This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e:
+
+ o Various ciphersuite selection fixes.
+ o RFC3779 support.
+
+ Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d:
+
+ o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
+ o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
+ o Changes to ciphersuite selection algorithm
+
+ Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c:
+
+ o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
+ o New cipher Camellia
+
Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b:
o Cipher string fixes.
Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a:
- o Fix potential SSL 2.0 rollback, CAN-2005-2969
+ o Fix potential SSL 2.0 rollback, CVE-2005-2969
o Extended Windows CE support
Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8:
o Added initial support for Win64.
o Added alternate pkg-config files.
+ Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l:
+
+ o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
+ o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
+
+ Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k:
+
+ o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
+
Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j:
o Visual C++ 2005 fixes.
Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h:
- o Fix SSL 2.0 Rollback, CAN-2005-2969
+ o Fix SSL 2.0 Rollback, CVE-2005-2969
o Allow use of fixed-length exponent on DSA signing
o Default fixed-window RSA, DSA, DH private-key operations