Adding missed items to NEWS.md prior to release

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> (Merged from https://github.com/openssl/openssl/pull/27026)
2025-03-11 09:21:45 -04:00 · 2025-03-11 09:21:45 -04:00 · 2df40ea6ff
commit 2df40ea6ff
parent cad3520bf7
1 changed files with 15 additions and 4 deletions
--- a/NEWS.md
+++ b/NEWS.md
@ -28,18 +28,25 @@ OpenSSL 3.5
 OpenSSL 3.5.0 is a feature release adding significant new functionality to
 OpenSSL.

-This release is in development.
-
 This release incorporates the following potentially significant or incompatible
 changes:

  * Default encryption cipher for the `req`, `cms`, and `smime` applications
    changed from `des-ede3-cbc` to `aes-256-cbc`.

-  * Support for server side QUIC (RFC 9000)
+  * The TLS supported groups list has been changed in favor of PQC support.
+
+  * The default TLS keyshares have been changed to offer X25519MLKEM768 and
+    and X25519.

 This release adds the following new features:

+  * Support for server side QUIC (RFC 9000)
+
+  * Support for 3rd party QUIC stacks
+
+  * Support for PQC algorithms (ML-KEM, ML-DSA, SLH-DSA)
+
  * Allow the FIPS provider to optionally use the `JITTER` seed source.
    Because this seed source is not part of the OpenSSL FIPS validations,
    it should only be enabled after the [jitterentropy-library] has been
@ -50,10 +57,14 @@ This release adds the following new features:

  * Support for central key generation in CMP

+  * Support added for opaque symmetric key objects (EVP_SKEY).
+
+  * Support for multiple TLS keyshares.
+
 OpenSSL 3.4
 -----------

-### Major changes between OpenSSL 3.4.0 and OpenSSL 3.4.1 [under development]
+### Major changes between OpenSSL 3.4.0 and OpenSSL 3.4.1 [11 Feb 2025]

 OpenSSL 3.4.1 is a security patch release. The most severe CVE fixed in this
 release is High.