• Added support for Python 3.9 (#468).
• Fixed a crash when parsing OCSP responses (#471).
  • API-breaking change: the ocsp_response field in CertificateInfoScanResult is now an OCSPResponse instance from the cryptography.x509.ocsp module.
  • JSON-breaking change: Significantly improved the JSON output for certificates and OCSP responses, when using --certinfo.
• Fixed a false positive when testing for client-initiated renegotiation DoS attacks on some servers (#473).
  • API-breaking change: the accepts_client_renegotiation field in SessionRenegotiationScanResult was removed, and the more accurate is_vulnerable_to_client_renegotiation_dos field was added.
• The ability to detect the server’s “preferred” cipher suite was removed for being too unreliable, and will be replaced by full cipher suite order detection in a future release (#456).
  • API-breaking change: the cipher_suite_preferred_by_server in CipherSuitesScanResult was removed.
• Fixed a crash when scanning a server with an exotic/invalid TLS configuration (#466).
• Fixed support for older versions of macOS.
• Added support for the latest version of cryptography (#467).