forked from Tongsuo-Project/Tongsuo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCHANGES.en
138 lines (70 loc) · 2.87 KB
/
CHANGES.en
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
BabaSSL CHANGES
_______________
This is a high-level summary of the most important changes.
For a full list of changes, see the git commit log.
Changes between 8.3.3 and 8.3.4 [xx XXX xxxx]
*) Alternative fix for CVE-2022-4304
*) Fix CVE-2024-5535
*) Fix CVE-2024-4741
*) Fix CVE-2024-2511
*) Fix CVE-2024-0727
*) Fix CVE-2023-4807
*) Fix CVE-2023-5678
*) Fix the compilation problem of SM4NI
Changes between 8.3.2 and 8.3.3 [28 Aug 2023]
*) Fix CVE-2023-3446
*) Fix CVE-2023-3817
*) Support for OpenHarmony OS version 3.2
*) Fix CVE-2022-2097
*) Fix unknown option --prefix on CFLAGS [daipingh]
*) Fix not checking OPENSSL_memdup return value issue
*) Change SSL_connection_is_ntls to use preread mode to determine whether it's NTLS
*) Fix CVE-2022-4304
*) Fix CVE-2023-0286
*) Fix CVE-2022-4450
*) Fix CVE-2023-0215
*) Support SM4-NI optimization
*) Fix CVE-2023-2650
Changes between 8.3.1 and 8.3.2 [12 Dec 2022]
*) Fix compilation error when using C90 compiler
*) Fix a bug in SSL_CTX_dup() function
*) Fix RSA signature issue in NTLS ServerKeyExchange message
*) Fix apps/x509 SM2 cert signing bug
*) Support new feature: add export symbol prefix
Changes between 8.3.0 and 8.3.1 [02 Apr 2022]
*) Fix a bug in EC-ElGamal
*) Fix bugs in SM2 implementation [0x9527-zhou]
*) Fix CVE-2022-0778
Changes between 8.2.0 and 8.3.0 [28 Feb 2022]
*) Fix CVE-2021-4160
*) Support wrap mode in `openssl enc` command
*) ASYNC: Fixes for nested job creation
*) Support TLS certificate compression (RFC 8879)
*) A bundle of upstream patches are backported [hustliyilin]
*) Support NTLS session ticket
*) Support integrity algorithm 128-EIA3
*) Support NTLS client authentication
*) Remove ARIA cipher
*) Support software random generator in compliance with Chinese SCA
*) Support PHE algorithm EC-Elgamal
*) Support RSA_SM4 cipher suites for NTLS
*) SM3 and SM4 hardware acceleration on aarch64
*) SM4 optimization for non-asm mode
Changes between 8.1.3 and 8.2.0 [19 May 2021]
*) Support NTLS(formal GM double cert) handshake processing, GB/T 38636-2020 TLCP
*) Support delegated credential
*) Update BoringSSL QUIC API
*) Fix CVE-2021-3449
*) Fix CVE-2021-23840 and CVE-2021-23841
Changes with 8.1.3 [15 Jan 2021]
*) Support more QUIC related APIs
*) Fix CVE-2020-1971
*) Fix CVE-2020-1967
*) Give a default sm2-id for sm2 sign process which not set sm-id
*) Support BoringSSL QUIC API
*) Fix up problems of CVE-2019-1551
*) Support TLS1.3-GM cipher suite, see https://datatracker.ietf.org/doc/html/rfc8998 for more information
*) Support global session cache, asynchronous session lookup
*) Support SM2 cert sign, SM2 speed testing for babassl/apps
*) Support dynamic cipher, make EVP api compatible with lua ffi
*) Fork from OpenSSL version 1.1.1d