LibreSSL 2.6.4 Released (fixed)
21 December, 2017 by firstname.lastname@example.org | openbsd
We have released LibreSSL 2.6.4, the first stable maintenance release from the 2.6.x series. It contains the following changes from the 2.6.3 release: * Made tls_config_parse_protocols() work correctly when passed a NULL pointer for a protocol string. Issue found by semarie@, who also provided the diff. * Corrected TLS extensions handling when no extensions are present. If no TLS extensions are present in a client hello or server hello, omit the entire extensions block, rather than including it with a length of zero. Thanks to Eric Elena <eric at voguemerry dot com> for providing packet captures and testing the fix. * Fixed portable builds on older Android systems, and systems without IPV6_TCLASS support. The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.