3.7.1. ChangeLog

ChangeLog

@@ -28,6 +28,7 @@ history is also available from Git.
 
 LibreSSL Portable Release Notes:
 
+<<<<<<< HEAD
 3.7.1 - Development release
 
 	* Internal improvements
@@ -56,7 +57,68 @@ LibreSSL Portable Release Notes:
 	    would allow an attacker to read arbitrary memory.
 
 3.7.0 - Development release
+=======
+3.7.1 - Stable release
+	* Internal improvements
+	  - Extensive reworking of bignum and montgomery multiplication support (BN_).
+  	  - Transition to using s2n-bignum assembly implementation for bignum on amd64
+	  - ASN1 parsing rework and improvements, including infinite loop avoidance.
+          - Make UI_destroy_method() NULL safe.
+	  - Various improvements to nc
+          - Call CRYPTO_cleanup_all_ex_data() from OPENSSL_cleanup().
+	  - Various internal EC improvements.
+	  - Various openssl(1) improvements.
+	  - Cap the number of iterations in ECDSA signing
+	  - Cap the number of iterations in DSA signing, and other DSA sanity checks.
+	  - Always clear EC groups and points on free.
+	  - Various other internal cleanups
+	* Compatibility changes
+	  - correct the prototypes of BIO_get_conn_ip(3) and BIO_get_conn_int_port(3)
+	* Bug fixes
+	  - Avoid -0 in BN_div_word().
+ 	  - Fix an off-by-one in dsa_check_key()
+	  - openssl(1) asn1parse: avoid crash with ASN.1 BOOLEANS
+	  - Add missing error checking in PKCS7
+	* Documentation improvements
+  	  - Mark BIO_s_log(3) BIO_nread0(3), BIO_nread(3), BIO_nwrite0(3), BIO_nwrite(3),
+	  BIO_dump_cb(3) and BIO_dump_indent_cb(3) as intentionally undocumented.
+	  - Document BIO_number_read(3) and BIO_number_written(3)
+	  - Merge documentation of UI_null() from OpenSSL 1.1
+	  - Document BIO_set_retry_read(3), BIO_set_retry_write(3), BIO_set_retry_special(3),
+	  BIO_clear_retry_flags(3), BIO_get_retry_flags(3), and the BIO_FLAGS_* constants
+	  - Document BIO_dup_chain(3).
+	  - Document BIO_set_flags(3), BIO_clear_flags(3), BIO_test_flags(3), and BIO_get_flags(3).
+	  - Document BIO_callback_fn_ex(3), BIO_set_callback_ex(3), BIO_get_callback_ex(3),
+	  and BIO_callback_fn(3).
+	  - Document ED25519_keypair(3), ED25519_sign(3), and ED25519_verify(3).
+	  - Document EVP_PKEY_new_raw_private_key(3), EVP_PKEY_new_raw_public_key(3),
+	  EVP_PKEY_get_raw_private_key(3), and EVP_PKEY_get_raw_public_key(3).
+	  - Document ASN1_buf_print(3).
+	  - Document  ED25519_keypair(3), ED25519_sign(3), and ED25519_verify(3).
+	  - Document ECDSA_SIG_get0_{r,s}().
+	  - Document DH_get0_* for individual DH members.
+	  - Document DSA_get0_* for individual DSA members
+	  - Document RSA_get0_* for individual RSA members.
+	  - Various spelling and other documentation improvements.
+	* Testing and Proactive Security
+	  - As always, new test coverage is added as bugs are fixed and
+	    subsystems are cleaned up
+	  - New Wycheproof tests added.
+  	  - OpenSSL 3.0 Interop tests added.
+	  - Many old tests rewritten, cleaned up and extended.
+	* New features
+	  - Modifications to perlasm and assembly code to move constants out of
+	    executable memory to rodata memory, thus supportinf execute only
+	    memory
+  	  - import a copy of OpenSSL 1.1's cmeth_lib.c
+	  - Provide UI_null()
+	  - Expose various X509_STORE_*check_issued()
+	  - Expose X509_CRL_get0_sigalg() and X509_get0_uids
+	  - Expose the EVP_CIPHER_meth_* API (setter only) in evp.h
+	  - Introduce X509_get0_uids() accessor function
+>>>>>>> 788c39a (3.7.1. ChangeLog)
 
+3.7.0 - Development release
 	* Internal improvements
 	  - Remove dependency on system timegm() and gmtime() by replacing
 	    traditional Julian date conversion with POSIX epoch-seconds date