This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
- Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.1 [under development]
-
+ Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [under development]
+
+ o Added 'openssl mac' that uses the EVP_MAC API.
+ o Added 'openssl kdf' that uses the EVP_KDF API.
+ o Add OPENSSL_info() and 'openssl info' to get built-in data.
+ o Add support for enabling instrumentation through trace and debug
+ output.
+ o Changed our version number scheme and set the next major release to
+ 3.0.0
+ o Added EVP_MAC, an EVP layer MAC API, and a generic EVP_PKEY to EVP_MAC
+ bridge.
+ o Removed the heartbeat message in DTLS feature.
+ o Added EVP_KDF, an EVP layer KDF API, and a generic EVP_PKEY to EVP_KDF
+ bridge.
+
+ Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [20 Nov 2018]
+
+ o Timing vulnerability in DSA signature generation (CVE-2018-0734)
+ o Timing vulnerability in ECDSA signature generation (CVE-2018-0735)
+
+ Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018]
+
+ o Support for TLSv1.3 added (see https://wiki.openssl.org/index.php/TLS1.3
+ for further important information). The TLSv1.3 implementation includes:
+ o Fully compliant implementation of RFC8446 (TLSv1.3) on by default
+ o Early data (0-RTT)
+ o Post-handshake authentication and key update
+ o Middlebox Compatibility Mode
+ o TLSv1.3 PSKs
+ o Support for all five RFC8446 ciphersuites
+ o RSA-PSS signature algorithms (backported to TLSv1.2)
+ o Configurable session ticket support
+ o Stateless server support
+ o Rewrite of the packet construction code for "safer" packet handling
+ o Rewrite of the extension handling code
+ o Complete rewrite of the OpenSSL random number generator to introduce the
+ following capabilities
+ o The default RAND method now utilizes an AES-CTR DRBG according to
+ NIST standard SP 800-90Ar1.
+ o Support for multiple DRBG instances with seed chaining.
+ o There is a public and private DRBG instance.
+ o The DRBG instances are fork-safe.
+ o Keep all global DRBG instances on the secure heap if it is enabled.
+ o The public and private DRBG instance are per thread for lock free
+ operation
+ o Support for various new cryptographic algorithms including:
+ o SHA3
+ o SHA512/224 and SHA512/256
+ o EdDSA (both Ed25519 and Ed448) including X509 and TLS support
+ o X448 (adding to the existing X25519 support in 1.1.0)
+ o Multi-prime RSA
+ o SM2
+ o SM3
+ o SM4
+ o SipHash
+ o ARIA (including TLS support)
+ o Significant Side-Channel attack security improvements
+ o Add a new ClientHello callback to provide the ability to adjust the SSL
+ object at an early stage.
+ o Add 'Maximum Fragment Length' TLS extension negotiation and support
+ o A new STORE module, which implements a uniform and URI based reader of
+ stores that can contain keys, certificates, CRLs and numerous other
+ objects.
o Move the display of configuration data to configdata.pm.
o Allow GNU style "make variables" to be used with Configure.
- o Add a STORE module (OSSL_STORE)
o Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes
+ o Rewrite of devcrypto engine
+
+ Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [under development]
+
+ o Client DoS due to large DH parameter (CVE-2018-0732)
+ o Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [under development]
+ o Constructed ASN.1 types with a recursive definition could exceed the
+ stack (CVE-2018-0739)
+ o Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733)
o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017]
o Compression memory leak fixed.
o Compression session resumption fixed.
o Ticket and SNI coexistence fixes.
- o Many fixes to DTLS handling.
+ o Many fixes to DTLS handling.
Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]:
o Add gcc 4.2 support.
o Add support for AES and SSE2 assembly language optimization
for VC++ build.
- o Support for RFC4507bis and server name extensions if explicitly
+ o Support for RFC4507bis and server name extensions if explicitly
selected at compile time.
o DTLS improvements.
o RFC4507bis support.
Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]:
o Security: counter the Klima-Pokorny-Rosa extension of
- Bleichbacher's attack
+ Bleichbacher's attack
o Security: make RSA blinding default.
o Configuration: Irix fixes, AIX fixes, better mingw support.
o Support for new platforms: linux-ia64-ecc.
o SSL/TLS: allow optional cipher choice according to server's preference.
o SSL/TLS: allow server to explicitly set new session ids.
o SSL/TLS: support Kerberos cipher suites (RFC2712).
- Only supports MIT Kerberos for now.
+ Only supports MIT Kerberos for now.
o SSL/TLS: allow more precise control of renegotiations and sessions.
o SSL/TLS: add callback to retrieve SSL/TLS messages.
o SSL/TLS: support AES cipher suites (RFC3268).
Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]:
o Security: counter the Klima-Pokorny-Rosa extension of
- Bleichbacher's attack
+ Bleichbacher's attack
o Security: make RSA blinding default.
o Build: shared library support fixes.
Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]:
- o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8
+ o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8
o Shared library support for HPUX and Solaris-gcc
o Support of Linux/IA64
o Assembler support for Mingw32
o Extended ASN.1 parser routines
o Adjustments of the source tree for CVS
o Support for various new platforms
-