+ Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.2 [in beta]:
+
+ o Suite B support for TLS 1.2 and DTLS 1.2
+ o Support for DTLS 1.2
+ o TLS automatic EC curve selection.
+ o API to set TLS supported signature algorithms and curves
+ o SSL_CONF configuration API.
+ o TLS Brainpool support.
+ o ALPN support.
+ o CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.
+
+ Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
+
+ o Fix for CVE-2014-0224
+ o Fix for CVE-2014-0221
+ o Fix for CVE-2014-0195
+ o Fix for CVE-2014-3470
+ o Fix for CVE-2010-5298
+
+ Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
+
+ o Fix for CVE-2014-0160
+ o Add TLS padding extension workaround for broken servers.
+ o Fix for CVE-2014-0076
+
+ Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
+
+ o Don't include gmt_unix_time in TLS server and client random values
+ o Fix for TLS record tampering bug CVE-2013-4353
+ o Fix for TLS version checking bug CVE-2013-6449
+ o Fix for DTLS retransmission bug CVE-2013-6450
+
+ Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]:
+
+ o Corrected fix for CVE-2013-0169
+
+ Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]:
+
+ o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
+ o Include the fips configuration module.
+ o Fix OCSP bad key DoS attack CVE-2013-0166
+ o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+ o Fix for TLS AESNI record handling flaw CVE-2012-2686
+
+ Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]:
+
+ o Fix TLS/DTLS record length checking bug CVE-2012-2333
+ o Don't attempt to use non-FIPS composite ciphers in FIPS mode.
+
+ Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]:
+
+ o Fix compilation error on non-x86 platforms.
+ o Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
+ o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
+
+ Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]: