deadsimple BSD Security Advisories and Announcements

LibreSSL 2.9.0 released

We have released LibreSSL 2.9.0, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon.

This is the first development release from the 2.9 series, which will
eventually be part of OpenBSD 6.5.  It includes the following changes:

 * CRYPTO_LOCK is now automatically initialized, with the legacy
   callbacks stubbed for compatibility.

 * Added the SM3 hash function from the Chinese standard GB/T 32905-2016.

 * Added more OPENSSL_NO_* macros for compatibility with OpenSSL.

 * Added extensive interoperability tests between LibreSSL and OpenSSL
   1.0 and 1.1.

 * Added additional wycheproof tests and related bug fixes.

 * Simplified sigalgs option processing and handshake signing algorithm

 * Added the ability to use the RSA PSS algorithm for handshake signatures.

 * Added bn_rand_interval() and use it in code needing ranges of random
   bn values.

 * Added functionality to derive early, handshake, and application
   secrets as per RFC8446.

 * Added handshake state machine from RFC8446.

 * Removed some ASN.1 related code from libcrypto that had not been used
   since around 2000.

 * Unexported internal symbols and internalized more record layer structs.

 * Added support for assembly optimizations on 32-bit ARM ELF targets.

 * Improved protection against timing side channels in ECDSA signature generation.

 * Coordinate blinding was added to some elliptic curves. This is the
   last bit of the work by Brumley et al. to protect against the
   Portsmash vulnerability.

 * Ensure transcript handshake is always freed with TLS 1.2.

 * Fixed warnings about clock_gettime on Windows Visual Studio builds.

 * Fixed CMake builds on systems where getpagesize is defined as an
   inline function.

The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this
release possible.