We have released LibreSSL 2.7.2, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. LibreSSL 2.7.2 is the first stable release from the 2.7 series, and is also included with OpenBSD 6.3.
It includes the following changes from 2.7.1 * Updated and added extensive new HISTORY sections to API manuals. * Added support for shared library builds with CMake on all supported platforms. Note that some of the CMake options have changed, consult the README for details. LibreSSL 2.7.2 also includes: * Added support for many OpenSSL 1.0.2 and 1.1 APIs, based on observations of real-world usage in applications. These are implemented in parallel with existing OpenSSL 1.0.1 APIs - visibility changes have not been made to existing structs, allowing code written for older OpenSSL APIs to continue working. * Extensive corrections, improvements, and additions to the API documentation, including new public APIs from OpenSSL that had no pre-existing documentation. * Added support for automatic library initialization in libcrypto, libssl, and libtls. Support for pthread_once or a compatible equivalent is now required of the target operating system. As a side-effect, minimum Windows support is Vista or higher. * Converted more packet handling methods to CBB, which improves resiliency when generating TLS messages. * Completed TLS extension handling rewrite, improving consistency of checks for malformed and duplicate extensions. * Rewrote ASN1_TYPE_{get,set}_octetstring() using templated ASN.1. This removes the last remaining use of the old M_ASN1_* macros (asn1_mac.h) from API that needs to continue to exist. * Added support for client-side session resumption in libtls. A libtls client can specify a session file descriptor (a regular file with appropriate ownership and permissions) and libtls will manage reading and writing of session data across TLS handshakes. * Improved support for strict alignment on ARMv7 architectures, conditionally enabling assembly in those cases. * Fixed a memory leak in libtls when reusing a tls_config. * Merged more DTLS support into the regular TLS code path, removing duplicated code. * Many improvements to Windows Cmake-based builds and tests, especially when targeting Visual Studio. The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.