deadsimple BSD Security Advisories and Announcements

LibreSSL 3.7.0 Released

We have released LibreSSL 3.7.0, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon. This is a
development release from the 3.7.x branch, which will eventually ship
with OpenBSD 7.3.

It includes the following changes:

  * Internal improvements
    - Remove dependency on system timegm() and gmtime() by replacing
      traditional Julian date conversion with POSIX epoch-seconds date
      conversion from BoringSSL.
    - Clean old and unused BN code dealing with primes.
    - Start rewriting name constraints code using CBS.
    - Remove support for the HMAC PRIVATE KEY.
    - Rework DSA signing and verifying internals.
    - First few passes on cleaning up the BN code.
    - Internal headers coming from OpenSSL are all called *_local.h now.
    - Rewrite TLSv1.2 key exporter.
    - Cleaned up and refactored various aspects of the legacy TLS stack.
  * Compatibility changes
    - BIO_read() and BIO_write() now behave more closely to OpenSSL 3 in
      various corner cases. More work is needed here.
  * Bug fixes
    - Add EVP_chacha20_poly1305() to the list of all ciphers.
    - Fix potential leaks of EVP_PKEY in various printing functions
    - Fix potential leak in OBJ_NAME_add().
    - Avoid signed overflow in i2c_ASN1_BIT_STRING().
    - Clean up EVP_PKEY_ASN1_METHOD related tables and code.
    - Fix long standing bugs BN_GF2m_poly2arr() and BN_GF2m_mod().
    - Fix segfaults in BN_{dec,hex}2bn().
    - Fix NULL dereference in x509_constraints_uri_host() reachable only
      in the process of generating certificates.
    - Fixed a variety of memory corruption issues in BIO chains coming
      from poor old and new API: BIO_push(), BIO_pop(), BIO_set_next().
    - Avoid potential divide by zero in BIO_dump_indent_cb()
  * Documentation improvements
    - Numerous improvements and additions for ASN.1, BIO, BN, and X.509.
    - The BN documentation is now considered to be complete.
  * Testing and Proactive Security
    - As always, new test coverage is added as bugs are fixed and
      subsystems are cleaned up.
    - Many old tests rewritten, cleaned up and extended.
  * New features
    - Added Ed25519 support both as a primitive and via OpenSSL's EVP
    - X25519 is now also supported via EVP.
    - The OpenSSL 1.1 raw public and private key API is available with
      support for EVP_PKEY_ED25519, EVP_PKEY_HMAC and EVP_PKEY_X25519.
      Poly1305 is not currently supported via this interface.

The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this
release possible.