update changelog for 2.5.2

2017-03-25 17:19:25 -05:00 · 2017-03-25 17:19:25 -05:00 · 19cf5c9b01
commit 19cf5c9b01
parent 570717c488
1 changed files with 37 additions and 2 deletions
--- a/35
+++ b/35
@ -28,6 +28,41 @@ history is also available from Git.

 LibreSSL Portable Release Notes:

+2.5.2 - Security features and bugfixes
+
+	* Improved portability of ocspcheck(1)
+
+	* Fixed assorted memory leaks and error handling.
+
+	* Removed STREEBOG 512 MAC
+
+	* Addednew root CAs from SECOM Trust Systems / Security Communication
+	  of Japan
+
+	* Added EVP interface for MD5+SHA1 hashes
+
+	* Fixed DTLS client failures when the server sends a certificate
+	  request.
+
+	* Many new regression tests
+
+	* Correct handling of padding when upgrading an SSLv2 challenge into
+	  an SSLv3/TLS connection.
+
+	* Added recallocarray(1) memory allocation function, converted various
+	  places in the library to use it, such as CBB and BUF_MEM_grow.
+	  This function ensures that when a private memory buffer is resized,
+	  freed memory is explicitly cleared before being returned to the
+	  heap.
+
+	* Allow protocols and ciphers to be set on a TLS config object in
+	  libtls.
+
+	* Improved nc(1) TLS handshake CPU usage and server-side error
+	  reporting.
+
+	* Removed handshake digest code and replaced with handshake hash.
+
 2.5.1 - Bug and security fixes, new features, documentation updates

 	* X509_cmp_time() now passes a malformed GeneralizedTime field as an