CyaSSL version 3.3.0 offers: • Secure countermeasures for Handshake message duplicates, CHANGE CIPHER without FINISHED, and fast forward attempts added to our source code.  Thanks to Karthikeyan Bhargavan from the Prosecco team at INRIA Paris-Rocquencourt for the report.  This is an important fix and all users should update! • Complete testing for FIPS 140-2 version submitted to NIST.  FIPS 140-2 source code now available. • Removes SSLv2 Client Hello processing for enhanced security, can be enabled with OLD_HELLO_ALLOWED • Protocol level control:  User can now control TLS protocol down-cycling to a minimum downgrade version with CyaSSL_SetMinVersion().  For example, you could reject handshakes at a protocol level less than TLS 1.1. • Small stack improvements at TLS/SSL layer, to benefit environments with limited available stack. • TLS Master Secret generation and Key Expansion are now exposed at the API level • Adds client side Secure Renegotiation, * not recommended, ever! * • Client side session ticket support.  This feature is not fully tested with Secure Renegotiation, so don’t use Secure Renegotiation. • Allows up to 4096-bit DHE at TLS Key Exchange layer • Handles non standard SessionID sizes in Hello Messages • PicoTCP Support added • TLS Sniffer now supports SNI Virtual Hosts • TLS Sniffer now handles non HTTPS protocols using STARTTLS • TLS Sniffer can now parse records with multiple messages • TI-RTOS updates or enhances support • Fix for ColdFire optimized fp_digit read only in explicit 32bit case • Added ADH Cipher Suite ADH-AES128-SHA for EAP-FASTStay up to date with what is happening with wolfSSL, you can follow our blog at http://www.wolfssl.com/yaSSL/Blog/Blog.htmlIf you have any questions please feel free to contact us anytime at facts@wolfssl.com or (425)245-8247.We look forward to hearing from you!Thank You!wolfSSL