BSDSec

LibreSSL 2.1.2 released

9 December, 2014 by bcook@cvs.openbsd.org | openbsd

We have released LibreSSL 2.1.2, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon.

This release greatly improves performance, interoperability and portability,
while continuing to be easy to build and integrate into your software projects.

This release includes:

 * Two important cipher suites, GOST and Camellia, have been reworked or
   reenabled, providing better interoperability with systems around the world.

 * A preview version of the libtls library, a modern and simplified interface
   for secure client and server communications, is now packaged and can be
   built optionally for testing. Feedback welcome.

 * Initial support for Microsoft Windows 32-bit and 64-bit flavors
   has been added for mingw-w64 targets. This can be used to generate native
   libraries that are usable in other Windows development environments as
   well.

 * Assembly acceleration of various algorithms for ELF (Linux, BSD, Solaris)
   and OS X systems are enabled for x86_64 CPUs. More optimizations may be
   enabled in later releases. These optimizations are disabled with the
   --disable-asm configure flag.

 * The arc4random_buf(3) calls on FreeBSD and OS X are now replaced with
   the OpenBSD versions. This fixes current problems with seeding and fork
   safety until these OS's built-in implementations can be improved.
   See these code commits for details:

    https://github.com/libressl-portable/portable/commit/8abf8e1e1577f51deb5c3bc01f076205f1bfb268
    https://github.com/libressl-portable/portable/commit/0aeb93b9fc9ecf0f9c2e98444545de485168823d

The LibreSSL project also continues improvement of the codebase to reflect
modern, safe programming practices.

We welcome feedback and improvements from the broader community.
Thanks to all of the contributors who helped make this release possible.