X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=NEWS;h=098b73f915ede6fec2f151857ed598ff74dc57e8;hb=e72467d3a4d0b83f478bbd60fee3e788a615238e;hp=60c841f36f7008d8702be813a7104ed017011082;hpb=f6c024c2e7f33e9d26c62cf19d519e5ef7fa4a09;p=oweals%2Fopenssl.git diff --git a/NEWS b/NEWS index 60c841f36f..098b73f915 100644 --- a/NEWS +++ b/NEWS @@ -5,22 +5,98 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. - Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.1 [in pre-release] - - o Support for TLSv1.3 added + Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [under development] + + o The algorithm specific public key command line applications have + been deprecated. These include dhparam, gendsa and others. The pkey + alternatives should be used intead: pkey, pkeyparam and genpkey. + o X509 certificates signed using SHA1 are no longer allowed at security + level 1 or higher. The default security level for TLS is 1, so + certificates signed using SHA1 are by default no longer trusted to + authenticate servers or clients. + o enable-crypto-mdebug and enable-crypto-mdebug-backtrace were mostly + disabled; the project uses address sanitize/leak-detect instead. + o Added OSSL_SERIALIZER, a generic serializer API. + o Added error raising macros, ERR_raise() and ERR_raise_data(). + o Deprecated ERR_put_error(). + o Added OSSL_PROVIDER_available(), to check provider availibility. + o Added 'openssl mac' that uses the EVP_MAC API. + o Added 'openssl kdf' that uses the EVP_KDF API. + o Add OPENSSL_info() and 'openssl info' to get built-in data. + o Add support for enabling instrumentation through trace and debug + output. + o Changed our version number scheme and set the next major release to + 3.0.0 + o Added EVP_MAC, an EVP layer MAC API, and a generic EVP_PKEY to EVP_MAC + bridge. + o Removed the heartbeat message in DTLS feature. + o Added EVP_KDF, an EVP layer KDF API, and a generic EVP_PKEY to EVP_KDF + bridge. + o All of the low level MD2, MD4, MD5, MDC2, RIPEMD160, SHA1, SHA224, + SHA256, SHA384, SHA512 and Whirlpool digest functions have been + deprecated. + o All of the low level AES, Blowfish, Camellia, CAST, DES, IDEA, RC2, + RC4, RC5 and SEED cipher functions have been deprecated. + o All of the low level DH, DSA, ECDH, ECDSA and RSA public key functions + have been deprecated. + + Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [20 Nov 2018] + + o Timing vulnerability in DSA signature generation (CVE-2018-0734) + o Timing vulnerability in ECDSA signature generation (CVE-2018-0735) + + Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018] + + o Support for TLSv1.3 added (see https://wiki.openssl.org/index.php/TLS1.3 + for further important information). The TLSv1.3 implementation includes: + o Fully compliant implementation of RFC8446 (TLSv1.3) on by default + o Early data (0-RTT) + o Post-handshake authentication and key update + o Middlebox Compatibility Mode + o TLSv1.3 PSKs + o Support for all five RFC8446 ciphersuites + o RSA-PSS signature algorithms (backported to TLSv1.2) + o Configurable session ticket support + o Stateless server support + o Rewrite of the packet construction code for "safer" packet handling + o Rewrite of the extension handling code + o Complete rewrite of the OpenSSL random number generator to introduce the + following capabilities + o The default RAND method now utilizes an AES-CTR DRBG according to + NIST standard SP 800-90Ar1. + o Support for multiple DRBG instances with seed chaining. + o There is a public and private DRBG instance. + o The DRBG instances are fork-safe. + o Keep all global DRBG instances on the secure heap if it is enabled. + o The public and private DRBG instance are per thread for lock free + operation + o Support for various new cryptographic algorithms including: + o SHA3 + o SHA512/224 and SHA512/256 + o EdDSA (both Ed25519 and Ed448) including X509 and TLS support + o X448 (adding to the existing X25519 support in 1.1.0) + o Multi-prime RSA + o SM2 + o SM3 + o SM4 + o SipHash + o ARIA (including TLS support) + o Significant Side-Channel attack security improvements + o Add a new ClientHello callback to provide the ability to adjust the SSL + object at an early stage. + o Add 'Maximum Fragment Length' TLS extension negotiation and support + o A new STORE module, which implements a uniform and URI based reader of + stores that can contain keys, certificates, CRLs and numerous other + objects. o Move the display of configuration data to configdata.pm. o Allow GNU style "make variables" to be used with Configure. - o Add a STORE module (OSSL_STORE) o Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes - o Add multi-prime RSA (RFC 8017) support - o Add SM3 implemented according to GB/T 32905-2016 - o Add SM4 implemented according to GB/T 32907-2016. - o Add 'Maximum Fragment Length' TLS extension negotiation and support - o Add ARIA support - o Add SHA3 o Rewrite of devcrypto engine - o Add support for SipHash - o Grand redesign of the OpenSSL random generator + + Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [under development] + + o Client DoS due to large DH parameter (CVE-2018-0732) + o Cache timing vulnerability in RSA Key Generation (CVE-2018-0737) Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [under development] @@ -549,7 +625,7 @@ Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]: - o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build. + o Give EVP_MAX_MD_SIZE its old value, except for a FIPS build. Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]: