We have released LibreSSL 2.6.4, the first stable maintenance release from the
2.6.x series. It contains the following changes from the 2.6.3 release:
* Made tls_config_parse_protocols() work correctly when passed a NULL
pointer for a protocol string. Issue found by semarie@, who also
provided the diff.
* Corrected TLS extensions handling when no extensions are present.
If no TLS extensions are present in a client hello or server hello,
omit the entire extensions block, rather than including it with a
length of zero. Thanks to Eric Elena <eric at voguemerry dot com> for
providing packet captures and testing the fix.
* Fixed portable builds on older Android systems, and systems without
The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this