LibreSSL 2.1.3 released
22 January, 2015 by busterb@gmail.com | openbsd
We have released LibreSSL 2.1.3, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. This release enhances security, OS and software compatibility, including: * Fixes for various memory leaks in DTLS, including those for CVE-2015-0206. * Application-Layer Protocol Negotiation (ALPN) support. * Simplfied and refactored SSL/DTLS handshake code. * SHA256 Camellia cipher suites for TLS 1.2 from RFC 5932. * Earlier libtls support for non-blocking sockets and randomized session ID contexts. Work is ongoing with this library - feedback and potential use-cases are welcome. * Support building Windows DLLs. Thanks to Jan Engelhard. * Packaged config wrapper for better compatibility with OpenSSL-based build systems. Thanks to @technion from github. * Ensure the stack is marked non-executable for assembly sections. Thanks to Anthony G. Bastile. * Extra compiler hardening flags are enabled by default where applicable. Thanks to Jim Barlow. * Initial HP-UX support. Thanks to Kinichiro Inoguchi. * Initial NetBSD support. Thanks to @gitisihara from github. The release hash file is now signed both with signify (SHA256.sig) and gpg (SHA256.asc) for convenience, and if you like, double verification. The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.