Further tweaks and improvements to the ChangeLog

ChangeLog

@@ -33,44 +33,40 @@ LibreSSL Portable Release Notes:
 	* Internal improvements
 	  - Initial overhaul of the BIGNUM code:
 	    - Added a new framework that allows architecture-dependent
-	      replacement implementations for bignum primitives
+	      replacement implementations for bignum primitives.
-	    - Imported s2n-bignum's constant time assembly primitives.
+	    - Imported various s2n-bignum's constant time assembly primitives
-	      Use them for amd64 and arm64.
+	      and switched amd64 to them.
-	    - Lots of cleanup, simplification and bug fixes
+	    - Lots of cleanup, simplification and bug fixes.
-	  - Fixed Perl assembly generators to move constants into .rodata.
+	  - Changed Perl assembly generators to move constants into .rodata,
-	    This allows code to run with execute-only permissions.
+	    allowing code to run with execute-only permissions.
-	  - ASN1 parsing rework and improvements
+	  - Capped the number of iterations in DSA and ECDSA signing (avoiding
-	  - Make UI_destroy_method() NULL safe.
+	    infinite loops), added additional sanity checks to DSA.
-	  - Various improvements to nc
+	  - ASN.1 parsing improvements.
-	  - Call CRYPTO_cleanup_all_ex_data() from OPENSSL_cleanup().
+	  - Made UI_destroy_method() NULL safe.
-	  - Cap the number of iterations in ECDSA signing,DSA signing, and other
+	  - Various improvements to nc(1).
-	    DSA sanity checks.
 	  - Always clear EC groups and points on free.
-	  - Cleanup and improvements in EC code
+	  - Cleanup and improvements in EC code.
 	  - Various openssl(1) improvements.
 	* Bug fixes
 	  - Fixed a memory leak, a double free and various other issues in
-	    BIO_new_NDEF()
+	    BIO_new_NDEF().
-	  - Avoid infinite loops in DSA and ECDSA signing.
-	  - Check DSA parameter sanity
 	  - Fixed various crashes in the openssl(1) testing utility.
 	  - Do not check policies by default in the new X.509 verifier.
-	  - Avoid -0 in BN_div_word().
-	  - Fix an off-by-one in dsa_check_key().
 	  - Avoid crash with ASN.1 BOOLEANS in openssl(1) asn1parse.
-	  - Add missing error checking in PKCS7.
+	  - Added missing error checking in PKCS7.
+	  - Call CRYPTO_cleanup_all_ex_data() from OPENSSL_cleanup().
 	* Compatibility changes
 	  - Correct the prototypes of BIO_get_conn_ip(3) and
 	    BIO_get_conn_int_port(3).
-	  - Provide UI_null()
+	* New features
-	  - Expose various X509_STORE_*check_issued()
+	  - Added UI_null()
-	  - Expose X509_CRL_get0_sigalg() and X509_get0_uids
+	  - Added X509_STORE_*check_issued()
-	  - Expose the EVP_CIPHER_meth_* API (setter only) in evp.h
+	  - Added X509_CRL_get0_sigalg() and X509_get0_uids() accessors.
-	  - Introduce X509_get0_uids() accessor function
+	  - Added EVP_CIPHER_meth_*() setter API.
 	* Documentation improvements
-	  - Mark BIO_s_log(3) BIO_nread0(3), BIO_nread(3), BIO_nwrite0(3), BIO_nwrite(3),
+	  - Marked BIO_s_log(3) BIO_nread0(3), BIO_nread(3), BIO_nwrite0(3), BIO_nwrite(3),
 	    BIO_dump_cb(3) and BIO_dump_indent_cb(3) as intentionally undocumented.
-	  - Merge documentation of UI_null() from OpenSSL 1.1
+	  - Merged documentation of UI_null() from OpenSSL 1.1
 	  - Document BIO_number_read(3), BIO_number_written(3),
 		BIO_set_retry_read(3), BIO_set_retry_write(3),
 		BIO_set_retry_special(3), BIO_clear_retry_flags(3),
@@ -90,11 +86,11 @@ LibreSSL Portable Release Notes:
 	  - Various spelling and other documentation improvements.
 	* Testing and Proactive Security
 	  - As always, new test coverage is added as bugs are fixed and subsystems
-	    are cleaned up
+	    are cleaned up.
 	  - New Wycheproof tests added.
 	  - OpenSSL 3.0 Interop tests added.
 	  - Many old tests rewritten, cleaned up and extended.
-	* Security fix
+	* Security fixes
 	  - A malicious certificate revocation list or timestamp response token
 	    would allow an attacker to read arbitrary memory.