Lines Matching +full:use +full:- +full:minimum +full:- +full:ecc
8 ----------------
10 - [OpenSSL 3.5](#openssl-35)
11 - [OpenSSL 3.4](#openssl-34)
12 - [OpenSSL 3.3](#openssl-33)
13 - [OpenSSL 3.2](#openssl-32)
14 - [OpenSSL 3.1](#openssl-31)
15 - [OpenSSL 3.0](#openssl-30)
16 - [OpenSSL 1.1.1](#openssl-111)
17 - [OpenSSL 1.1.0](#openssl-110)
18 - [OpenSSL 1.0.2](#openssl-102)
19 - [OpenSSL 1.0.1](#openssl-101)
20 - [OpenSSL 1.0.0](#openssl-100)
21 - [OpenSSL 0.9.x](#openssl-09x)
24 -----------
33 * Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap.
34 ([CVE-2025-9230])
36 * Fix Timing side-channel in SM2 algorithm on 64 bit ARM.
37 ([CVE-2025-9231])
39 * Fix Out-of-bounds read in HTTP client no_proxy handling.
40 ([CVE-2025-9232])
52 * Added FIPS 140-3 PCT on DH key generation.
74 * Fix x509 application adds trusted use instead of rejected use.
75 ([CVE-2025-4575])
86 changed from `des-ede3-cbc` to `aes-256-cbc`.
101 * Support for 3rd party QUIC stacks including 0-RTT support
103 * Support for PQC algorithms (ML-KEM, ML-DSA and SLH-DSA)
105 * A new configuration option `no-tls-deprecated-ec` to disable support for
108 * A new configuration option `enable-fips-jitter` to make the FIPS provider
109 to use the `JITTER` seed source
130 -----------
140 ([CVE-2024-12797])
142 * Fixed timing side-channel in ECDSA signature computation.
143 ([CVE-2024-13176])
156 * Redesigned use of OPENSSLDIR/ENGINESDIR/MODULESDIR on Windows such that
163 * SHAKE-128 and SHAKE-256 implementations have no default digest length
172 of the empty renegotiation SCSV, for all connections with a minimum TLS
177 functions which are Y2038-safe on platforms with Y2038-safe `time_t`
182 RSA-SHA2-256 including new API functions
185 provider required for future FIPS 140-3 validations
192 * New options `-not_before` and `-not_after` for explicit setting start and
195 * Support for integrity-only cipher suites TLS_SHA256_SHA256 and
204 * Possibility to customize ECC groups initialization to use precomputed values
205 to save CPU time and use of this feature by the P-256 implementation
208 -----------
217 * Fixed possible OOB memory access with invalid low-level GF(2^m) elliptic
219 ([CVE-2024-9143])
229 ([CVE-2024-6119])
232 ([CVE-2024-5535])
241 * Fixed potential use after free after SSL_free_buffers() is called
242 ([CVE-2024-4741])
246 ([CVE-2024-4603])
267 * New API `SSL_write_ex2`, which can be used to send an end-of-stream (FIN)
271 non-blocking manner.
276 * Added exporter for CMake on Unix and Windows, alongside the pkg-config
294 * Added `-set_issuer` and `-set_subject` options to `openssl x509` to
295 override the Issuer and Subject when creating a certificate. The `-subj`
296 option now is an alias for `-set_subject`.
301 server to prefer session resumption using PSK-only key exchange over PSK
308 X509_STORE_get0_objects API in multi-threaded applications.
315 * Applied AES-GCM unroll8 optimisation to Microsoft Azure Cobalt 100
317 * Optimized AES-CTR for ARM Neoverse V1 and V2
319 * Enable AES and SHA3 optimisations on Apple Silicon M3-based MacOS systems
322 * Various optimizations for cryptographic routines using RISC-V vector crypto
337 * The `-verify` option to the `openssl crl` and `openssl req` will make the
341 related functions have been augmented to check for a minimum length of
342 the input string, in accordance with ITU-T X.690 section 11.7 and 11.8.
344 * OPENSSL_sk_push() and sk_<TYPE>_push() functions now return 0 instead of -1
353 reaches its upper bound of BIO_TYPE_MASK and will now return -1 once its
360 [README file for QUIC][README-QUIC.md], which provides links to relevant
367 -----------
377 ([CVE-2024-2511])
387 ([CVE-2024-0727])
390 ([CVE-2023-6237])
394 ([CVE-2023-6129])
408 * Subject or issuer names in X.509 objects are now displayed as UTF-8 strings
421 * Support for AES-GCM-SIV, a nonce-misuse-resistant AEAD (RFC 8452)
428 * Support for SM4-XTS
440 * Support for provider-based pluggable signature algorithms
443 With a suitable provider this enables the use of post-quantum/quantum-safe
460 * Provider-based signature algorithms cannot be configured using the
474 ([CVE-2023-5678])
480 [README file for QUIC][README-QUIC.md], which provides links to relevant
487 -----------
492 ([CVE-2023-5363])
497 ([CVE-2023-4807])
501 * Fix excessive time spent checking DH q parameter value ([CVE-2023-3817])
502 * Fix DH_check() excessive time with over sized modulus ([CVE-2023-3446])
503 * Do not ignore empty associated data entries with AES-SIV ([CVE-2023-2975])
504 * When building with the `enable-fips` option and using the resulting
505 FIPS provider, TLS 1.2 will, by default, mandate the use of an
512 IDENTIFIER sub-identities. ([CVE-2023-2650])
513 * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms
514 ([CVE-2023-1255])
515 * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466])
517 ([CVE-2023-0465])
518 * Limited the number of nodes created in a policy tree ([CVE-2023-0464])
526 * FIPS 140-3 compliance changes.
529 -----------
533 * Fixed NULL dereference during PKCS7 data verification ([CVE-2023-0401])
534 * Fixed X.400 address type confusion in X.509 GeneralName ([CVE-2023-0286])
535 * Fixed NULL dereference validating DSA public key ([CVE-2023-0217])
536 * Fixed Invalid pointer dereference in d2i_PKCS7 functions ([CVE-2023-0216])
537 * Fixed Use-after-free following BIO_new_NDEF ([CVE-2023-0215])
538 * Fixed Double free after calling PEM_read_bio_ex ([CVE-2022-4450])
539 * Fixed Timing Oracle in RSA Decryption ([CVE-2022-4304])
540 * Fixed X.509 Name Constraints Read Buffer Overflow ([CVE-2022-4203])
541 * Fixed X.509 Policy Constraints Double Locking ([CVE-2022-3996])
548 ([CVE-2022-3786]) and ([CVE-2022-3602])
552 * Fix for custom ciphers to prevent accidental use of NULL encryption
553 ([CVE-2022-3358])
558 ([CVE-2022-2274])
559 * Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms
560 ([CVE-2022-2097])
566 ([CVE-2022-2068])
571 metacharacters to prevent command injection ([CVE-2022-1292])
573 certificate on an OCSP response ([CVE-2022-1343])
574 * Fixed a bug where the RC4-MD5 ciphersuite incorrectly used the
575 AAD data as the MAC key ([CVE-2022-1434])
577 occupied by the removed hash table entries ([CVE-2022-1473])
582 for non-prime moduli ([CVE-2022-0778])
587 ([CVE-2021-4044])
600 * Moved the EVP digests MD2, MD4, MDC2, WHIRLPOOL and RIPEMD-160 to the legacy
613 a non-default `OSSL_LIB_CTX`.
621 * enable-crypto-mdebug and enable-crypto-mdebug-backtrace were mostly
622 disabled; the project uses address sanitize/leak-detect instead.
629 connections via HTTP(s) proxies, connections and exchange via user-defined
631 * Added util/check-format.pl for checking adherence to the coding guidelines.
634 * Added OSSL_PARAM_BLD, an easier to use API to OSSL_PARAM.
642 * Add OPENSSL_info() and 'openssl info' to get built-in data.
654 * All of the low-level MD2, MD4, MD5, MDC2, RIPEMD160, SHA1, SHA224,
657 * All of the low-level AES, Blowfish, Camellia, CAST, DES, IDEA, RC2,
659 * All of the low-level DH, DSA, ECDH, ECDSA and RSA public key functions
667 -------------
671 * Fixed an SM2 Decryption Buffer Overflow ([CVE-2021-3711])
672 * Fixed various read buffer overruns processing ASN.1 strings ([CVE-2021-3712])
677 X509_V_FLAG_X509_STRICT flag ([CVE-2021-3450])
679 crafted renegotiation ClientHello message from a client ([CVE-2021-3449])
684 function ([CVE-2021-23841])
688 EVP_DecryptUpdate functions ([CVE-2021-23840])
693 * Fixed NULL pointer deref in GENERAL_NAME_cmp ([CVE-2020-1971])
705 * Fixed segmentation fault in SSL_check_chain() ([CVE-2020-1967])
714 used in exponentiation with 512-bit moduli ([CVE-2019-1551])
718 * Fixed a fork protection issue ([CVE-2019-1549])
720 ([CVE-2019-1563])
721 * For built-in EC curves, ensure an EC_GROUP built from the curve name is
723 * Compute ECC cofactors if not provided during EC_GROUP construction
724 ([CVE-2019-1547])
728 * Use Windows installation paths in the mingw builds ([CVE-2019-1552])
735 * Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543])
739 * Change the info callback signals for the start and end of a post-handshake
746 * Timing vulnerability in DSA signature generation ([CVE-2018-0734])
747 * Timing vulnerability in ECDSA signature generation ([CVE-2018-0735])
753 * Early data (0-RTT)
754 * Post-handshake authentication and key update
758 * RSA-PSS signature algorithms (backported to TLSv1.2)
768 * The default RAND method now utilizes an AES-CTR DRBG according to
769 NIST standard SP 800-90Ar1.
772 * The DRBG instances are fork-safe.
781 * Multi-prime RSA
787 * Significant Side-Channel attack security improvements
800 -------------
805 ([CVE-2019-1563])
806 * For built-in EC curves, ensure an EC_GROUP built from the curve name is
808 * Compute ECC cofactors if not provided during EC_GROUP construction
809 ([CVE-2019-1547])
810 * Use Windows installation paths in the mingw builds ([CVE-2019-1552])
814 * Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543])
818 * Timing vulnerability in DSA signature generation ([CVE-2018-0734])
819 * Timing vulnerability in ECDSA signature generation ([CVE-2018-0735])
823 * Client DoS due to large DH parameter ([CVE-2018-0732])
824 * Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737])
829 stack ([CVE-2018-0739])
830 * Incorrect CRYPTO_memcmp on HP-UX PA-RISC ([CVE-2018-0733])
831 * rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738])
835 * bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736])
836 * Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735])
840 * config now recognises 64-bit mingw and chooses mingw64 instead of mingw
844 * Encrypt-Then-Mac renegotiation crash ([CVE-2017-3733])
848 * Truncated packet could crash via OOB read ([CVE-2017-3731])
849 * Bad (EC)DHE parameters cause a client crash ([CVE-2017-3730])
850 * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732])
854 * ChaCha20/Poly1305 heap-buffer-overflow ([CVE-2016-7054])
855 * CMS Null dereference ([CVE-2016-7053])
856 * Montgomery multiplication may produce incorrect results ([CVE-2016-7055])
860 * Fix Use After Free for large message sizes ([CVE-2016-6309])
864 * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304])
865 * SSL_peek() hang on empty record ([CVE-2016-6305])
867 ([CVE-2016-6307])
869 ([CVE-2016-6308])
897 * EC revision: now operations use new EC_KEY_METHOD.
901 relative to the latest release via the "no-deprecated" Configure
902 argument, or via the "--api=1.1.0|1.0.0|0.9.8" option.
903 * Application software can be compiled with -DOPENSSL_API_COMPAT=version
906 * Change of Configure to use --prefix as the main installation
907 directory location rather than --openssldir. The latter becomes
920 -------------
925 ([CVE-2019-1563])
926 * For built-in EC curves, ensure an EC_GROUP built from the curve name is
928 * Compute ECC cofactors if not provided during EC_GROUP construction
929 ([CVE-2019-1547])
931 ([CVE-2019-1552])
939 * 0-byte record padding oracle ([CVE-2019-1559])
943 * Microarchitecture timing vulnerability in ECC scalar multiplication ([CVE-2018-5407])
944 * Timing vulnerability in DSA signature generation ([CVE-2018-0734])
948 * Client DoS due to large DH parameter ([CVE-2018-0732])
949 * Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737])
954 stack ([CVE-2018-0739])
958 * Read/write after SSL object in error state ([CVE-2017-3737])
959 * rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738])
963 * bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736])
964 * Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735])
968 * config now recognises 64-bit mingw and chooses mingw64 instead of mingw
972 * Truncated packet could crash via OOB read ([CVE-2017-3731])
973 * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732])
974 * Montgomery multiplication may produce incorrect results ([CVE-2016-7055])
978 * Missing CRL sanity check ([CVE-2016-7052])
982 * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304])
983 * SWEET32 Mitigation ([CVE-2016-2183])
984 * OOB write in MDC2_Update() ([CVE-2016-6303])
985 * Malformed SHA512 ticket DoS ([CVE-2016-6302])
986 * OOB write in BN_bn2dec() ([CVE-2016-2182])
987 * OOB read in TS_OBJ_print_bio() ([CVE-2016-2180])
988 * Pointer arithmetic undefined behaviour ([CVE-2016-2177])
989 * Constant time flag not preserved in DSA signing ([CVE-2016-2178])
990 * DTLS buffered message DoS ([CVE-2016-2179])
991 * DTLS replay protection DoS ([CVE-2016-2181])
992 * Certificate message OOB reads ([CVE-2016-6306])
996 * Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107])
997 * Fix EVP_EncodeUpdate overflow ([CVE-2016-2105])
998 * Fix EVP_EncryptUpdate overflow ([CVE-2016-2106])
999 * Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109])
1000 * EBCDIC overread ([CVE-2016-2176])
1005 * Only remove the SSLv2 methods with the no-ssl2-method option.
1011 ([CVE-2016-0800])
1012 * Fix a double-free in DSA code ([CVE-2016-0705])
1014 ([CVE-2016-0798])
1016 ([CVE-2016-0797])
1017 * Fix memory issues in BIO_*printf functions ([CVE-2016-0799])
1018 * Fix side channel attack on modular exponentiation ([CVE-2016-0702])
1022 * DH small subgroups ([CVE-2016-0701])
1023 * SSLv2 doesn't block disabled ciphers ([CVE-2015-3197])
1027 * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2015-3193])
1028 * Certificate verify crash with missing PSS parameter ([CVE-2015-3194])
1029 * X509_ATTRIBUTE memory leak ([CVE-2015-3195])
1036 * Alternate chains certificate forgery ([CVE-2015-1793])
1037 * Race condition handling PSK identify hint ([CVE-2015-3196])
1045 * Malformed ECParameters causes infinite loop ([CVE-2015-1788])
1046 * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789])
1047 * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790])
1048 * CMS verify infinite loop with unknown hash function ([CVE-2015-1792])
1049 * Race condition handling NewSessionTicket ([CVE-2015-1791])
1053 * OpenSSL 1.0.2 ClientHello sigalgs DoS fix ([CVE-2015-0291])
1054 * Multiblock corrupted pointer fix ([CVE-2015-0290])
1055 * Segmentation fault in DTLSv1_listen fix ([CVE-2015-0207])
1056 * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286])
1057 * Segmentation fault for invalid PSS parameters fix ([CVE-2015-0208])
1058 * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287])
1059 * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289])
1060 * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293])
1061 * Empty CKE with client auth and DHE fix ([CVE-2015-1787])
1062 * Handshake with unseeded PRNG fix ([CVE-2015-0285])
1063 * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209])
1064 * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288])
1076 * CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.
1079 -------------
1083 * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304])
1084 * SWEET32 Mitigation ([CVE-2016-2183])
1085 * OOB write in MDC2_Update() ([CVE-2016-6303])
1086 * Malformed SHA512 ticket DoS ([CVE-2016-6302])
1087 * OOB write in BN_bn2dec() ([CVE-2016-2182])
1088 * OOB read in TS_OBJ_print_bio() ([CVE-2016-2180])
1089 * Pointer arithmetic undefined behaviour ([CVE-2016-2177])
1090 * Constant time flag not preserved in DSA signing ([CVE-2016-2178])
1091 * DTLS buffered message DoS ([CVE-2016-2179])
1092 * DTLS replay protection DoS ([CVE-2016-2181])
1093 * Certificate message OOB reads ([CVE-2016-6306])
1097 * Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107])
1098 * Fix EVP_EncodeUpdate overflow ([CVE-2016-2105])
1099 * Fix EVP_EncryptUpdate overflow ([CVE-2016-2106])
1100 * Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109])
1101 * EBCDIC overread ([CVE-2016-2176])
1106 * Only remove the SSLv2 methods with the no-ssl2-method option.
1112 ([CVE-2016-0800])
1113 * Fix a double-free in DSA code ([CVE-2016-0705])
1115 ([CVE-2016-0798])
1117 ([CVE-2016-0797])
1118 * Fix memory issues in BIO_*printf functions ([CVE-2016-0799])
1119 * Fix side channel attack on modular exponentiation ([CVE-2016-0702])
1124 * SSLv2 doesn't block disabled ciphers ([CVE-2015-3197])
1128 * Certificate verify crash with missing PSS parameter ([CVE-2015-3194])
1129 * X509_ATTRIBUTE memory leak ([CVE-2015-3195])
1136 * Alternate chains certificate forgery ([CVE-2015-1793])
1137 * Race condition handling PSK identify hint ([CVE-2015-3196])
1145 * Malformed ECParameters causes infinite loop ([CVE-2015-1788])
1146 * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789])
1147 * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790])
1148 * CMS verify infinite loop with unknown hash function ([CVE-2015-1792])
1149 * Race condition handling NewSessionTicket ([CVE-2015-1791])
1153 * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286])
1154 * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287])
1155 * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289])
1156 * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293])
1157 * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209])
1158 * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288])
1167 * Fix for [CVE-2014-3571]
1168 * Fix for [CVE-2015-0206]
1169 * Fix for [CVE-2014-3569]
1170 * Fix for [CVE-2014-3572]
1171 * Fix for [CVE-2015-0204]
1172 * Fix for [CVE-2015-0205]
1173 * Fix for [CVE-2014-8275]
1174 * Fix for [CVE-2014-3570]
1178 * Fix for [CVE-2014-3513]
1179 * Fix for [CVE-2014-3567]
1180 * Mitigation for [CVE-2014-3566] (SSL protocol vulnerability)
1181 * Fix for [CVE-2014-3568]
1185 * Fix for [CVE-2014-3512]
1186 * Fix for [CVE-2014-3511]
1187 * Fix for [CVE-2014-3510]
1188 * Fix for [CVE-2014-3507]
1189 * Fix for [CVE-2014-3506]
1190 * Fix for [CVE-2014-3505]
1191 * Fix for [CVE-2014-3509]
1192 * Fix for [CVE-2014-5139]
1193 * Fix for [CVE-2014-3508]
1197 * Fix for [CVE-2014-0224]
1198 * Fix for [CVE-2014-0221]
1199 * Fix for [CVE-2014-0198]
1200 * Fix for [CVE-2014-0195]
1201 * Fix for [CVE-2014-3470]
1202 * Fix for [CVE-2010-5298]
1206 * Fix for [CVE-2014-0160]
1208 * Fix for [CVE-2014-0076]
1213 * Fix for TLS record tampering bug ([CVE-2013-4353])
1214 * Fix for TLS version checking bug ([CVE-2013-6449])
1215 * Fix for DTLS retransmission bug ([CVE-2013-6450])
1219 * Corrected fix for ([CVE-2013-0169])
1225 * Fix OCSP bad key DoS attack ([CVE-2013-0166])
1226 * Fix for SSL/TLS/DTLS CBC plaintext recovery attack ([CVE-2013-0169])
1227 * Fix for TLS AESNI record handling flaw ([CVE-2012-2686])
1231 * Fix TLS/DTLS record length checking bug ([CVE-2012-2333])
1232 * Don't attempt to use non-FIPS composite ciphers in FIPS mode.
1236 * Fix compilation error on non-x86 platforms.
1237 * Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
1242 * Fix for ASN1 overflow bug ([CVE-2012-2110])
1251 * RFC 5764 DTLS-SRTP negotiation.
1260 -------------
1264 * X509_ATTRIBUTE memory leak (([CVE-2015-3195]))
1265 * Race condition handling PSK identify hint ([CVE-2015-3196])
1269 * Malformed ECParameters causes infinite loop ([CVE-2015-1788])
1270 * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789])
1271 * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790])
1272 * CMS verify infinite loop with unknown hash function ([CVE-2015-1792])
1273 * Race condition handling NewSessionTicket ([CVE-2015-1791])
1277 * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286])
1278 * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287])
1279 * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289])
1280 * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293])
1281 * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209])
1282 * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288])
1291 * Fix for [CVE-2014-3571]
1292 * Fix for [CVE-2015-0206]
1293 * Fix for [CVE-2014-3569]
1294 * Fix for [CVE-2014-3572]
1295 * Fix for [CVE-2015-0204]
1296 * Fix for [CVE-2015-0205]
1297 * Fix for [CVE-2014-8275]
1298 * Fix for [CVE-2014-3570]
1302 * Fix for [CVE-2014-3513]
1303 * Fix for [CVE-2014-3567]
1304 * Mitigation for [CVE-2014-3566] (SSL protocol vulnerability)
1305 * Fix for [CVE-2014-3568]
1309 * Fix for [CVE-2014-3510]
1310 * Fix for [CVE-2014-3507]
1311 * Fix for [CVE-2014-3506]
1312 * Fix for [CVE-2014-3505]
1313 * Fix for [CVE-2014-3509]
1314 * Fix for [CVE-2014-3508]
1318 * EAP-FAST and other applications using tls_session_secret_cb
1319 won't resume sessions. Fixed in 1.0.0n-dev
1321 `<limits.h>` include. Fixed in 1.0.0n-dev
1325 * Fix for [CVE-2014-0224]
1326 * Fix for [CVE-2014-0221]
1327 * Fix for [CVE-2014-0198]
1328 * Fix for [CVE-2014-0195]
1329 * Fix for [CVE-2014-3470]
1330 * Fix for [CVE-2014-0076]
1331 * Fix for [CVE-2010-5298]
1335 * Fix for DTLS retransmission bug ([CVE-2013-6450])
1339 * Fix for SSL/TLS/DTLS CBC plaintext recovery attack ([CVE-2013-0169])
1340 * Fix OCSP bad key DoS attack ([CVE-2013-0166])
1344 * Fix DTLS record length checking bug ([CVE-2012-2333])
1348 * Fix for ASN1 overflow bug ([CVE-2012-2110])
1352 * Fix for CMS/PKCS#7 MMA ([CVE-2012-0884])
1353 * Corrected fix for ([CVE-2011-4619])
1358 * Fix for DTLS DoS issue ([CVE-2012-0050])
1362 * Fix for DTLS plaintext recovery attack ([CVE-2011-4108])
1363 * Clear block padding bytes of SSL 3.0 records ([CVE-2011-4576])
1364 * Only allow one SGC handshake restart for SSL/TLS ([CVE-2011-4619])
1365 * Check parameters are not NULL in GOST ENGINE ([CVE-2012-0027])
1366 * Check for malformed RFC3779 data ([CVE-2011-4577])
1370 * Fix for CRL vulnerability issue ([CVE-2011-3207])
1371 * Fix for ECDH crashes ([CVE-2011-3210])
1378 * Fix for security issue ([CVE-2011-0014])
1382 * Fix for security issue ([CVE-2010-4180])
1383 * Fix for ([CVE-2010-4252])
1386 * Corrected fix for security issue ([CVE-2010-3864]).
1390 * Fix for security issue ([CVE-2010-3864]).
1391 * Fix for ([CVE-2010-2939])
1396 * Fix for security issue ([CVE-2010-1633]).
1416 * Supported points format extension for ECC ciphersuites.
1417 * ecdsa-with-SHA224/256/384/512 signature types.
1418 * dsa-with-SHA224 and dsa-with-SHA256 signature types.
1423 -------------
1428 * Fix security issues [CVE-2010-0740] and [CVE-2010-0433].
1444 * Temporary work around for [CVE-2009-3555]: disable renegotiation.
1449 * Fix security issues [CVE-2009-0590], [CVE-2009-0591], [CVE-2009-0789]
1453 * Fix security issue ([CVE-2008-5077])
1454 * Merge FIPS 140-2 branch code.
1486 * Introduce limits to prevent malicious key DoS ([CVE-2006-2940])
1487 * Fix security issues [CVE-2006-2937], [CVE-2006-3737], [CVE-2006-4343]
1492 * Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339]
1499 * Updated ECC cipher suite support.
1507 * Fix potential SSL 2.0 rollback ([CVE-2005-2969])
1518 the use through EVP, X509 and ENGINE.
1519 * New ASN.1 mini-compiler that's usable through the OpenSSL
1531 * Changed the key-generation and primality testing "progress"
1541 * Added support for multi-valued AVAs in the OpenSSL
1545 * Make it possible to create self-signed certificates using
1546 'openssl ca -selfsign'.
1548 'openssl ca -create_serial'.
1557 * Changed the PKCS#7 library to support one-pass S/MIME
1561 'no-deprecated' argument to the config and Configure scripts.
1565 * New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512).
1568 * Major overhaul of RC4 performance on Intel P4, IA-64 and
1572 argument form 'enable-xxx'.
1574 SHA-1.
1577 * Added support for the RSA-PSS encryption scheme
1582 * Added alternate pkg-config files.
1591 * Introduce limits to prevent malicious key DoS ([CVE-2006-2940])
1592 * Fix security issues [CVE-2006-2937], [CVE-2006-3737], [CVE-2006-4343]
1596 * Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339]
1609 * Fix SSL 2.0 Rollback ([CVE-2005-2969])
1610 * Allow use of fixed-length exponent on DSA signing
1611 * Default fixed-window RSA, DSA, DH private-key operations
1638 * Security: Fix null-pointer assignment in do_change_cipher_spec()
1646 * New -ignore_err option to OCSP utility.
1652 * Security: counter the Klima-Pokorny-Rosa extension of
1656 * Support for new platforms: linux-ia64-ecc.
1668 * Configuration: the no-err option now works properly.
1684 * Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit,
1685 Linux x86_64, Linux 64-bit on Sparc v9
1689 * Support for pkg-config.
1700 * Change API to use more 'const' modifiers to improve error checking
1725 * Security: counter the Klima-Pokorny-Rosa extension of
1740 * Better handling of shared libraries in a mixed GNU/non-GNU environment.
1764 * Fix DH parameter generation for 'non-standard' generators.
1774 MIPS Linux; shared library support for Irix, HP-UX.
1777 [in 0.9.6c-engine release].
1789 * Bug fix to make PRNG thread-safe.
1800 * Security fix: check the result of RSA-CRT to reduce the
1819 * Add "-rand" option to openssl s_client and s_server.
1827 * New 'rsautl' application, low-level RSA utility.
1834 distribution. See the file README-Engine.md.
1839 * Shared library support for HPUX and Solaris-gcc
1873 via a per-thread stack
1889 * New pipe-like BIO that allows using the SSL library when actual I/O
1896 * Added "openssl ca -revoke" option for revoking a certificate
1897 * Source cleanups: const correctness, type-safe stacks and ASN.1 SETs
1912 * Support for Triple-DES CBCM cipher
1942 <!-- Links -->
1943 [CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
1944 [CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
1945 [CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
1946 [CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
1947 [CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
1948 [CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
1949 [CVE-2024-6119]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-6119
1950 [CVE-2024-5535]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-5535
1951 [CVE-2024-4741]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-4741
1952 [CVE-2024-4603]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-4603
1953 [CVE-2024-2511]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-2511
1954 [CVE-2024-0727]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-0727
1955 [CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
1956 [CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
1957 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
1958 [CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
1959 [CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807
1960 [CVE-2023-3817]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3817
1961 [CVE-2023-3446]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3446
1962 [CVE-2023-2975]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2975
1963 [CVE-2023-2650]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2650
1964 [CVE-2023-1255]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-1255
1965 [CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466
1966 [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465
1967 [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464
1968 [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401
1969 [CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286
1970 [CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217
1971 [CVE-2023-0216]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0216
1972 [CVE-2023-0215]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0215
1973 [CVE-2022-4450]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4450
1974 [CVE-2022-4304]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4304
1975 [CVE-2022-4203]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4203
1976 [CVE-2022-3996]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-3996
1977 [CVE-2022-2274]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274
1978 [CVE-2022-2097]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2097
1979 [CVE-2020-1971]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1971
1980 [CVE-2020-1967]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1967
1981 [CVE-2019-1563]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1563
1982 [CVE-2019-1559]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1559
1983 [CVE-2019-1552]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1552
1984 [CVE-2019-1551]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1551
1985 [CVE-2019-1549]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1549
1986 [CVE-2019-1547]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1547
1987 [CVE-2019-1543]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1543
1988 [CVE-2018-5407]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-5407
1989 [CVE-2018-0739]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0739
1990 [CVE-2018-0737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0737
1991 [CVE-2018-0735]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0735
1992 [CVE-2018-0734]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0734
1993 [CVE-2018-0733]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0733
1994 [CVE-2018-0732]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0732
1995 [CVE-2017-3738]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3738
1996 [CVE-2017-3737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3737
1997 [CVE-2017-3736]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3736
1998 [CVE-2017-3735]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3735
1999 [CVE-2017-3733]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3733
2000 [CVE-2017-3732]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3732
2001 [CVE-2017-3731]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3731
2002 [CVE-2017-3730]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3730
2003 [CVE-2016-7055]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7055
2004 [CVE-2016-7054]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7054
2005 [CVE-2016-7053]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7053
2006 [CVE-2016-7052]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7052
2007 [CVE-2016-6309]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6309
2008 [CVE-2016-6308]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6308
2009 [CVE-2016-6307]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6307
2010 [CVE-2016-6306]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6306
2011 [CVE-2016-6305]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6305
2012 [CVE-2016-6304]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6304
2013 [CVE-2016-6303]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6303
2014 [CVE-2016-6302]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6302
2015 [CVE-2016-2183]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2183
2016 [CVE-2016-2182]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2182
2017 [CVE-2016-2181]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2181
2018 [CVE-2016-2180]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2180
2019 [CVE-2016-2179]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2179
2020 [CVE-2016-2178]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2178
2021 [CVE-2016-2177]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2177
2022 [CVE-2016-2176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2176
2023 [CVE-2016-2109]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2109
2024 [CVE-2016-2107]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2107
2025 [CVE-2016-2106]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2106
2026 [CVE-2016-2105]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2105
2027 [CVE-2016-0800]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0800
2028 [CVE-2016-0799]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0799
2029 [CVE-2016-0798]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0798
2030 [CVE-2016-0797]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0797
2031 [CVE-2016-0705]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0705
2032 [CVE-2016-0702]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0702
2033 [CVE-2016-0701]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0701
2034 [CVE-2015-3197]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3197
2035 [CVE-2015-3196]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3196
2036 [CVE-2015-3195]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3195
2037 [CVE-2015-3194]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3194
2038 [CVE-2015-3193]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3193
2039 [CVE-2015-1793]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1793
2040 [CVE-2015-1792]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1792
2041 [CVE-2015-1791]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1791
2042 [CVE-2015-1790]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1790
2043 [CVE-2015-1789]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1789
2044 [CVE-2015-1788]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1788
2045 [CVE-2015-1787]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1787
2046 [CVE-2015-0293]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0293
2047 [CVE-2015-0291]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0291
2048 [CVE-2015-0290]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0290
2049 [CVE-2015-0289]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0289
2050 [CVE-2015-0288]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0288
2051 [CVE-2015-0287]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0287
2052 [CVE-2015-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0286
2053 [CVE-2015-0285]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0285
2054 [CVE-2015-0209]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0209
2055 [CVE-2015-0208]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0208
2056 [CVE-2015-0207]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0207
2057 [CVE-2015-0206]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0206
2058 [CVE-2015-0205]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0205
2059 [CVE-2015-0204]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0204
2060 [CVE-2014-8275]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-8275
2061 [CVE-2014-5139]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-5139
2062 [CVE-2014-3572]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3572
2063 [CVE-2014-3571]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3571
2064 [CVE-2014-3570]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3570
2065 [CVE-2014-3569]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3569
2066 [CVE-2014-3568]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3568
2067 [CVE-2014-3567]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3567
2068 [CVE-2014-3566]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3566
2069 [CVE-2014-3513]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3513
2070 [CVE-2014-3512]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3512
2071 [CVE-2014-3511]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3511
2072 [CVE-2014-3510]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3510
2073 [CVE-2014-3509]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3509
2074 [CVE-2014-3508]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3508
2075 [CVE-2014-3507]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3507
2076 [CVE-2014-3506]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3506
2077 [CVE-2014-3505]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3505
2078 [CVE-2014-3470]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3470
2079 [CVE-2014-0224]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0224
2080 [CVE-2014-0221]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0221
2081 [CVE-2014-0198]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0198
2082 [CVE-2014-0195]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0195
2083 [CVE-2014-0160]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0160
2084 [CVE-2014-0076]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0076
2085 [CVE-2013-6450]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-6450
2086 [CVE-2013-6449]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-6449
2087 [CVE-2013-4353]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-4353
2088 [CVE-2013-0169]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-0169
2089 [CVE-2013-0166]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-0166
2090 [CVE-2012-2686]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2686
2091 [CVE-2012-2333]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2333
2092 [CVE-2012-2110]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2110
2093 [CVE-2012-0884]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0884
2094 [CVE-2012-0050]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0050
2095 [CVE-2012-0027]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0027
2096 [CVE-2011-4619]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4619
2097 [CVE-2011-4577]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4577
2098 [CVE-2011-4576]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4576
2099 [CVE-2011-4108]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4108
2100 [CVE-2011-3210]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-3210
2101 [CVE-2011-3207]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-3207
2102 [CVE-2011-0014]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-0014
2103 [CVE-2010-5298]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-5298
2104 [CVE-2010-4252]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-4252
2105 [CVE-2010-4180]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-4180
2106 [CVE-2010-3864]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-3864
2107 [CVE-2010-2939]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-2939
2108 [CVE-2010-1633]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-1633
2109 [CVE-2010-0740]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-0740
2110 [CVE-2010-0433]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-0433
2111 [CVE-2009-3555]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-3555
2112 [CVE-2009-0789]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0789
2113 [CVE-2009-0591]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0591
2114 [CVE-2009-0590]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0590
2115 [CVE-2008-5077]: https://www.openssl.org/news/vulnerabilities.html#CVE-2008-5077
2116 [CVE-2006-4343]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-4343
2117 [CVE-2006-4339]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-4339
2118 [CVE-2006-3737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-3737
2119 [CVE-2006-2940]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-2940
2120 [CVE-2006-2937]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-2937
2121 [CVE-2005-2969]: https://www.openssl.org/news/vulnerabilities.html#CVE-2005-2969
2122 [OpenSSL Guide]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html
2124 [README-QUIC.md]: ./README-QUIC.md
2126 [CMVP]: https://csrc.nist.gov/projects/cryptographic-module-validation-program
2127 [ESV]: https://csrc.nist.gov/Projects/cryptographic-module-validation-program/entropy-validations
2128 [jitterentropy-library]: https://github.com/smuellerDD/jitterentropy-library