This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
-Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [under development]
-----------------------------------------------------------------------
-
+OpenSSL Releases
+----------------
+
+ - [OpenSSL 3.0](#openssl-30)
+ - [OpenSSL 1.1.1](#openssl-111)
+ - [OpenSSL 1.1.0](#openssl-110)
+ - [OpenSSL 1.0.2](#openssl-102)
+ - [OpenSSL 1.0.1](#openssl-101)
+ - [OpenSSL 1.0.0](#openssl-100)
+ - [OpenSSL 0.9.x](#openssl-09x)
+
+OpenSSL 3.0
+-----------
+
+### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0 [under development] ###
+
+ * The algorithm specific public key command line applications have
+ been deprecated. These include dhparam, gendsa and others. The pkey
+ alternatives should be used intead: pkey, pkeyparam and genpkey.
+ * X509 certificates signed using SHA1 are no longer allowed at security
+ level 1 or higher. The default security level for TLS is 1, so
+ certificates signed using SHA1 are by default no longer trusted to
+ authenticate servers or clients.
* enable-crypto-mdebug and enable-crypto-mdebug-backtrace were mostly
disabled; the project uses address sanitize/leak-detect instead.
* Added OSSL_SERIALIZER, a generic serializer API.
* Removed the heartbeat message in DTLS feature.
* Added EVP_KDF, an EVP layer KDF API, and a generic EVP_PKEY to EVP_KDF
bridge.
+ * All of the low level MD2, MD4, MD5, MDC2, RIPEMD160, SHA1, SHA224,
+ SHA256, SHA384, SHA512 and Whirlpool digest functions have been
+ deprecated.
+ * All of the low level AES, Blowfish, Camellia, CAST, DES, IDEA, RC2,
+ RC4, RC5 and SEED cipher functions have been deprecated.
+ * All of the low level DH, DSA, ECDH, ECDSA and RSA public key functions
+ have been deprecated.
+
+OpenSSL 1.1.1
+-------------
+
+### Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019] ###
+
+ * Fixed a fork protection issue ([CVE-2019-1549][])
+ * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
+ ([CVE-2019-1563][])
+ * For built-in EC curves, ensure an EC_GROUP built from the curve name is
+ used even when parsing explicit parameters
+ * Compute ECC cofactors if not provided during EC_GROUP construction
+ ([CVE-2019-1547][])
+ * Early start up entropy quality from the DEVRANDOM seed source has been
+ improved for older Linux systems
+ * Correct the extended master secret constant on EBCDIC systems
+ * Use Windows installation paths in the mingw builds ([CVE-2019-1552][])
+ * Changed DH_check to accept parameters with order q and 2q subgroups
+ * Significantly reduce secure memory usage by the randomness pools
+ * Revert the DEVRANDOM_WAIT feature for Linux systems
+
+### Major changes between OpenSSL 1.1.1b and OpenSSL 1.1.1c [28 May 2019] ###
+
+ * Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543][])
+
+### Major changes between OpenSSL 1.1.1a and OpenSSL 1.1.1b [26 Feb 2019] ###
+
+ * Change the info callback signals for the start and end of a post-handshake
+ message exchange in TLSv1.3.
+ * Fix a bug in DTLS over SCTP. This breaks interoperability with older
+ versions of OpenSSL like OpenSSL 1.1.0 and OpenSSL 1.0.2.
-Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [20 Nov 2018]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [20 Nov 2018] ###
- * Timing vulnerability in DSA signature generation (CVE-2018-0734)
- * Timing vulnerability in ECDSA signature generation (CVE-2018-0735)
+ * Timing vulnerability in DSA signature generation ([CVE-2018-0734][])
+ * Timing vulnerability in ECDSA signature generation ([CVE-2018-0735][])
-Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018] ###
- * Support for TLSv1.3 added (see https://wiki.openssl.org/index.php/TLS1.3
- for further important information). The TLSv1.3 implementation includes:
+ * Support for TLSv1.3 added. The TLSv1.3 implementation includes:
* Fully compliant implementation of RFC8446 (TLSv1.3) on by default
* Early data (0-RTT)
* Post-handshake authentication and key update
* Stateless server support
* Rewrite of the packet construction code for "safer" packet handling
* Rewrite of the extension handling code
+ For further important information, see the [TLS1.3 page](
+ https://wiki.openssl.org/index.php/TLS1.3) in the OpenSSL Wiki.
+
* Complete rewrite of the OpenSSL random number generator to introduce the
following capabilities
* The default RAND method now utilizes an AES-CTR DRBG according to
* Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes
* Rewrite of devcrypto engine
-Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [under development]
-----------------------------------------------------------------------
- * Client DoS due to large DH parameter (CVE-2018-0732)
- * Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
+OpenSSL 1.1.0
+-------------
+
+### Major changes between OpenSSL 1.1.0k and OpenSSL 1.1.0l [10 Sep 2019] ###
+
+ * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
+ ([CVE-2019-1563][])
+ * For built-in EC curves, ensure an EC_GROUP built from the curve name is
+ used even when parsing explicit parameters
+ * Compute ECC cofactors if not provided during EC_GROUP construction
+ ([CVE-2019-1547][])
+ * Use Windows installation paths in the mingw builds ([CVE-2019-1552][])
+
+### Major changes between OpenSSL 1.1.0j and OpenSSL 1.1.0k [28 May 2019] ###
+
+ * Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543][])
+
+### Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.0j [20 Nov 2018] ###
+
+ * Timing vulnerability in DSA signature generation ([CVE-2018-0734][])
+ * Timing vulnerability in ECDSA signature generation ([CVE-2018-0735][])
+
+### Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [14 Aug 2018] ###
-Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [under development]
-----------------------------------------------------------------------
+ * Client DoS due to large DH parameter ([CVE-2018-0732][])
+ * Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737][])
+
+### Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [27 Mar 2018] ###
* Constructed ASN.1 types with a recursive definition could exceed the
- stack (CVE-2018-0739)
- * Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733)
- * rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
+ stack ([CVE-2018-0739][])
+ * Incorrect CRYPTO_memcmp on HP-UX PA-RISC ([CVE-2018-0733][])
+ * rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738][])
-Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017] ###
- * bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
- * Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)
+ * bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736][])
+ * Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735][])
-Major changes between OpenSSL 1.1.0e and OpenSSL 1.1.0f [25 May 2017]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.1.0e and OpenSSL 1.1.0f [25 May 2017] ###
* config now recognises 64-bit mingw and chooses mingw64 instead of mingw
-Major changes between OpenSSL 1.1.0d and OpenSSL 1.1.0e [16 Feb 2017]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.1.0d and OpenSSL 1.1.0e [16 Feb 2017] ###
- * Encrypt-Then-Mac renegotiation crash (CVE-2017-3733)
+ * Encrypt-Then-Mac renegotiation crash ([CVE-2017-3733][])
-Major changes between OpenSSL 1.1.0c and OpenSSL 1.1.0d [26 Jan 2017]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.1.0c and OpenSSL 1.1.0d [26 Jan 2017] ###
- * Truncated packet could crash via OOB read (CVE-2017-3731)
- * Bad (EC)DHE parameters cause a client crash (CVE-2017-3730)
- * BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
+ * Truncated packet could crash via OOB read ([CVE-2017-3731][])
+ * Bad (EC)DHE parameters cause a client crash ([CVE-2017-3730][])
+ * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732][])
-Major changes between OpenSSL 1.1.0b and OpenSSL 1.1.0c [10 Nov 2016]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.1.0b and OpenSSL 1.1.0c [10 Nov 2016] ###
- * ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054)
- * CMS Null dereference (CVE-2016-7053)
- * Montgomery multiplication may produce incorrect results (CVE-2016-7055)
+ * ChaCha20/Poly1305 heap-buffer-overflow ([CVE-2016-7054][])
+ * CMS Null dereference ([CVE-2016-7053][])
+ * Montgomery multiplication may produce incorrect results ([CVE-2016-7055][])
-Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.0b [26 Sep 2016]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.0b [26 Sep 2016] ###
- * Fix Use After Free for large message sizes (CVE-2016-6309)
+ * Fix Use After Free for large message sizes ([CVE-2016-6309][])
-Major changes between OpenSSL 1.1.0 and OpenSSL 1.1.0a [22 Sep 2016]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.1.0 and OpenSSL 1.1.0a [22 Sep 2016] ###
- * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
- * SSL_peek() hang on empty record (CVE-2016-6305)
+ * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304][])
+ * SSL_peek() hang on empty record ([CVE-2016-6305][])
* Excessive allocation of memory in tls_get_message_header()
- (CVE-2016-6307)
+ ([CVE-2016-6307][])
* Excessive allocation of memory in dtls1_preprocess_fragment()
- (CVE-2016-6308)
+ ([CVE-2016-6308][])
-Major changes between OpenSSL 1.0.2h and OpenSSL 1.1.0 [25 Aug 2016]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.2h and OpenSSL 1.1.0 [25 Aug 2016] ###
* Copyright text was shrunk to a boilerplate that points to the license
* "shared" builds are now the default when possible
* Support for Certificate Transparency
* HKDF support.
-Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]
-----------------------------------------------------------------------
- * Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
- * Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
- * Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
- * Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
- * EBCDIC overread (CVE-2016-2176)
+OpenSSL 1.0.2
+-------------
+
+### Major changes between OpenSSL 1.0.2s and OpenSSL 1.0.2t [10 Sep 2019] ###
+
+ * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
+ ([CVE-2019-1563][])
+ * For built-in EC curves, ensure an EC_GROUP built from the curve name is
+ used even when parsing explicit parameters
+ * Compute ECC cofactors if not provided during EC_GROUP construction
+ ([CVE-2019-1547][])
+ * Document issue with installation paths in diverse Windows builds
+ ([CVE-2019-1552][])
+
+### Major changes between OpenSSL 1.0.2r and OpenSSL 1.0.2s [28 May 2019] ###
+
+ * None
+
+### Major changes between OpenSSL 1.0.2q and OpenSSL 1.0.2r [26 Feb 2019] ###
+
+ * 0-byte record padding oracle ([CVE-2019-1559][])
+
+### Major changes between OpenSSL 1.0.2p and OpenSSL 1.0.2q [20 Nov 2018] ###
+
+ * Microarchitecture timing vulnerability in ECC scalar multiplication ([CVE-2018-5407][])
+ * Timing vulnerability in DSA signature generation ([CVE-2018-0734][])
+
+### Major changes between OpenSSL 1.0.2o and OpenSSL 1.0.2p [14 Aug 2018] ###
+
+ * Client DoS due to large DH parameter ([CVE-2018-0732][])
+ * Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737][])
+
+### Major changes between OpenSSL 1.0.2n and OpenSSL 1.0.2o [27 Mar 2018] ###
+
+ * Constructed ASN.1 types with a recursive definition could exceed the
+ stack ([CVE-2018-0739][])
+
+### Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [7 Dec 2017] ###
+
+ * Read/write after SSL object in error state ([CVE-2017-3737][])
+ * rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738][])
+
+### Major changes between OpenSSL 1.0.2l and OpenSSL 1.0.2m [2 Nov 2017] ###
+
+ * bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736][])
+ * Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735][])
+
+### Major changes between OpenSSL 1.0.2k and OpenSSL 1.0.2l [25 May 2017] ###
+
+ * config now recognises 64-bit mingw and chooses mingw64 instead of mingw
+
+### Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017] ###
+
+ * Truncated packet could crash via OOB read ([CVE-2017-3731][])
+ * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732][])
+ * Montgomery multiplication may produce incorrect results ([CVE-2016-7055][])
+
+### Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016] ###
+
+ * Missing CRL sanity check ([CVE-2016-7052][])
+
+### Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016] ###
+
+ * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304][])
+ * SWEET32 Mitigation ([CVE-2016-2183][])
+ * OOB write in MDC2_Update() ([CVE-2016-6303][])
+ * Malformed SHA512 ticket DoS ([CVE-2016-6302][])
+ * OOB write in BN_bn2dec() ([CVE-2016-2182][])
+ * OOB read in TS_OBJ_print_bio() ([CVE-2016-2180][])
+ * Pointer arithmetic undefined behaviour ([CVE-2016-2177][])
+ * Constant time flag not preserved in DSA signing ([CVE-2016-2178][])
+ * DTLS buffered message DoS ([CVE-2016-2179][])
+ * DTLS replay protection DoS ([CVE-2016-2181][])
+ * Certificate message OOB reads ([CVE-2016-6306][])
+
+### Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016] ###
+
+ * Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107][])
+ * Fix EVP_EncodeUpdate overflow ([CVE-2016-2105][])
+ * Fix EVP_EncryptUpdate overflow ([CVE-2016-2106][])
+ * Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109][])
+ * EBCDIC overread ([CVE-2016-2176][])
* Modify behavior of ALPN to invoke callback after SNI/servername
callback, such that updates to the SSL_CTX affect ALPN.
* Remove LOW from the DEFAULT cipher list. This removes singles DES from
the default.
* Only remove the SSLv2 methods with the no-ssl2-method option.
-Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016] ###
* Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
* Disable SSLv2 default build, default negotiation and weak ciphers
- (CVE-2016-0800)
- * Fix a double-free in DSA code (CVE-2016-0705)
+ ([CVE-2016-0800][])
+ * Fix a double-free in DSA code ([CVE-2016-0705][])
* Disable SRP fake user seed to address a server memory leak
- (CVE-2016-0798)
+ ([CVE-2016-0798][])
* Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
- (CVE-2016-0797)
- * Fix memory issues in BIO_*printf functions (CVE-2016-0799)
- * Fix side channel attack on modular exponentiation (CVE-2016-0702)
+ ([CVE-2016-0797][])
+ * Fix memory issues in BIO_*printf functions ([CVE-2016-0799][])
+ * Fix side channel attack on modular exponentiation ([CVE-2016-0702][])
-Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016] ###
- * DH small subgroups (CVE-2016-0701)
- * SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
+ * DH small subgroups ([CVE-2016-0701][])
+ * SSLv2 doesn't block disabled ciphers ([CVE-2015-3197][])
-Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015] ###
- * BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
- * Certificate verify crash with missing PSS parameter (CVE-2015-3194)
- * X509_ATTRIBUTE memory leak (CVE-2015-3195)
+ * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2015-3193][])
+ * Certificate verify crash with missing PSS parameter ([CVE-2015-3194][])
+ * X509_ATTRIBUTE memory leak ([CVE-2015-3195][])
* Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs
* In DSA_generate_parameters_ex, if the provided seed is too short,
return an error
-Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015] ###
- * Alternate chains certificate forgery (CVE-2015-1793)
- * Race condition handling PSK identify hint (CVE-2015-3196)
+ * Alternate chains certificate forgery ([CVE-2015-1793][])
+ * Race condition handling PSK identify hint ([CVE-2015-3196][])
-Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015] ###
* Fix HMAC ABI incompatibility
-Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015]
-----------------------------------------------------------------------
-
- * Malformed ECParameters causes infinite loop (CVE-2015-1788)
- * Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
- * PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
- * CMS verify infinite loop with unknown hash function (CVE-2015-1792)
- * Race condition handling NewSessionTicket (CVE-2015-1791)
-
-Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015]
-----------------------------------------------------------------------
-
- * OpenSSL 1.0.2 ClientHello sigalgs DoS fix (CVE-2015-0291)
- * Multiblock corrupted pointer fix (CVE-2015-0290)
- * Segmentation fault in DTLSv1_listen fix (CVE-2015-0207)
- * Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)
- * Segmentation fault for invalid PSS parameters fix (CVE-2015-0208)
- * ASN.1 structure reuse memory corruption fix (CVE-2015-0287)
- * PKCS7 NULL pointer dereferences fix (CVE-2015-0289)
- * DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293)
- * Empty CKE with client auth and DHE fix (CVE-2015-1787)
- * Handshake with unseeded PRNG fix (CVE-2015-0285)
- * Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209)
- * X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288)
+### Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015] ###
+
+ * Malformed ECParameters causes infinite loop ([CVE-2015-1788][])
+ * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789][])
+ * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790][])
+ * CMS verify infinite loop with unknown hash function ([CVE-2015-1792][])
+ * Race condition handling NewSessionTicket ([CVE-2015-1791][])
+
+### Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015] ###
+
+ * OpenSSL 1.0.2 ClientHello sigalgs DoS fix ([CVE-2015-0291][])
+ * Multiblock corrupted pointer fix ([CVE-2015-0290][])
+ * Segmentation fault in DTLSv1_listen fix ([CVE-2015-0207][])
+ * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286][])
+ * Segmentation fault for invalid PSS parameters fix ([CVE-2015-0208][])
+ * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287][])
+ * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289][])
+ * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293][])
+ * Empty CKE with client auth and DHE fix ([CVE-2015-1787][])
+ * Handshake with unseeded PRNG fix ([CVE-2015-0285][])
+ * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209][])
+ * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288][])
* Removed the export ciphers from the DEFAULT ciphers
-Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015] ###
* Suite B support for TLS 1.2 and DTLS 1.2
* Support for DTLS 1.2
* ALPN support.
* CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.
-Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015]
-----------------------------------------------------------------------
+
+OpenSSL 1.0.1
+-------------
+
+### Major changes between OpenSSL 1.0.1t and OpenSSL 1.0.1u [22 Sep 2016] ###
+
+ * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304][])
+ * SWEET32 Mitigation ([CVE-2016-2183][])
+ * OOB write in MDC2_Update() ([CVE-2016-6303][])
+ * Malformed SHA512 ticket DoS ([CVE-2016-6302][])
+ * OOB write in BN_bn2dec() ([CVE-2016-2182][])
+ * OOB read in TS_OBJ_print_bio() ([CVE-2016-2180][])
+ * Pointer arithmetic undefined behaviour ([CVE-2016-2177][])
+ * Constant time flag not preserved in DSA signing ([CVE-2016-2178][])
+ * DTLS buffered message DoS ([CVE-2016-2179][])
+ * DTLS replay protection DoS ([CVE-2016-2181][])
+ * Certificate message OOB reads ([CVE-2016-6306][])
+
+### Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016] ###
+
+ * Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107][])
+ * Fix EVP_EncodeUpdate overflow ([CVE-2016-2105][])
+ * Fix EVP_EncryptUpdate overflow ([CVE-2016-2106][])
+ * Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109][])
+ * EBCDIC overread ([CVE-2016-2176][])
+ * Modify behavior of ALPN to invoke callback after SNI/servername
+ callback, such that updates to the SSL_CTX affect ALPN.
+ * Remove LOW from the DEFAULT cipher list. This removes singles DES from
+ the default.
+ * Only remove the SSLv2 methods with the no-ssl2-method option.
+
+### Major changes between OpenSSL 1.0.1r and OpenSSL 1.0.1s [1 Mar 2016] ###
+
+ * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
+ * Disable SSLv2 default build, default negotiation and weak ciphers
+ ([CVE-2016-0800][])
+ * Fix a double-free in DSA code ([CVE-2016-0705][])
+ * Disable SRP fake user seed to address a server memory leak
+ ([CVE-2016-0798][])
+ * Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
+ ([CVE-2016-0797][])
+ * Fix memory issues in BIO_*printf functions ([CVE-2016-0799][])
+ * Fix side channel attack on modular exponentiation ([CVE-2016-0702][])
+
+### Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016] ###
+
+ * Protection for DH small subgroup attacks
+ * SSLv2 doesn't block disabled ciphers ([CVE-2015-3197][])
+
+### Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015] ###
+
+ * Certificate verify crash with missing PSS parameter ([CVE-2015-3194][])
+ * X509_ATTRIBUTE memory leak ([CVE-2015-3195][])
+ * Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs
+ * In DSA_generate_parameters_ex, if the provided seed is too short,
+ return an error
+
+### Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015] ###
+
+ * Alternate chains certificate forgery ([CVE-2015-1793][])
+ * Race condition handling PSK identify hint ([CVE-2015-3196][])
+
+### Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015] ###
+
+ * Fix HMAC ABI incompatibility
+
+### Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015] ###
+
+ * Malformed ECParameters causes infinite loop ([CVE-2015-1788][])
+ * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789][])
+ * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790][])
+ * CMS verify infinite loop with unknown hash function ([CVE-2015-1792][])
+ * Race condition handling NewSessionTicket ([CVE-2015-1791][])
+
+### Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015] ###
+
+ * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286][])
+ * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287][])
+ * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289][])
+ * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293][])
+ * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209][])
+ * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288][])
+ * Removed the export ciphers from the DEFAULT ciphers
+
+### Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015] ###
* Build fixes for the Windows and OpenVMS platforms
-Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015]
-----------------------------------------------------------------------
-
- * Fix for CVE-2014-3571
- * Fix for CVE-2015-0206
- * Fix for CVE-2014-3569
- * Fix for CVE-2014-3572
- * Fix for CVE-2015-0204
- * Fix for CVE-2015-0205
- * Fix for CVE-2014-8275
- * Fix for CVE-2014-3570
-
-Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014]
-----------------------------------------------------------------------
-
- * Fix for CVE-2014-3513
- * Fix for CVE-2014-3567
- * Mitigation for CVE-2014-3566 (SSL protocol vulnerability)
- * Fix for CVE-2014-3568
-
-Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014]
-----------------------------------------------------------------------
-
- * Fix for CVE-2014-3512
- * Fix for CVE-2014-3511
- * Fix for CVE-2014-3510
- * Fix for CVE-2014-3507
- * Fix for CVE-2014-3506
- * Fix for CVE-2014-3505
- * Fix for CVE-2014-3509
- * Fix for CVE-2014-5139
- * Fix for CVE-2014-3508
-
-Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
-----------------------------------------------------------------------
-
- * Fix for CVE-2014-0224
- * Fix for CVE-2014-0221
- * Fix for CVE-2014-0198
- * Fix for CVE-2014-0195
- * Fix for CVE-2014-3470
- * Fix for CVE-2010-5298
-
-Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
-----------------------------------------------------------------------
-
- * Fix for CVE-2014-0160
+### Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015] ###
+
+ * Fix for [CVE-2014-3571][]
+ * Fix for [CVE-2015-0206][]
+ * Fix for [CVE-2014-3569][]
+ * Fix for [CVE-2014-3572][]
+ * Fix for [CVE-2015-0204][]
+ * Fix for [CVE-2015-0205][]
+ * Fix for [CVE-2014-8275][]
+ * Fix for [CVE-2014-3570][]
+
+### Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014] ###
+
+ * Fix for [CVE-2014-3513][]
+ * Fix for [CVE-2014-3567][]
+ * Mitigation for [CVE-2014-3566][] (SSL protocol vulnerability)
+ * Fix for [CVE-2014-3568][]
+
+### Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014] ###
+
+ * Fix for [CVE-2014-3512][]
+ * Fix for [CVE-2014-3511][]
+ * Fix for [CVE-2014-3510][]
+ * Fix for [CVE-2014-3507][]
+ * Fix for [CVE-2014-3506][]
+ * Fix for [CVE-2014-3505][]
+ * Fix for [CVE-2014-3509][]
+ * Fix for [CVE-2014-5139][]
+ * Fix for [CVE-2014-3508][]
+
+### Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014] ###
+
+ * Fix for [CVE-2014-0224][]
+ * Fix for [CVE-2014-0221][]
+ * Fix for [CVE-2014-0198][]
+ * Fix for [CVE-2014-0195][]
+ * Fix for [CVE-2014-3470][]
+ * Fix for [CVE-2010-5298][]
+
+### Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014] ###
+
+ * Fix for [CVE-2014-0160][]
* Add TLS padding extension workaround for broken servers.
- * Fix for CVE-2014-0076
+ * Fix for [CVE-2014-0076][]
-Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014] ###
* Don't include gmt_unix_time in TLS server and client random values
- * Fix for TLS record tampering bug CVE-2013-4353
- * Fix for TLS version checking bug CVE-2013-6449
- * Fix for DTLS retransmission bug CVE-2013-6450
+ * Fix for TLS record tampering bug [CVE-2013-4353][]
+ * Fix for TLS version checking bug [CVE-2013-6449][]
+ * Fix for DTLS retransmission bug [CVE-2013-6450][]
-Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013] ###
- * Corrected fix for CVE-2013-0169
+ * Corrected fix for [CVE-2013-0169][]
-Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013] ###
* Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
* Include the fips configuration module.
- * Fix OCSP bad key DoS attack CVE-2013-0166
- * Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
- * Fix for TLS AESNI record handling flaw CVE-2012-2686
+ * Fix OCSP bad key DoS attack [CVE-2013-0166][]
+ * Fix for SSL/TLS/DTLS CBC plaintext recovery attack [CVE-2013-0169][]
+ * Fix for TLS AESNI record handling flaw [CVE-2012-2686][]
-Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012] ###
- * Fix TLS/DTLS record length checking bug CVE-2012-2333
+ * Fix TLS/DTLS record length checking bug [CVE-2012-2333][]
* Don't attempt to use non-FIPS composite ciphers in FIPS mode.
-Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012] ###
* Fix compilation error on non-x86 platforms.
* Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
* Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
-Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012] ###
- * Fix for ASN1 overflow bug CVE-2012-2110
+ * Fix for ASN1 overflow bug [CVE-2012-2110][]
* Workarounds for some servers that hang on long client hellos.
* Fix SEGV in AES code.
-Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012] ###
* TLS/DTLS heartbeat support.
* SCTP support.
* Preliminary FIPS capability for unvalidated 2.0 FIPS module.
* SRP support.
-Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:
-----------------------------------------------------------------------
- * Fix for CMS/PKCS#7 MMA CVE-2012-0884
- * Corrected fix for CVE-2011-4619
+OpenSSL 1.0.0
+-------------
+
+### Major changes between OpenSSL 1.0.0s and OpenSSL 1.0.0t [3 Dec 2015] ###
+
+ * X509_ATTRIBUTE memory leak ([CVE-2015-3195][])
+ * Race condition handling PSK identify hint ([CVE-2015-3196][])
+
+### Major changes between OpenSSL 1.0.0r and OpenSSL 1.0.0s [11 Jun 2015] ###
+
+ * Malformed ECParameters causes infinite loop ([CVE-2015-1788][])
+ * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789][])
+ * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790][])
+ * CMS verify infinite loop with unknown hash function ([CVE-2015-1792][])
+ * Race condition handling NewSessionTicket ([CVE-2015-1791][])
+
+### Major changes between OpenSSL 1.0.0q and OpenSSL 1.0.0r [19 Mar 2015] ###
+
+ * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286][])
+ * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287][])
+ * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289][])
+ * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293][])
+ * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209][])
+ * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288][])
+ * Removed the export ciphers from the DEFAULT ciphers
+
+### Major changes between OpenSSL 1.0.0p and OpenSSL 1.0.0q [15 Jan 2015] ###
+
+ * Build fixes for the Windows and OpenVMS platforms
+
+### Major changes between OpenSSL 1.0.0o and OpenSSL 1.0.0p [8 Jan 2015] ###
+
+ * Fix for [CVE-2014-3571][]
+ * Fix for [CVE-2015-0206][]
+ * Fix for [CVE-2014-3569][]
+ * Fix for [CVE-2014-3572][]
+ * Fix for [CVE-2015-0204][]
+ * Fix for [CVE-2015-0205][]
+ * Fix for [CVE-2014-8275][]
+ * Fix for [CVE-2014-3570][]
+
+### Major changes between OpenSSL 1.0.0n and OpenSSL 1.0.0o [15 Oct 2014] ###
+
+ * Fix for [CVE-2014-3513][]
+ * Fix for [CVE-2014-3567][]
+ * Mitigation for [CVE-2014-3566][] (SSL protocol vulnerability)
+ * Fix for [CVE-2014-3568][]
+
+### Major changes between OpenSSL 1.0.0m and OpenSSL 1.0.0n [6 Aug 2014] ###
+
+ * Fix for [CVE-2014-3510][]
+ * Fix for [CVE-2014-3507][]
+ * Fix for [CVE-2014-3506][]
+ * Fix for [CVE-2014-3505][]
+ * Fix for [CVE-2014-3509][]
+ * Fix for [CVE-2014-3508][]
+
+ Known issues in OpenSSL 1.0.0m:
+
+ * EAP-FAST and other applications using tls_session_secret_cb
+ wont resume sessions. Fixed in 1.0.0n-dev
+ * Compilation failure of s3_pkt.c on some platforms due to missing
+ <limits.h> include. Fixed in 1.0.0n-dev
+
+### Major changes between OpenSSL 1.0.0l and OpenSSL 1.0.0m [5 Jun 2014] ###
+
+ * Fix for [CVE-2014-0224][]
+ * Fix for [CVE-2014-0221][]
+ * Fix for [CVE-2014-0198][]
+ * Fix for [CVE-2014-0195][]
+ * Fix for [CVE-2014-3470][]
+ * Fix for [CVE-2014-0076][]
+ * Fix for [CVE-2010-5298][]
+
+### Major changes between OpenSSL 1.0.0k and OpenSSL 1.0.0l [6 Jan 2014] ###
+
+ * Fix for DTLS retransmission bug [CVE-2013-6450][]
+
+### Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013] ###
+
+ * Fix for SSL/TLS/DTLS CBC plaintext recovery attack [CVE-2013-0169][]
+ * Fix OCSP bad key DoS attack [CVE-2013-0166][]
+
+### Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012] ###
+
+ * Fix DTLS record length checking bug [CVE-2012-2333][]
+
+### Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012] ###
+
+ * Fix for ASN1 overflow bug [CVE-2012-2110][]
+
+
+### Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012] ###
+
+ * Fix for CMS/PKCS#7 MMA [CVE-2012-0884][]
+ * Corrected fix for [CVE-2011-4619][]
* Various DTLS fixes.
-Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012] ###
- * Fix for DTLS DoS issue CVE-2012-0050
+ * Fix for DTLS DoS issue [CVE-2012-0050][]
-Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012] ###
- * Fix for DTLS plaintext recovery attack CVE-2011-4108
- * Clear block padding bytes of SSL 3.0 records CVE-2011-4576
- * Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
- * Check parameters are not NULL in GOST ENGINE CVE-2012-0027
- * Check for malformed RFC3779 data CVE-2011-4577
+ * Fix for DTLS plaintext recovery attack [CVE-2011-4108][]
+ * Clear block padding bytes of SSL 3.0 records [CVE-2011-4576][]
+ * Only allow one SGC handshake restart for SSL/TLS [CVE-2011-4619][]
+ * Check parameters are not NULL in GOST ENGINE [CVE-2012-0027][]
+ * Check for malformed RFC3779 data [CVE-2011-4577][]
-Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011] ###
- * Fix for CRL vulnerability issue CVE-2011-3207
- * Fix for ECDH crashes CVE-2011-3210
+ * Fix for CRL vulnerability issue [CVE-2011-3207][]
+ * Fix for ECDH crashes [CVE-2011-3210][]
* Protection against EC timing attacks.
* Support ECDH ciphersuites for certificates using SHA2 algorithms.
* Various DTLS fixes.
-Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011] ###
- * Fix for security issue CVE-2011-0014
+ * Fix for security issue [CVE-2011-0014][]
-Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010] ###
- * Fix for security issue CVE-2010-4180
- * Fix for CVE-2010-4252
+ * Fix for security issue [CVE-2010-4180][]
+ * Fix for [CVE-2010-4252][]
* Fix mishandling of absent EC point format extension.
* Fix various platform compilation issues.
- * Corrected fix for security issue CVE-2010-3864.
+ * Corrected fix for security issue [CVE-2010-3864][].
-Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010] ###
- * Fix for security issue CVE-2010-3864.
- * Fix for CVE-2010-2939
+ * Fix for security issue [CVE-2010-3864][].
+ * Fix for [CVE-2010-2939][]
* Fix WIN32 build system for GOST ENGINE.
-Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010] ###
- * Fix for security issue CVE-2010-1633.
+ * Fix for security issue [CVE-2010-1633][].
* GOST MAC and CFB fixes.
-Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010] ###
* RFC3280 path validation: sufficient to process PKITS tests.
* Integrated support for PVK files and keyblobs.
* Opaque PRF Input TLS extension support.
* Updated time routines to avoid OS limitations.
-Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]:
-----------------------------------------------------------------------
+OpenSSL 0.9.x
+-------------
+
+### Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010] ###
* CFB cipher definition fixes.
- * Fix security issues CVE-2010-0740 and CVE-2010-0433.
+ * Fix security issues [CVE-2010-0740][] and [CVE-2010-0433][].
-Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010] ###
* Cipher definition fixes.
* Workaround for slow RAND_poll() on some WIN32 versions.
* Ticket and SNI coexistence fixes.
* Many fixes to DTLS handling.
-Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009] ###
- * Temporary work around for CVE-2009-3555: disable renegotiation.
+ * Temporary work around for [CVE-2009-3555][]: disable renegotiation.
-Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009] ###
* Fix various build issues.
- * Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789)
+ * Fix security issues ([CVE-2009-0590][], [CVE-2009-0591][], [CVE-2009-0789][])
-Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009] ###
- * Fix security issue (CVE-2008-5077)
+ * Fix security issue ([CVE-2008-5077][])
* Merge FIPS 140-2 branch code.
-Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008] ###
* CryptoAPI ENGINE support.
* Various precautionary measures.
* Fix for bugs affecting certificate request creation.
* Support for local machine keyset attribute in PKCS#12 files.
-Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007] ###
* Backport of CMS functionality to 0.9.8.
* Fixes for bugs introduced with 0.9.8f.
-Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007] ###
* Add gcc 4.2 support.
* Add support for AES and SSE2 assembly language optimization
* RFC4507bis support.
* TLS Extensions support.
-Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007] ###
* Various ciphersuite selection fixes.
* RFC3779 support.
-Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006] ###
- * Introduce limits to prevent malicious key DoS (CVE-2006-2940)
- * Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
+ * Introduce limits to prevent malicious key DoS ([CVE-2006-2940][])
+ * Fix security issues ([CVE-2006-2937][], [CVE-2006-3737][], [CVE-2006-4343][])
* Changes to ciphersuite selection algorithm
-Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006] ###
- * Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
+ * Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339][]
* New cipher Camellia
-Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006] ###
* Cipher string fixes.
* Fixes for VC++ 2005.
* Built in dynamic engine compilation support on Win32.
* Fixes auto dynamic engine loading in Win32.
-Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005] ###
- * Fix potential SSL 2.0 rollback, CVE-2005-2969
+ * Fix potential SSL 2.0 rollback, [CVE-2005-2969][]
* Extended Windows CE support
-Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005] ###
* Major work on the BIGNUM library for higher efficiency and to
make operations more streamlined and less contradictory. This
* Added initial support for Win64.
* Added alternate pkg-config files.
-Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007] ###
* FIPS 1.1.1 module linking.
* Various ciphersuite selection fixes.
-Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006] ###
- * Introduce limits to prevent malicious key DoS (CVE-2006-2940)
- * Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
+ * Introduce limits to prevent malicious key DoS ([CVE-2006-2940][])
+ * Fix security issues ([CVE-2006-2937][], [CVE-2006-3737][], [CVE-2006-4343][])
-Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006] ###
- * Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
+ * Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339][]
-Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006] ###
* Visual C++ 2005 fixes.
* Update Windows build system for FIPS.
-Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005] ###
* Give EVP_MAX_MD_SIZE its old value, except for a FIPS build.
-Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005] ###
- * Fix SSL 2.0 Rollback, CVE-2005-2969
+ * Fix SSL 2.0 Rollback, [CVE-2005-2969][]
* Allow use of fixed-length exponent on DSA signing
* Default fixed-window RSA, DSA, DH private-key operations
-Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005] ###
* More compilation issues fixed.
* Adaptation to more modern Kerberos API.
* More constification.
* Added processing of proxy certificates (RFC 3820).
-Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005] ###
* Several compilation issues fixed.
* Many memory allocation failure checks added.
* Mandatory basic checks on certificates.
* Performance improvements.
-Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004] ###
* Fix race condition in CRL checking code.
* Fixes to PKCS#7 (S/MIME) code.
-Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004] ###
* Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
* Security: Fix null-pointer assignment in do_change_cipher_spec()
* Multiple X509 verification fixes
* Speed up HMAC and other operations
-Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003] ###
* Security: fix various ASN1 parsing bugs.
* New -ignore_err option to OCSP utility.
* Various interop and bug fixes in S/MIME code.
* SSL/TLS protocol fix for unrequested client certificates.
-Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003] ###
* Security: counter the Klima-Pokorny-Rosa extension of
Bleichbacher's attack
* ASN.1: treat domainComponent correctly.
* Documentation: fixes and additions.
-Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003] ###
* Security: Important security related bugfixes.
* Enhanced compatibility with MIT Kerberos.
* SSL/TLS: now handles manual certificate chain building.
* SSL/TLS: certain session ID malfunctions corrected.
-Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002] ###
* New library section OCSP.
* Complete rewrite of ASN1 code.
* SSL/TLS: add callback to retrieve SSL/TLS messages.
* SSL/TLS: support AES cipher suites (RFC3268).
-Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003] ###
* Security: fix various ASN1 parsing bugs.
* SSL/TLS protocol fix for unrequested client certificates.
-Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003] ###
* Security: counter the Klima-Pokorny-Rosa extension of
Bleichbacher's attack
* Security: make RSA blinding default.
* Build: shared library support fixes.
-Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003] ###
* Important security related bugfixes.
-Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002] ###
* New configuration targets for Tandem OSS and A/UX.
* New OIDs for Microsoft attributes.
* Fixes for smaller building problems.
* Updates of manuals, FAQ and other instructive documents.
-Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002] ###
* Important building fixes on Unix.
-Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002] ###
* Various important bugfixes.
-Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002] ###
* Important security related bugfixes.
* Various SSL/TLS library bugfixes.
-Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002] ###
* Various SSL/TLS library bugfixes.
* Fix DH parameter generation for 'non-standard' generators.
-Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001] ###
* Various SSL/TLS library bugfixes.
* BIGNUM library fixes.
Broadcom and Cryptographic Appliance's keyserver
[in 0.9.6c-engine release].
-Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001] ###
* Security fix: PRNG improvements.
* Security fix: RSA OAEP check.
* Increase default size for BIO buffering filter.
* Compatibility fixes in some scripts.
-Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001] ###
* Security fix: change behavior of OpenSSL to avoid using
environment variables when running as root.
* New function BN_rand_range().
* Add "-rand" option to openssl s_client and s_server.
-Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000] ###
* Some documentation for BIO and SSL libraries.
* Enhanced chain verification using key identifiers.
[1] The support for external crypto devices is currently a separate
distribution. See the file README.ENGINE.
-Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000] ###
* Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8
* Shared library support for HPUX and Solaris-gcc
* New 'rand' application
* New way to check for existence of algorithms from scripts
-Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000] ###
* S/MIME support in new 'smime' command
* Documentation for the OpenSSL command line application
* Enhanced support for Alpha Linux
* Experimental MacOS support
-Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999] ###
* Transparent support for PKCS#8 format private keys: these are used
by several software packages and are more secure than the standard
* New pipe-like BIO that allows using the SSL library when actual I/O
must be handled by the application (BIO pair)
-Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999]:
-----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999] ###
+
* Lots of enhancements and cleanups to the Configuration mechanism
* RSA OEAP related fixes
- * Added `openssl ca -revoke' option for revoking a certificate
+ * Added "openssl ca -revoke" option for revoking a certificate
* Source cleanups: const correctness, type-safe stacks and ASN.1 SETs
* Source tree cleanups: removed lots of obsolete files
* Thawte SXNet, certificate policies and CRL distribution points
- extension support
+ extension support
* Preliminary (experimental) S/MIME support
* Support for ASN.1 UTF8String and VisibleString
* Full integration of PKCS#12 code
* Sparc assembler bignum implementation, optimized hash functions
* Option to disable selected ciphers
- Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999]:
- ----------------------------------------------------------------------
+### Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999] ###
+
* Fixed a security hole related to session resumption
* Fixed RSA encryption routines for the p < q case
* "ALL" in cipher lists now means "everything except NULL ciphers"
* Lots of memory leak fixes.
* Lots of bug fixes.
- Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998]:
- ----------------------------------------------------------------------
+### Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998] ###
+
* Integration of the popular NO_RSA/NO_DSA patches
* Initial support for compression inside the SSL record layer
* Added BIO proxy and filtering functionality
* Extended ASN.1 parser routines
* Adjustments of the source tree for CVS
* Support for various new platforms
+
+
+
+<!-- Links -->
+
+[CVE-2019-1563]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1563
+[CVE-2019-1559]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1559
+[CVE-2019-1552]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1552
+[CVE-2019-1549]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1549
+[CVE-2019-1547]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1547
+[CVE-2019-1543]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1543
+[CVE-2018-5407]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-5407
+[CVE-2018-0739]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0739
+[CVE-2018-0737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0737
+[CVE-2018-0735]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0735
+[CVE-2018-0734]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0734
+[CVE-2018-0733]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0733
+[CVE-2018-0732]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0732
+[CVE-2017-3738]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3738
+[CVE-2017-3737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3737
+[CVE-2017-3736]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3736
+[CVE-2017-3735]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3735
+[CVE-2017-3733]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3733
+[CVE-2017-3732]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3732
+[CVE-2017-3731]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3731
+[CVE-2017-3730]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3730
+[CVE-2016-7055]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7055
+[CVE-2016-7054]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7054
+[CVE-2016-7053]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7053
+[CVE-2016-7052]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7052
+[CVE-2016-6309]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6309
+[CVE-2016-6308]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6308
+[CVE-2016-6307]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6307
+[CVE-2016-6306]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6306
+[CVE-2016-6305]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6305
+[CVE-2016-6304]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6304
+[CVE-2016-6303]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6303
+[CVE-2016-6302]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6302
+[CVE-2016-2183]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2183
+[CVE-2016-2182]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2182
+[CVE-2016-2181]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2181
+[CVE-2016-2180]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2180
+[CVE-2016-2179]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2179
+[CVE-2016-2178]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2178
+[CVE-2016-2177]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2177
+[CVE-2016-2176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2176
+[CVE-2016-2109]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2109
+[CVE-2016-2107]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2107
+[CVE-2016-2106]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2106
+[CVE-2016-2105]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2105
+[CVE-2016-0800]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0800
+[CVE-2016-0799]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0799
+[CVE-2016-0798]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0798
+[CVE-2016-0797]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0797
+[CVE-2016-0705]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0705
+[CVE-2016-0702]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0702
+[CVE-2016-0701]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0701
+[CVE-2015-3197]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3197
+[CVE-2015-3196]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3196
+[CVE-2015-3195]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3195
+[CVE-2015-3194]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3194
+[CVE-2015-3193]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3193
+[CVE-2015-1793]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1793
+[CVE-2015-1792]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1792
+[CVE-2015-1791]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1791
+[CVE-2015-1790]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1790
+[CVE-2015-1789]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1789
+[CVE-2015-1788]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1788
+[CVE-2015-1787]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1787
+[CVE-2015-0293]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0293
+[CVE-2015-0291]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0291
+[CVE-2015-0290]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0290
+[CVE-2015-0289]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0289
+[CVE-2015-0288]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0288
+[CVE-2015-0287]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0287
+[CVE-2015-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0286
+[CVE-2015-0285]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0285
+[CVE-2015-0209]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0209
+[CVE-2015-0208]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0208
+[CVE-2015-0207]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0207
+[CVE-2015-0206]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0206
+[CVE-2015-0205]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0205
+[CVE-2015-0204]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0204
+[CVE-2014-8275]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-8275
+[CVE-2014-5139]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-5139
+[CVE-2014-3572]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3572
+[CVE-2014-3571]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3571
+[CVE-2014-3570]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3570
+[CVE-2014-3569]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3569
+[CVE-2014-3568]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3568
+[CVE-2014-3567]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3567
+[CVE-2014-3566]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3566
+[CVE-2014-3513]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3513
+[CVE-2014-3512]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3512
+[CVE-2014-3511]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3511
+[CVE-2014-3510]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3510
+[CVE-2014-3509]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3509
+[CVE-2014-3508]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3508
+[CVE-2014-3507]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3507
+[CVE-2014-3506]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3506
+[CVE-2014-3505]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3505
+[CVE-2014-3470]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3470
+[CVE-2014-0224]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0224
+[CVE-2014-0221]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0221
+[CVE-2014-0198]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0198
+[CVE-2014-0195]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0195
+[CVE-2014-0160]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0160
+[CVE-2014-0076]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0076
+[CVE-2013-6450]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-6450
+[CVE-2013-6449]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-6449
+[CVE-2013-4353]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-4353
+[CVE-2013-0169]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-0169
+[CVE-2013-0166]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-0166
+[CVE-2012-2686]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2686
+[CVE-2012-2333]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2333
+[CVE-2012-2110]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2110
+[CVE-2012-0884]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0884
+[CVE-2012-0050]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0050
+[CVE-2012-0027]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0027
+[CVE-2011-4619]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4619
+[CVE-2011-4577]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4577
+[CVE-2011-4576]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4576
+[CVE-2011-4108]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4108
+[CVE-2011-3210]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-3210
+[CVE-2011-3207]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-3207
+[CVE-2011-0014]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-0014
+[CVE-2010-5298]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-5298
+[CVE-2010-4252]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-4252
+[CVE-2010-4180]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-4180
+[CVE-2010-3864]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-3864
+[CVE-2010-2939]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-2939
+[CVE-2010-1633]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-1633
+[CVE-2010-0740]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-0740
+[CVE-2010-0433]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-0433
+[CVE-2009-3555]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-3555
+[CVE-2009-0789]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0789
+[CVE-2009-0591]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0591
+[CVE-2009-0590]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0590
+[CVE-2008-5077]: https://www.openssl.org/news/vulnerabilities.html#CVE-2008-5077
+[CVE-2006-4343]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-4343
+[CVE-2006-4339]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-4339
+[CVE-2006-3737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-3737
+[CVE-2006-2940]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-2940
+[CVE-2006-2937]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-2937
+[CVE-2005-2969]: https://www.openssl.org/news/vulnerabilities.html#CVE-2005-2969
projects / oweals / openssl.git / commitdiff