08 20:53:37 +0200
commit: c2d9cb4d7ad2900ebe874e980c9fa828f2ddf39a (patch)
tree: 492411cba0eb8c907728ba1cc21c78b52cffc96b
parent: aa6440a9b086faa9ee555046c2c006534e01eaf7 (diff)
download: portable-c2d9cb4d7ad2900ebe874e980c9fa828f2ddf39a.tar.gz
portable-c2d9cb4d7ad2900ebe874e980c9fa828f2ddf39a.tar.bz2
portable-c2d9cb4d7ad2900ebe874e980c9fa828f2ddf39a.zip
1 files changed, 25 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 85462a3..9bb61f4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,31 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
+3.1.4 - Interoperability and bug fixes for the TLSv1.3 client:
+        * Improve client certificate selection to allow EC certificates
+          instead of only RSA certificates.
+        * Do not error out if a TLSv1.3 server requests an OCSP response as
+          part of a certificate request.
+        * Fix SSL_shutdown behavior to match the legacy stack.  The previous
+          behaviour could cause a hang.
+        * Fix a memory leak and add a missing error check in the handling of
+          the key update message.
+        * Fix a memory leak in tls13_record_layer_set_traffic_key.
+        * Avoid calling freezero with a negative size if a server sends a
+          malformed plaintext of all zeroes.
+        * Ensure that only PSS may be used with RSA in TLSv1.3 in order
+          to avoid using PKCS1-based signatures.
+        * Add the P-521 curve to the list of curves supported by default
+          in the client.
 3.1.3 - Bug fix
        * libcrypto may fail to build a valid certificate chain due to
author	Theo Buehler <tb@openbsd.org>	2020-08-08 15:56:55 +0200
committer	Theo Buehler <tb@openbsd.org>	2020-08-08 20:53:37 +0200
commit	c2d9cb4d7ad2900ebe874e980c9fa828f2ddf39a (patch)
tree	492411cba0eb8c907728ba1cc21c78b52cffc96b
parent	aa6440a9b086faa9ee555046c2c006534e01eaf7 (diff)
download	portable-c2d9cb4d7ad2900ebe874e980c9fa828f2ddf39a.tar.gz portable-c2d9cb4d7ad2900ebe874e980c9fa828f2ddf39a.tar.bz2 portable-c2d9cb4d7ad2900ebe874e980c9fa828f2ddf39a.zip

diff --git a/ChangeLog b/ChangeLog index 85462a3..9bb61f4 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,6 +28,31 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
		31	3.1.4 - Interoperability and bug fixes for the TLSv1.3 client:
		32
		33	* Improve client certificate selection to allow EC certificates
		34	instead of only RSA certificates.
		35
		36	* Do not error out if a TLSv1.3 server requests an OCSP response as
		37	part of a certificate request.
		38
		39	* Fix SSL_shutdown behavior to match the legacy stack. The previous
		40	behaviour could cause a hang.
		41
		42	* Fix a memory leak and add a missing error check in the handling of
		43	the key update message.
		44
		45	* Fix a memory leak in tls13_record_layer_set_traffic_key.
		46
		47	* Avoid calling freezero with a negative size if a server sends a
		48	malformed plaintext of all zeroes.
		49
		50	* Ensure that only PSS may be used with RSA in TLSv1.3 in order
		51	to avoid using PKCS1-based signatures.
		52
		53	* Add the P-521 curve to the list of curves supported by default
		54	in the client.
		55
31	3.1.3 - Bug fix	56	3.1.3 - Bug fix
32		57
33	* libcrypto may fail to build a valid certificate chain due to	58	* libcrypto may fail to build a valid certificate chain due to