fix more formatting and remove redundancy
This commit is contained in:
Brent Cook
parent
ce4536684c
commit
ab7e90a209
63
ChangeLog
63
ChangeLog
@ -28,7 +28,6 @@ history is also available from Git.
|
||||
|
||||
LibreSSL Portable Release Notes:
|
||||
|
||||
<<<<<<< HEAD
|
||||
3.7.1 - Development release
|
||||
|
||||
* Internal improvements
|
||||
@ -38,69 +37,69 @@ LibreSSL Portable Release Notes:
|
||||
- Imported s2n-bignum's constant time assembly primitives.
|
||||
Use them for amd64 and arm64.
|
||||
- Lots of cleanup, simplification and bug fixes
|
||||
- Assorted initial cleanup in the EC code
|
||||
- Fixed Perl assembly generators to move constants into .rodata.
|
||||
This allows code to run with execute-only permissions
|
||||
This allows code to run with execute-only permissions.
|
||||
- ASN1 parsing rework and improvements
|
||||
- Make UI_destroy_method() NULL safe.
|
||||
- Make UI_destroy_method() NULL safe.
|
||||
- Various improvements to nc
|
||||
- Call CRYPTO_cleanup_all_ex_data() from OPENSSL_cleanup().
|
||||
- Various internal EC improvements.
|
||||
- Various openssl(1) improvements.
|
||||
- Cap the number of iterations in ECDSA signing
|
||||
- Cap the number of iterations in DSA signing, and other DSA sanity checks.
|
||||
- Call CRYPTO_cleanup_all_ex_data() from OPENSSL_cleanup().
|
||||
- Cap the number of iterations in ECDSA signing,DSA signing, and other
|
||||
DSA sanity checks.
|
||||
- Always clear EC groups and points on free.
|
||||
- Various other internal cleanups
|
||||
- Cleanup and improvements in EC code
|
||||
- Various openssl(1) improvements.
|
||||
* Bug fixes
|
||||
- Fixed a memory leak, a double free and various other issues in
|
||||
BIO_new_NDEF()
|
||||
- Avoid infinite loops in DSA and ECDSA signing
|
||||
- Avoid infinite loops in DSA and ECDSA signing.
|
||||
- Check DSA parameter sanity
|
||||
- Fixed various crashes in the openssl(1) testing utility
|
||||
- Do not check policies by default in the new X.509 verifier
|
||||
- Fixed various crashes in the openssl(1) testing utility.
|
||||
- Do not check policies by default in the new X.509 verifier.
|
||||
- Avoid -0 in BN_div_word().
|
||||
- Fix an off-by-one in dsa_check_key()
|
||||
- openssl(1) asn1parse: avoid crash with ASN.1 BOOLEANS
|
||||
- Add missing error checking in PKCS7
|
||||
- Fix an off-by-one in dsa_check_key().
|
||||
- Avoid crash with ASN.1 BOOLEANS in openssl(1) asn1parse.
|
||||
- Add missing error checking in PKCS7.
|
||||
* Compatibility changes
|
||||
- correct the prototypes of BIO_get_conn_ip(3) and BIO_get_conn_int_port(3)
|
||||
- Correct the prototypes of BIO_get_conn_ip(3) and
|
||||
BIO_get_conn_int_port(3).
|
||||
- Provide UI_null()
|
||||
- Expose various X509_STORE_*check_issued()
|
||||
- Expose X509_CRL_get0_sigalg() and X509_get0_uids
|
||||
- Expose the EVP_CIPHER_meth_* API (setter only) in evp.h
|
||||
- Introduce X509_get0_uids() accessor function
|
||||
* Documentation improvements
|
||||
- Mark BIO_s_log(3) BIO_nread0(3), BIO_nread(3), BIO_nwrite0(3), BIO_nwrite(3),
|
||||
BIO_dump_cb(3) and BIO_dump_indent_cb(3) as intentionally undocumented.
|
||||
- Document BIO_number_read(3) and BIO_number_written(3)
|
||||
- Mark BIO_s_log(3) BIO_nread0(3), BIO_nread(3), BIO_nwrite0(3), BIO_nwrite(3),
|
||||
BIO_dump_cb(3) and BIO_dump_indent_cb(3) as intentionally undocumented.
|
||||
- Merge documentation of UI_null() from OpenSSL 1.1
|
||||
- Document BIO_set_retry_read(3), BIO_set_retry_write(3), BIO_set_retry_special(3),
|
||||
BIO_clear_retry_flags(3), BIO_get_retry_flags(3), and the BIO_FLAGS_* constants
|
||||
- Document BIO_dup_chain(3).
|
||||
- Document BIO_set_flags(3), BIO_clear_flags(3), BIO_test_flags(3), and BIO_get_flags(3).
|
||||
- Document BIO_callback_fn_ex(3), BIO_set_callback_ex(3), BIO_get_callback_ex(3),
|
||||
and BIO_callback_fn(3).
|
||||
- Document BIO_number_read(3), BIO_number_written(3),
|
||||
BIO_set_retry_read(3), BIO_set_retry_write(3),
|
||||
BIO_set_retry_special(3), BIO_clear_retry_flags(3),
|
||||
BIO_get_retry_flags(3), BIO_dup_chain(3), BIO_set_flags(3),
|
||||
BIO_clear_flags(3), BIO_test_flags(3), BIO_get_flags(3).
|
||||
BIO_callback_fn_ex(3), BIO_set_callback_ex(3), BIO_get_callback_ex(3),
|
||||
BIO_callback_fn(3), and the BIO_FLAGS_* constants
|
||||
- Document ED25519_keypair(3), ED25519_sign(3), and ED25519_verify(3).
|
||||
- Document EVP_PKEY_new_raw_private_key(3), EVP_PKEY_new_raw_public_key(3),
|
||||
EVP_PKEY_get_raw_private_key(3), and EVP_PKEY_get_raw_public_key(3).
|
||||
- Document EVP_PKEY_new_raw_private_key(3),
|
||||
EVP_PKEY_new_raw_public_key(3), EVP_PKEY_get_raw_private_key(3), and
|
||||
EVP_PKEY_get_raw_public_key(3).
|
||||
- Document ASN1_buf_print(3).
|
||||
- Document ED25519_keypair(3), ED25519_sign(3), and ED25519_verify(3).
|
||||
- Document ECDSA_SIG_get0_{r,s}().
|
||||
- Document DH_get0_* for individual DH members.
|
||||
- Document DSA_get0_* for individual DSA members
|
||||
- Document RSA_get0_* for individual RSA members.
|
||||
- Various spelling and other documentation improvements.
|
||||
* Testing and Proactive Security
|
||||
- As always, new test coverage is added as bugs are fixed and
|
||||
subsystems are cleaned up
|
||||
- As always, new test coverage is added as bugs are fixed and subsystems
|
||||
are cleaned up
|
||||
- New Wycheproof tests added.
|
||||
- OpenSSL 3.0 Interop tests added.
|
||||
- OpenSSL 3.0 Interop tests added.
|
||||
- Many old tests rewritten, cleaned up and extended.
|
||||
* Security fix
|
||||
- A malicious certificate revocation list or timestamp response token
|
||||
would allow an attacker to read arbitrary memory.
|
||||
|
||||
3.7.0 - Development release
|
||||
|
||||
* Internal improvements
|
||||
- Remove dependency on system timegm() and gmtime() by replacing
|
||||
traditional Julian date conversion with POSIX epoch-seconds date
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user