OpenBSD Project Vagadziri kuburitswa kweinotakurika edition yepasuru , mukati umo forogo yeOpenSSL iri kugadzirwa, yakanangana nekupa mwero wepamusoro wekuchengetedza. Iyo LibreSSL purojekiti yakanangana nerutsigiro rwemhando yepamusoro yeSSL/TLS mapuroteni nekubvisa zvisina basa basa, kuwedzera mamwe maficha ekuchengetedza, uye zvakanyanya kuchenesa nekugadzirisa kodhi base. Iyo LibreSSL 3.2.0 kuburitswa inoonekwa seyekuyedza kuburitswa inovandudza maficha anozoverengerwa muOpenBSD 6.8.
Zvimiro zveLibreSSL 3.2.0:
- Server side inogoneswa ne default kuwedzera kune yakambotaurwa mutengi chikamu. Kuitwa kweTLS 1.3 kwakavakirwa pahwaro hwemuchina mutsva wehurumende uye subsystem yekushanda nemarekodhi. Iyo OpenSSL TLS 1.3 inoenderana API haisati yavepo, asi TLS 1.3 ine hukama sarudzo dzakawedzerwa kune openssl kuraira.
- Mune rekodhi yekugadzirisa subsystem, TLS 1.3 yekutarisa saizi yemunda yakagadziridzwa uye yambiro inoratidzwa kana miganhu ikapfuudzwa.
- Sevha yeTLS inova nechokwadi chekuti mazita evagamuchiri anoshanda chete muSNI anoenderana nezvinodiwa zveRFC 5890 uye RFC 6066 anogadziriswa.
- Kuitwa kweTLS 1.3 kwakawedzera tsigiro yeSSL_MODE_AUTO_RETRY modhi yekutumira otomatiki mameseji enhaurirano.
- Iyo TLS 1.3 server uye mutengi akawedzera rutsigiro rwekutumira zvikumbiro zvekutarisa zvitupa uchishandisa yekuwedzera (mhinduro yeOCSP yakasimbiswa nechiremera chechitupa inofambiswa nesevha inoshandira saiti kana ichitaurirana nezve TLS yekubatanidza).
- Kana I/O ikagoneswa nekusingaperi, SSL_MODE_AUTO_RETRY inobatidzwa, zvakafanana nezvinoburitswa zveOpenSSL.
- Yakawedzera regression bvunzo zvichienderana ne .
- Murairo we "openssl x509" unopa chiratidzo chezuva risiri iro rekupera kwechitupa.
- TLS 1.3 ine RSA inobvumira chete PSS masaini edhijitari.
Source: opennet.ru