[14] LibreSSL was initially developed as an intended replacement for OpenSSL in OpenBSD 5.6, and was ported to other platforms once a stripped-down version of the library was stable.

][41] This process may help later on to catch buffer overflow errors with more advanced memory analysis tools or by observing program crashes (via ASLR, use of the NX bit, stack canaries, etc.).

Fixes for potential double free scenarios have also been cited in the VCS commit logs (including explicit assignments of null pointer values).

[42] There have been extra sanity checks also cited in the commit logs related to ensuring length arguments, unsigned-to-signed variable assignments, pointer values, and method returns.

In order to maintain good programming practice, a number of compiler options and flags designed for safety have been enabled by default to help in spotting potential issues so they can be fixed earlier (-Wall, -Werror, -Wextra, -Wuninitialized).

Modification or removal of unneeded method wrappers and macros also help with code readability and auditing (Error and I/O abstraction library references).

The initial release of LibreSSL added a number of features: the ChaCha and Poly1305 algorithm, the Brainpool and ANSSI elliptic curves, and the AES-GCM and ChaCha20-Poly1305 AEAD modes.

The Dual EC DRBG algorithm, which is suspected of having a back door,[58] was cut along with support for the FIPS 140-2 standard that required[citation needed] it.