LibreSSL 2.4.0/2.3.5/2.2.8 Released
1 June, 2016 by firstname.lastname@example.org | openbsd
We have released a first development snapshot of LibreSSL 2.4.0 along with two stable builds, 2.3.5 and 2.2.8. These should be arriving in the LibreSSL directory of your local OpenBSD mirror soon. The 2.3.5 and 2.2.8 releases contain a reliability fix, correcting an error when parsing certain ASN.1 elements over 16k in size. The 2.4.0 release contains the following additional changes: * Implemented the IETF ChaCha20-Poly1305 cipher suites. * Changed default EVP_aead_chacha20_poly1305() implementation to the IETF version, which is now the default. * Many improvements to the CMake build infrastructure, including Solaris, mingw-w64, Cygwin, and HP-UX support. Thanks to Kinichiro Inoguchi for this work. * Reworked error handling in libtls so that configuration errors are more visible. * Added missing error handling around bn_wexpand() calls. * Added explicit_bzero calls for freed ASN.1 objects. * Fixed X509_*set_object functions to return 0 on allocation failure. * Fixed password prompts from openssl(1) to properly handle ^C. * Deprecated internal use of EVP_[Cipher|Encrypt|Decrypt]_Final. The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.