BSDSec

deadsimple BSD Security Advisories and Announcements

LibreSSL 2.2.3 Released

We have released LibreSSL 2.2.3, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon.

This release is based on the stable OpenBSD 5.8 branch, fixing a bug
that affects interoperability with some SSL clients.

 * LibreSSL 2.2.2 incorrectly handles ClientHello messages that do not
   include TLS extensions, resulting in such handshakes being aborted.
   This release corrects the handling of such messages. Thanks to
   Ligushka from github for reporting the issue.

 * Added install target for cmake builds. Thanks to TheNietsnie from
   github.

 * Updated pkgconfig files to correctly report the release version
   number, not the individual library ABI version numbers. Thanks to
   Jan Engelhardt for reporting the issue.

The LibreSSL project continues improvement of the codebase to reflect
modern, safe programming practices. We welcome feedback and improvements
from the broader community. Thanks to all of the contributors who helped
make this release possible.