ChangeLog for 3.7.0

author: Theo Buehler <tb@openbsd.org> 2022-12-09 13:01:57 +0100
committer: Theo Buehler <tb@openbsd.org> 2022-12-09 13:01:57 +0100
commit: e36a976a2b7d3fc264e511791993cb419ce0be44 (patch)
tree: 8cf92fc7c7edf51de4e4a291bedf4526d771e610
parent: 75e2fa0a9e7343d9977b476cd26b38032c72baee (diff)
download: portable-e36a976a2b7d3fc264e511791993cb419ce0be44.tar.gz
portable-e36a976a2b7d3fc264e511791993cb419ce0be44.tar.bz2
portable-e36a976a2b7d3fc264e511791993cb419ce0be44.zip
1 files changed, 42 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 78ebb32..036822e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,48 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
+3.7.0 - Development release
+        * Internal improvements
+          - Replace Julian date calculations with a rewrite from BoringSSL.
+          - Clean old and unused BN code dealing with primes.
+          - Start rewriting name constraints code using CBS.
+          - Remove support for the HMAC PRIVATE KEY.
+          - Rework DSA signing and verifying internals.
+          - First few passes on cleaning up the BN code.
+          - Internal headers coming from OpenSSL are all called *_local.h now.
+          - Rewrite TLSv1.2 key exporter.
+          - Cleaned up and refactored various aspects of the legacy TLS stack.
+        * Compatibility changes
+          - BIO_read() and BIO_write() now behave more closely to OpenSSL 3 in
+            various corner cases. More work is needed here.
+        * Bug fixes
+          - Add EVP_chacha20_poly1305() to the list of all ciphers.
+          - Fix potential leaks of EVP_PKEY in various printing functions
+          - Fix potential leak in OBJ_NAME_add().
+          - Avoid signed overflow in i2c_ASN1_BIT_STRING().
+          - Clean up EVP_PKEY_ASN1_METHOD related tables and code.
+          - Fix long standing bugs BN_GF2m_poly2arr() and BN_GF2m_mod().
+          - Fix segfaults in BN_{dec,hex}2bn().
+          - Fix NULL dereference in x509_constraints_uri_host() reachable only
+            in the process of generating certificates.
+          - Fixed a variety of memory corruption issues in BIO chains coming
+            from poor old and new API: BIO_push(), BIO_pop(), BIO_set_next().
+        * Documentation improvements
+          - Numerous improvements and additions for ASN.1, BIO, BN, and X.509.
+          - The BN documentation is now considered to be complete.
+        * Testing and Proactive Security
+          - As always, new test coverage is added as bugs are fixed and
+            subsystems are cleaned up.
+          - Many old tests rewritten, cleaned up and extended.
+        * New features
+          - Added Ed25519 support both as a primitive and via OpenSSL's EVP
+            interfaces.
+          - X25519 is now also supported via EVP.
+          - The OpenSSL 1.1 raw public and private key API is available with
+            support for EVP_PKEY_ED25519, EVP_PKEY_HMAC and EVP_PKEY_X25519.
+            Poly1305 is not currently supported via this interface.
 3.6.1 - Stable release
        * Bug fixes
author	Theo Buehler <tb@openbsd.org>	2022-12-09 13:01:57 +0100
committer	Theo Buehler <tb@openbsd.org>	2022-12-09 13:01:57 +0100
commit	e36a976a2b7d3fc264e511791993cb419ce0be44 (patch)
tree	8cf92fc7c7edf51de4e4a291bedf4526d771e610
parent	75e2fa0a9e7343d9977b476cd26b38032c72baee (diff)
download	portable-e36a976a2b7d3fc264e511791993cb419ce0be44.tar.gz portable-e36a976a2b7d3fc264e511791993cb419ce0be44.tar.bz2 portable-e36a976a2b7d3fc264e511791993cb419ce0be44.zip

diff --git a/ChangeLog b/ChangeLog index 78ebb32..036822e 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,6 +28,48 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
		31	3.7.0 - Development release
		32
		33	* Internal improvements
		34	- Replace Julian date calculations with a rewrite from BoringSSL.
		35	- Clean old and unused BN code dealing with primes.
		36	- Start rewriting name constraints code using CBS.
		37	- Remove support for the HMAC PRIVATE KEY.
		38	- Rework DSA signing and verifying internals.
		39	- First few passes on cleaning up the BN code.
		40	- Internal headers coming from OpenSSL are all called *_local.h now.
		41	- Rewrite TLSv1.2 key exporter.
		42	- Cleaned up and refactored various aspects of the legacy TLS stack.
		43	* Compatibility changes
		44	- BIO_read() and BIO_write() now behave more closely to OpenSSL 3 in
		45	various corner cases. More work is needed here.
		46	* Bug fixes
		47	- Add EVP_chacha20_poly1305() to the list of all ciphers.
		48	- Fix potential leaks of EVP_PKEY in various printing functions
		49	- Fix potential leak in OBJ_NAME_add().
		50	- Avoid signed overflow in i2c_ASN1_BIT_STRING().
		51	- Clean up EVP_PKEY_ASN1_METHOD related tables and code.
		52	- Fix long standing bugs BN_GF2m_poly2arr() and BN_GF2m_mod().
		53	- Fix segfaults in BN_{dec,hex}2bn().
		54	- Fix NULL dereference in x509_constraints_uri_host() reachable only
		55	in the process of generating certificates.
		56	- Fixed a variety of memory corruption issues in BIO chains coming
		57	from poor old and new API: BIO_push(), BIO_pop(), BIO_set_next().
		58	* Documentation improvements
		59	- Numerous improvements and additions for ASN.1, BIO, BN, and X.509.
		60	- The BN documentation is now considered to be complete.
		61	* Testing and Proactive Security
		62	- As always, new test coverage is added as bugs are fixed and
		63	subsystems are cleaned up.
		64	- Many old tests rewritten, cleaned up and extended.
		65	* New features
		66	- Added Ed25519 support both as a primitive and via OpenSSL's EVP
		67	interfaces.
		68	- X25519 is now also supported via EVP.
		69	- The OpenSSL 1.1 raw public and private key API is available with
		70	support for EVP_PKEY_ED25519, EVP_PKEY_HMAC and EVP_PKEY_X25519.
		71	Poly1305 is not currently supported via this interface.
		72
31	3.6.1 - Stable release	73	3.6.1 - Stable release
32		74
33	* Bug fixes	75	* Bug fixes