The new release improves development performance and prevents errors from occurring.
After 5 months of active development, a new version of the OpenSSL library 3.3.0 was released, including the implementation of SSL/TLS protocols and a wide range of encryption algorithms. The OpenSSL 3.3 support period will last until April 2026. At the same time, the previous versions of OpenSSL — 3.2, 3.1 and 3.0 LTS — will be supported until November 2025, March 2025 and September 2026, respectively. The project's source code is available under the Apache 2.0 license.
Major innovations in the OpenSSL 3.3.0 update open up new horizons in protecting Internet connections. The release introduces many changes aimed at improving performance and security.
New features for working with QUIC:
Added qlog support for tracking QUIC connections.
APIs have been developed for configuring downtime when using QUIC, as well as for determining whether additional threads can be created.
APIs have been introduced that disable implicit QUIC event handling and allow you to query the size and usage of the QUIC stream write buffer.
Introduced SSL_write_ex2 for optimized sending of a stream termination condition when using QUIC.
Algorithm and API improvements:
Optimizations and security:
Fixes and security:
The update brings significant improvements for developers and users, strengthening security and expanding the capabilities of modern Internet technologies. Users and developers interested in using the new features, especially QUIC, can find detailed information and usage examples in the relevant documentation and recommendations.
After 5 months of active development, a new version of the OpenSSL library 3.3.0 was released, including the implementation of SSL/TLS protocols and a wide range of encryption algorithms. The OpenSSL 3.3 support period will last until April 2026. At the same time, the previous versions of OpenSSL — 3.2, 3.1 and 3.0 LTS — will be supported until November 2025, March 2025 and September 2026, respectively. The project's source code is available under the Apache 2.0 license.
Major innovations in the OpenSSL 3.3.0 update open up new horizons in protecting Internet connections. The release introduces many changes aimed at improving performance and security.
New features for working with QUIC:
Added qlog support for tracking QUIC connections.
APIs have been developed for configuring downtime when using QUIC, as well as for determining whether additional threads can be created.
APIs have been introduced that disable implicit QUIC event handling and allow you to query the size and usage of the QUIC stream write buffer.
Introduced SSL_write_ex2 for optimized sending of a stream termination condition when using QUIC.
Algorithm and API improvements:
- Implemented support for BLAKE2s with configurable output length, similar to BLAKE2b.
- Added an API for secure time management on 32-bit systems after 2038 and new features for working with certificates, including the ability to create and modify them.
- Expanded the capabilities of the EVP_PKEY_fromdata function for displaying CRT parameters.
Optimizations and security:
- Applied AES-GCM optimization and improvements for ARM Neoverse, as well as activated optimizations for Apple Silicon M3.
- Added md5 assembler implementation for loongarch64 and RISC-V vector extensions for various cryptographic functions.
- New rules have been set for the configuration of providers and the behavior in response to HTTP requests has been changed to improve error tolerance.
Fixes and security:
- Fixed an issue with unlimited memory expansion when processing sessions in TLSv1.3, identified as CVE-2024-2511.
- Changes have been made to ASN1 time handling and new restrictions have been set on HTTP responses to prevent potential vulnerabilities.
The update brings significant improvements for developers and users, strengthening security and expanding the capabilities of modern Internet technologies. Users and developers interested in using the new features, especially QUIC, can find detailed information and usage examples in the relevant documentation and recommendations.
