| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- fixed build with openssl 1.1.
- grabbed some fixes from FreeBSD.
- now uses the new GITHUB_SUBMODULES - thx ryoon!
|
|
appears to be closed source now, patches for modern openssl support
are not available.
|
|
development of this module appears to have been inactive upstream for
years so there's no support for modern openssl available.
the other packaging systems with a package for this are macports and
opensuse, neither of which have patches.
|
|
- fixes build with openssl 1.1
- add support for mbedtls as an option
- avoids regenerating autoconf bits
2020-11-17 - Version 1.27
* core: handle PIN expiration after C_Login as C_Login may take a while
* core: return explict success when plugin&play and no threading and no
safefork, thanks to Tunnelblick
2020-01-21 - Version 1.26
* openssl: build with openssl ec disabled
* openssl: support RSA_NO_PADDING padding, thanks to Selva Nair
* core: reduce mutex lock scope of add/remove provider, thanks to Frank Morgner
* core: improve the fork fixup sequence
2018-08-16 - Version 1.25.1
* core: build with threading disabled
2018-08-04 - Version 1.25
* core: do not attempt to initialize provider with fork mode is not safe. Too
many providers do not follow the PKCS#11 spec.
2018-06-15 - Version 1.24
* build: support libressl-2.7
2018-06-02 - Version 1.23
* build: cleanups.
* openssl: rework support 1.1.
2017-02-12 - Version 1.22
* spec: minor cleanups.
2017-01-06 - Version 1.21
* mbedtls: fix missing logic if issur certificate, thanks to Steffan Karger
2016-12-08 - Version 1.20
* polarssl: support polarssl-1.3, thanks to Steffan Karger.
* certificate: ignore certificate object without CKA_ID.
* openssl: fix memory leak, thanks to ASPj.
* openssl: support 1.1 and libressl, thanks to Daiki Ueno.
2013-10-11 - Version 1.11
* openssl: support generic pkey.
* openssl: add dsa support.
* openssl: add ecdsa support, thanks for Sanaullah for testing.
|
|
this was merged into security/libp11
|
|
- fixed installation location of openssl engine
- avoid regenerating autoconf bits
New in 0.4.11; 2020-10-11; Michał Trojnara
* Fixed "EVP_PKEY_derive:buffer too small" EC errors (Luka Logar)
* Fixed various memory leaks (Mateusz Kwiatkowski)
* Fixed Windows VERSIONINFO (Pavol Misik)
* Fixed builds with OpenSSL older than 1.0.2 (Michał Trojnara)
* Fixed a double free in EVP_PKEY_meth_free() (Mikhail Durnev)
* Added CKA_VALUE_LEN to EC key derivation template (Michał Trojnara)
* Fixed handling keys without label attribute (efternavn)
* Updated the tests (Anderson Toshiyuki Sasaki)
* Made ECDH-derived keys extractable (Bent Bisballe Nyeng)
* Added support for pin-source within PKCS#11 URI (Stanislav Levin)
* Improved LibreSSL compatibility (patchMonkey156)
* Fixed handling RSA private keys in BIND (Stanislav Levin)
* Added macOS testing support (Stanislav Levin)
* Fixed engine object search algorithm (Anderson Toshiyuki Sasaki)
|
|
unmaintained upstream, no support for current openssl
only other package is freebsd ports, where it's marked BROKEN
|
|
|
|
|
|
10 months worth of updates.
|
|
0.4.4
Bug Fixes
add redirect_uri_trailing slash param to run_local_server
|
|
Noteworthy changes in version 2.5.5 (2021-03-22)
------------------------------------------------
* Allows starting servers with Unicode names on Windows.
* Fix a crash in the logging code.
* Upgrade autoconf stuff.
|
|
|
|
Noteworthy changes in version 1.42 (2021-03-22)
* Allow Unicode file names under Windows for the gettext domain.
* Improve cross-compiling support.
* Improve $libdir determination by gpgrt-config.
* Support --disable-thread by gen-lock-obj.sh.
|
|
v 11.2.4
============================================================
x CSS resources prefetching as a mitigation against CSS PP0
(https://github.com/Yossioren/pp0)
x [L10n] Updated br, de, el, es, fr, he, is, nl, pl, pt_BR,
ru, sq, tr, zh_CN
x [nscl] Inteception of webgl context creation in
OffscreenCanvas too
x Fixed configuration upgrades not applied on manual updates
(thanks Nan for reporting)
x Mitigation for misbehaving pages repeating failed requests
in a tight loop
x [UI] More understandable label for the cascading
restrictions option
x [nscl] More refactoring out in NoScript Commons Library
x [nscl] patchWindow improvements
v 11.2.4rc5
============================================================
x [nscl] Inteception of webgl context creation in
OffscreenCanvas too
x Fixed regression: Site Info broken by NSCL refactoring
v 11.2.4rc4
============================================================
x [nscl] Fixed unmerged NetCSP "extra" headers always
undefined
x HTML event atoms reorder in Mozilla sources
v 11.2.4rc3
============================================================
x Avoid stack trace generation for debugging purposes on
release builds
x More selective CSS PP0 protection, excluded on the Tor
Browser where it's unneeded and easier to test/debug on
dev builds
x Make isTorBrowser information available in child policy
x Prevent console noise on startup with privileged tabs
x [nscl] More refactoring out in NoScript Commons Library
v 11.2.4rc2
============================================================
x [nscl] Switch to NSCL for messaging
x [nscl] Rollback unneded window.opener patching (thanks
skriptimaahinen for insight)
x CSS PP0 mitigation: cross-site stylesheets on scriptless
pages, one resource per host
x Limit CSS PP0 mitigation to scriptless pages and prefetch
only cross-site resources
v 11.2.4rc1
============================================================
x CSS resources prefetching as a mitigation against CSS PP0
(https://github.com/Yossioren/pp0)
x [L10n] Updated br, de, el, es, fr, he, is, nl, pl, pt_BR,
ru, sq, tr, zh_CN
x Fixed configuration upgrades not applied on manual updates
(thanks Nan for reporting)
x Mitigation for misbehaving pages repeating failed requests
in a tight loop
x [UI] More understandable label for the cascading
restrictions option
x [nscl] patchWindow improvements
x [nscl] Switch to NSCL's generic inclusion shell script
v 11.2.3
============================================================
x [L10n] Purged non-inclusive terms from obsolete messages
x Added red halo feedback in CUSTOM preset for noscript
element capability
x Fixed missing red halo feedback in CUSTOM preset for
inline scripts and other capabilities sometimes
x Fixed race condition causing noscript elements not to be
rendered sometimes
v 11.2.2
============================================================
x Fixed typo in version checked on noscript capability update.
x [L10n] Updated bn, br, ca, da, de, el, es, fr, he, is, it,
ja, lt, mk, ms, nb, nl, pt_BR, ru, sq, sv_SE, tr, zh_CN,
zh_TW.
v 11.2.1
============================================================
x Configurable capability to show noscript elements on
script-disabled pages
x [UI] Minor CSS Chromium compatibility fix
x [nscl] Refactoring to use Policy and its dependencies from
the NoScript Commons Library
x Switch to faster and easier to maintain tld.js from nscl
x [UI] Fix punycode inconsistencies
x [UI] Improve preset and site controls alignment
x Provide feedback in the CUSTOM tab for WebGL usage
attempts even if the canvas element is not attached to the
DOM
x [L10n] Updated de, ja
x Updated HTML events
x Prevent double script on trusted file:// pages in some
edge cases
x Prevent detection of wrapped functions (e.g. in WebGL
interception) on Chromium
v 11.2.1rc4
============================================================
x [UI] Minor CSS Chromium compatibility fix
x Configurable capability to show noscript elements on
script-disabled pages
x [L10n] Updated de
v 11.2.1rc3
============================================================
x [nscl] Improved integration of the NoScript Commons
Library
x Moved nscl submodule into src
x [nscl] Update (restructured tree)
x Removed nscl cache directory from src
x [nscl] Refactoring to use Policy and its dependencies from
the NoScript Commons Library
v 11.2.1rc2
============================================================
x Remove ||= operator which makes AMO's validator explode
x Switch to faster and easier to maintain tld.js from nscl
x [nscl] Updated with TLD_CACHE removal after usage
x [nscl] Updated NoScript Common Library inclusions
x Added the NoScript Commons Library (nscl) as a submodule
x [UI] Fix punycode inconsistencies
x [UI] improve preset and site controls alignment
x Updated TLDs
x Provide feedback in the CUSTOM tab for WebGL usage
attempts even if the canvas element is not attached to the
DOM
x [L10n] Updated de, ja
x Updated HTML events
v 11.2.1rc1
============================================================
x Prevent double script on trusted file:// pages in some
edge cases
x Updated events archive
x Prevent detection of wrapped functions (e.g. in WebGL
interception) on Chromium
x Updated TLDs
x Merge German language update
v 11.2
============================================================
x [XSS] New UI to reveal and selectively remove permanent
user choices
x [L10n] Updated de
x Webgl hook refactored on nscl/content/patchWindow.js and
made Chromium-compatibile
x Updated TLDs
v 11.2rc3
============================================================
x [XSS] Fixed choice manager UI bug (thanks barbaz for
report)
v 11.2rc2
============================================================
x Updated TLDs
x [XSS] New UI to reveal and selectively remove permanent
user choices
v 11.2rc1
============================================================
x [L10n] Updated de
x Webgl hook refactored on nscl/content/patchWindow.js and
made Chromium-compatibile
x Updated TLDs
v 11.1.9
============================================================
x Return null when webgl is not allowed (thanks Matthew
Finkel for patch)
x [XSS] Fixed memoization bug resulting in performance
degradation on some payloads
x [XSS] Include call stack in debugging log output
x [XSS] Skip naps when InjectionChecker runs in its own
worker
x Shortcut for easier XSS filter testing
x More lenient filter to add a new entry to per-site
permissions
x [L10n] Updated de
x Replace script-embedded bitmap with css-embedded SVG as
the placeholder logo
x Updated TLDs
x Remove source map reference causing console noise
x Fix per-site permissions UI glitches when base domain is
added to existing subdomain (thanks barbaz for reporting)
v 11.1.9rc5
============================================================
x Return null when webgl is not allowed (thanks Matthew
Finkel for patch)
v 11.1.9rc4
============================================================
x Updated TLDs
x [XSS] Fixed memoization bug resulting in performance
degradation on some payloads
x [XSS] Include call stack in debugging log output
x [XSS] Skip naps when InjectionChecker runs in its own
worker
x Shortcut for easier XSS filter testing
v 11.1.9rc3
============================================================
x More lenient filter to add a new entry to per-site
permissions
v 11.1.9rc2
============================================================
x [L10n] Updated de
x Better fix for per-site permissions UI glitches (thanks
barbaz for reporting)
v 11.1.9rc1
============================================================
x Replace script-embedded bitmap with css-embedded SVG as
the placeholder logo
x Updated TLDs
x Remove source map reference causing console noise
x Fix per-site permissions UI glitches when base domain is
added to existing subdomain (thanks barbaz for reporting)
v 11.1.8
============================================================
x [XSS] Fix for old pre-screening optimization exploitable
to bypass the filter in recent browsers - thanks Tsubasa
FUJII (@reinforchu) for reporting
x Replace DOM-based entity decoding with the he.js pure JS
library
x Updated copyright statement
x Updated browser-polyfill.js
x Removed obsolete fastclick.js dependency
x [l10n] Updated de (thanks ib and Musonius)
x Updated TLDs
|
|
10.0.15:
Bug 40030: Add 'noscript' capability to NoScript
10.0.14:
Update Firefox to 78.9.0esr
Bug 40031: Remove survey banner on TB-stable
10.0.13:
Linux:
Bug 40328: Fix instability after upgrading to glibc 2.33
|
|
10 months of patches/updates.
|
|
|
|
|
|
Approved by @wiz during freeze.
Changes between 1.1.1j and 1.1.1k [25 Mar 2021]
*) Fixed a problem with verifying a certificate chain when using the
X509_V_FLAG_X509_STRICT flag. This flag enables additional security checks
of the certificates present in a certificate chain. It is not set by
default.
Starting from OpenSSL version 1.1.1h a check to disallow certificates in
the chain that have explicitly encoded elliptic curve parameters was added
as an additional strict check.
An error in the implementation of this check meant that the result of a
previous check to confirm that certificates in the chain are valid CA
certificates was overwritten. This effectively bypasses the check
that non-CA certificates must not be able to issue other certificates.
If a "purpose" has been configured then there is a subsequent opportunity
for checks that the certificate is a valid CA. All of the named "purpose"
values implemented in libcrypto perform this check. Therefore, where
a purpose is set the certificate chain will still be rejected even when the
strict flag has been used. A purpose is set by default in libssl client and
server certificate verification routines, but it can be overridden or
removed by an application.
In order to be affected, an application must explicitly set the
X509_V_FLAG_X509_STRICT verification flag and either not set a purpose
for the certificate verification or, in the case of TLS client or server
applications, override the default purpose.
(CVE-2021-3450)
[Tomáš Mráz]
*) Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously
crafted renegotiation ClientHello message from a client. If a TLSv1.2
renegotiation ClientHello omits the signature_algorithms extension (where
it was present in the initial ClientHello), but includes a
signature_algorithms_cert extension then a NULL pointer dereference will
result, leading to a crash and a denial of service attack.
A server is only vulnerable if it has TLSv1.2 and renegotiation enabled
(which is the default configuration). OpenSSL TLS clients are not impacted
by this issue.
(CVE-2021-3449)
[Peter Kästle and Samuel Sapalski]
|
|
NEWS for the Nettle 3.7.2 release
This is a bugfix release, fixing a bug in ECDSA signature
verification that could lead to a denial of service attack
(via an assertion failure) or possibly incorrect results. It
also fixes a few related problems where scalars are required
to be canonically reduced modulo the ECC group order, but in
fact may be slightly larger.
Upgrading to the new version is strongly recommended.
Even when no assert is triggered in ecdsa_verify, ECC point
multiplication may get invalid intermediate values as input,
and produce incorrect results. It's trivial to construct
alleged signatures that result in invalid intermediate values.
It appears difficult to construct an alleged signature that
makes the function misbehave in such a way that an invalid
signature is accepted as valid, but such attacks can't be
ruled out without further analysis.
Thanks to Guido Vranken for setting up the fuzzer tests that
uncovered this problem.
The new version is intended to be fully source and binary
compatible with Nettle-3.6. The shared library names are
libnettle.so.8.3 and libhogweed.so.6.3, with sonames
libnettle.so.8 and libhogweed.so.6.
Bug fixes:
* Fixed bug in ecdsa_verify, and added a corresponding test
case.
* Similar fixes to ecc_gostdsa_verify and gostdsa_vko.
* Similar fixes to eddsa signatures. The problem is less severe
for these curves, because (i) the potentially out or range
value is derived from output of a hash function, making it
harder for the attacker to to hit the narrow range of
problematic values, and (ii) the ecc operations are
inherently more robust, and my current understanding is that
unless the corresponding assert is hit, the verify
operation should complete with a correct result.
* Fix to ecdsa_sign, which with a very low probability could
return out of range signature values, which would be
rejected immediately by a verifier.
|
|
No release note is available. Please refer commit log
<https://github.com/rapid7/metasploit-payloads/compare/v2.0.38...v2.0.39>
in details.
|
|
1.6.5 (2021-03-16 13:30 UTC)
Changelog:
* Add getCreationDateTime() and getExpirationDateTime() methods to
Crypt_GPG_SubKey class.
|
|
1.28.0 (2021-03-16)
Features
allow the AWS_DEFAULT_REGION environment variable
expose library version at google.auth.__version
Bug Fixes
fix unit tests so they can work in g3
|
|
|
|
Version 1.2.0.11
- Fix deprecation warning from collections module
|
|
|
|
Major changes between version 1.9.6p1 and 1.9.6:
Fixed a regression introduced in sudo 1.9.6 that resulted in an error message instead of a usage message when sudo is run with no arguments.
Major changes between version 1.9.6 and 1.9.5p2:
Fixed a sudo_sendlog compilation problem with the AIX xlC compiler.
Fixed a regression introduced in sudo 1.9.4 where the --disable-root-mailer configure option had no effect.
Added a --disable-leaks configure option that avoids some memory leaks on exit that would otherwise occur. This is intended to be used with development tools that measure memory leaks. It is not safe to use in production at this time.
Plugged some memory leaks identified by oss-fuzz and ASAN.
Fixed the handling of sudoOptions for an LDAP sudoRole that contains multiple sudoCommands. Previously, some of the options would only be applied to the first sudoCommand.
Fixed a potential out of bounds read in the parsing of NOTBEFORE and NOTAFTER sudoers command options (and their LDAP equivalents).
The parser used for reading I/O log JSON files is now more resilient when processing invalid JSON.
Fixed typos that prevented make uninstall from working.
Fixed a regression introduced in sudo 1.9.4 where the last line in a sudoers file might not have a terminating NUL character added if no newline was present.
Integrated oss-fuzz and LLVM's libFuzzer with sudo. The new --enable-fuzzer configure option can be combined with the --enable-sanitizer option to build sudo with fuzzing support. Multiple fuzz targets are available for fuzzing different parts of sudo. Fuzzers are built and tested via make fuzz or as part of make check (even when sudo is not built with fuzzing support). Fuzzing support currently requires the LLVM clang compiler (not gcc).
Fixed the --enable-static-sudoers configure option.
Fixed a potential out of bounds read sudo when is run by a user with more groups than the value of max_groups in sudo.conf.
Added an admin_flag sudoers option to make the use of the ~/.sudo_as_admin_successful file configurable on systems where sudo is build with the --enable-admin-flag configure option. This mostly affects Ubuntu and its derivatives.
The max_groups setting in sudo.conf is now limited to 1024. This setting is obsolete and should no longer be needed.
Fixed a bug in the tilde expansion of CHROOT=dir and CWD=dir sudoers command options. A path ~/foo was expanded to /home/userfoo instead of /home/user/foo. This also affects the runchroot and runcwd Defaults settings.
Fixed a bug on systems without a native getdelim(3) function where very long lines could cause parsing of the sudoers file to end prematurely.
Fixed a potential integer overflow when converting the timestamp_timeout and passwd_timeout sudoers settings to a timespec struct.
The default for the group_source setting in sudo.conf is now dynamic on macOS. Recent versions of macOS do not reliably return all of a user's non-local groups via getgroups(2), even when _DARWIN_UNLIMITED_GETGROUPS is defined.
Fixed a potential use-after-free in the PAM conversation function.
Fixed potential redefinition of sys/stat.h macros in sudo_compat.h.
|
|
1.8.0:
* Removed external mock dependency.
* Removed dependency on six.
* Deprecated the module josepy.magic_typing.
* Fix JWS/JWK generation with EC keys when keys or signatures have leading zeros.
|
|
to match gpgme.
|
|
Changes:
3.11.9
------
- Updated the snapcraft build process
- Updated installation documentation to resolve #517
- Removed the 386 platform support
- Enumeration storage has better recovery for errors
- Adding support for the Apple Silicon and fixed #590
- Added some Close and Stop calls to address #508
|
|
* Version 3.7.1 (released 2021-03-10)
** libgnutls: Fixed potential use-after-free in sending "key_share"
and "pre_shared_key" extensions. When sending those extensions, the
client may dereference a pointer no longer valid after
realloc. This happens only when the client sends a large Client
Hello message, e.g., when HRR is sent in a resumed session
previously negotiated large FFDHE parameters, because the initial
allocation of the buffer is large enough without having to call
realloc (#1151). [GNUTLS-SA-2021-03-10, CVSS: low]
** libgnutls: Fixed a regression in handling duplicated certs in a
chain (#1131).
** libgnutls: Fixed sending of session ID in TLS 1.3 middlebox
compatibiltiy mode. In that mode the client shall always send a
non-zero session ID to make the handshake resemble the TLS 1.2
resumption; this was not true in the previous versions (#1074).
** libgnutls: W32 performance improvement with a new sendmsg()-like
transport implementation (!1377).
** libgnutls: Removed dependency on the external 'fipscheck' package,
when compiled with --enable-fips140-mode (#1101).
** libgnutls: Added padlock acceleration for AES-192-CBC (#1004).
|
|
- Build scripts now depend on the sourceforce git repository directly.
Changes since v1.0.0:
October 10, 2020:
A paper by Konstantinos Chalkias, François Garillot, and Valeria
Nikolaenko, to be found at:
https://eprint.iacr.org/2020/1244.pdf
discusses malleability in EdDSA implementations. Their test
vectors reveal unintentional malleability in libdecaf's version
of EdDSA verify, in violation of RFC 8032. With this malleability,
an attacker could modify an existing valid signature to create a
new signature that is still valid, but only for the same message.
Releave v1.0.1, correcting this flaw.
Additional changes generated from git commit logs:
- (tag: v1.0.1) Fix bug in ristretto elligator: it should be able to take improper field elements as input
- Fix malleability bug from https://eprint.iacr.org/2020/1244.pdf and add test vectors
- Optimize s^2 -> s2
- Dont double generator for Ed448RistrettoPoint
- Update ristretto.sage for python3. Also add Ed448RistrettoPoint for reference
- Add safer version of EdDSA signing API
- Fix issues when compiling on GCC 9.1
- Also remove X_SER_BYTES while were at it
- Remove gf_hibit, since it was a relic from p521 days
- Adds errno.eexist, remove hardcoded error value
- Tweak generated code message
- Fix flaky Python generator
- Add full RFC 8032 test vectors
- Change test scripts to avoid GCC warnings
- Minor changes. Bump version number in CMakeLists.txt
|
|
(hopefully) fix bulk builds
|
|
No release note is available. Please refer commit log
<https://github.com/rapid7/metasploit-payloads/compare/v2.0.37...v2.0.38>
in details.
|
|
Quote from commit log:
0.1.25 (2020-11-30)
* Allows bundle with latest bundler
* Updates authors to reflect current maintainers
* Update travis to test with 2.7.2
0.1.26 (2021-03-10)
* Ruby 3 - update rex-socket
* migrate to Addrinfo.getaddrinfo, and deprecate gethostname
|
|
-Fixing some minor issues with man pages
|
|
|
|
|
|
- build: Add OpenSSL includes to libcompat HEAD master
Some compat sources (getentropy_linux.c for example) require OpenSSL.
|
|
upstream changes:
-----------------
* Security bugfixes
o The "redirect" option was fixed to properly handle unauthenticated
requests (thx to Martin Stein).
o Fixed a double free with OpenSSL older than 1.1.0 (thx to Petr
Strukov).
o OpenSSL DLLs updated to version 1.1.1j.
* New features
o New 'protocolHeader' service-level option to insert custom 'connect'
protocol negotiation headers. This feature can be used to impersonate
other software (e.g. web browsers).
o 'protocolHost' can also be used to control the client SMTP protocol
negotiation HELO/EHLO value.
o Initial FIPS 3.0 support.
* Bugfixes
o X.509v3 extensions required by modern versions of OpenSSL are added to
generated self-signed test certificates.
o Fixed a tiny memory leak in configuration file reload error handling
(thx to Richard Könning).
o Merged Debian 05-typos.patch (thx to Peter Pentchev).
o Merged with minor changes Debian 06-hup-separate.patch (thx to Peter
Pentchev).
o Merged Debian 07-imap-capabilities.patch (thx to Ansgar).
o Merged Debian 08-addrconfig-workaround.patch (thx to Peter Pentchev).
o Fixed tests on the WSL2 platform.
o NSIS installer updated to version 3.06 to fix a multiuser installation
bug on some platforms, including 64-bit XP.
o Fixed engine initialization (thx to Petr Strukov).
o FIPS TLS feature is reported when a provider or container is available,
and not when FIPS control API is available.
|
|
* Use pkgsrc libtool.
* Use MASTER_SITE_GNU as MASTER_SITES.
Changelog:
New in 2.7.4 - September 2020
New in 2.4 - August, 2018
disable the --use-pbkdf2 option and implement --rehash as replacement
* the default "rehash" count is printed with --status output
* security question answers can now be stable across password
changes. Two answers are now printed: the deprecated version
that changes with the rehash count, and the new version that
is stable.
New in 2.2 - June, 2018
* Chase Bank has added the password restriction that no three characters
may be in sequence. So look for that and fix it, if need be.
* Let people know when they last modified a password.
Mark the day when the pbkdf2 count is modified.
* The confirmation value printed out is a hash based on the confirmation
string and the current password. So, if the password changes, then
so does the confirmation string. Not ideal. This change restricts
the hashing source to just the password id and the confirmation
string.
* Users may now specify a config file other than the default.
New in 2.0 - May, 2016
* A new option --shared to implement sharing passwords.
This allows shared logins with secure passwords and still
keeps all the other passwords very secret. See the docs for
the rationale and usage.
|
|
|
|
Fails to build and the upstream service seems to have transformed into
some "enterprise blockchain" thingy.
|
|
|
|
Changes since v4.6.0:
wolfSSL Release 4.7.0 (February 16, 2021)
Release 4.7.0 of wolfSSL embedded TLS has bug fixes and new features including:
New Feature Additions
* Compatibility Layer expansion SSL_get_verify_mode, X509_VERIFY_PARAM API,
X509_STORE_CTX API added
* WOLFSSL_PSK_IDENTITY_ALERT macro added for enabling a subset of TLS alerts
* Function wolfSSL_CTX_NoTicketTLSv12 added to enable turning off session
tickets with TLS 1.2 while keeping TLS 1.3 session tickets available
* Implement RFC 5705: Keying Material Exporters for TLS
* Added --enable-reproducible-build flag for making more deterministic
library outputs to assist debugging
* Added support for S/MIME (Secure/Multipurpose Internet Mail Extensions)
bundles
Fixes
* Fix to free mutex when cert manager is free’d
* Compatibility layer EVP function to return the correct block size and type
* DTLS secure renegotiation fixes including resetting timeout and retransmit
on duplicate HelloRequest
* Fix for edge case with shrink buffer and secure renegotiation
* Compile fix for type used with curve448 and PPC64
* Fixes for SP math all with PPC64 and other embedded compilers
* SP math all fix when performing montgomery reduction on one word modulus
* Fixes to SP math all to better support digit size of 8-bit
* Fix for results of edge case with SP integer square operation
* Stop non-ct mod inv from using register x29 with SP ARM64 build
* Fix edge case when generating z value of ECC with SP code
* Fixes for PKCS7 with crypto callback (devId) with RSA and RNG
* Fix for compiling builds with RSA verify and public only
* Fix for PKCS11 not properly exporting the public key due to a missing key
type field
* Call certificate callback with certificate depth issues
* Fix for out-of-bounds read in TLSX_CSR_Parse()
* Fix incorrect AES-GCM tag generation in the EVP layer
* Fix for out of bounds write with SP math all enabled and an edge case of
calling sp_tohex on the result of sp_mont_norm
* Fix for parameter check in sp_rand_prime to handle 0 length values
* Fix for edge case of failing malloc resulting in an out of bounds write
with SHA256/SHA512 when small stack is enabled
Improvements/Optimizations
* Added --enable-wolftpm option for easily building wolfSSL to be used with
wolfTPM
* DTLS macro WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT added for resending flight
only after a timeout
* Update linux kernel module to use kvmalloc and kvfree
* Add user settings option to cmake build
* Added support for AES GCM session ticket encryption
* Thread protection for global RNG used by wolfSSL_RAND_bytes function calls
* Sanity check on FIPs configure flag used against the version of FIPs
bundle
* --enable-aesgcm=table now is compatible with --enable-linuxkm
* Increase output buffer size that wolfSSL_RAND_bytes can handle
* Out of directory builds resolved, wolfSSL can now be built in a separate
directory than the root wolfssl directory
Vulnerabilities
* [HIGH] CVE-2021-3336: In earlier versions of wolfSSL there exists a
potential man in the middle attack on TLS 1.3 clients. Malicious
attackers with a privileged network position can impersonate TLS 1.3
servers and bypass authentication. Users that have applications with
client side code and have TLS 1.3 turned on, should update to the latest
version of wolfSSL. Users that do not have TLS 1.3 turned on, or that are
server side only, are NOT affected by this report. For the code change
see #3676. Thanks to Aina Toky Rasoamanana and Olivier Levillain from
Télécom SudParis for the report.
* [LOW] In the case of using custom ECC curves there is the potential for a
crafted compressed ECC key that has a custom prime value to cause a hang
when imported. This only affects applications that are loading in ECC keys
with wolfSSL builds that have compressed ECC keys and custom ECC curves
enabled.
* [LOW] With TLS 1.3 authenticated-only ciphers a section of the server
hello could contain 16 bytes of uninitialized data when sent to the
connected peer. This affects only a specific build of wolfSSL with TLS
1.3 early data enabled and using authenticated-only ciphers with TLS 1.3.
For additional vulnerability information visit the vulnerability page at
https://www.wolfssl.com/docs/security-vulnerabilities/
See INSTALL file for build instructions.
More info can be found on-line at https://wolfssl.com/wolfSSL/Docs.html
|
|
Pkgsrc changes:
* Change dependency from botan to botan-devel to get version 2.x.
Upstream changes:
SoftHSM 2.6.1 - 2020-04-29
* Issue #542: Support Ed448/X448 for OpenSSL
* Issue #538: Improved warning and compilation issues for GCC10
* Issue #527: Fixed compilation issues for MacOS 10.15.4/Xcode 11.4
SoftHSM 2.6.0 - 2020-03-17
* Issue #493: Upgrade to Botan 2.
* Issue #530: Update appveyor build.
* Issue #438: Detect crypto algorithms by default.
(Patch from Alon Bar-Lev)
* Issue #455: Provide a new configuration option to allow enabling and
disabling various mechanisms (slots.mechanisms in the softhsm2.conf).
(Thanks to Jakub Jelen)
* Issue #479: Increase SQLite busy timeout from 15 seconds to 3 minutes.
(Patch from Jan Luebbe)
* Issue #513: Add configuration option to reset state on fork closing all
sessions rather than keeping all sessions open in duplicate process.
(Thanks to Anderson Toshiyuki Sasaki)
* Issue #500: C_WaitForSlotEvent implementation.
(Patch from massey101)
* Issue #445: Add wrap support with CKM_AES_CBC.
Bugfixes:
* Issue #418: Set fields to NULL to avoid double free.
(Patch from Brian J Murray)
* Issue #423: ENGINE_load_rdrand is not supported with older openssl.
(Patch from Alon Bar-Lev)
* Issue #429: Updated prerequisite to build from repository.
(Patch from Dharmesh Khandelwal)
* Issue #434: Fix build issues with CMake.
(Patch from Peter Wu)
* Issue #435: Fix botan build without EDDSA.
(Patch from Peter Wu)
* Issue #442: Release resources from OSSLEVPSymmetricAlgorithm.
(Patch from Petr Menšík)
* Issue #449/#502: Do not copy zero sized buffer avoid null pointer reference.
(Patch from space88man)
* Issue #464: Race condition with multiple threads closing last session and
opening a newer sessions.
(Patch from Takarth)
* Issue #452: Fixes to automake build fir undefined macros.
* Issue #462: User PIN count wrongly calculated.
(Patch from Ondrej Hlavaty)
* Issue #516: Fix memory leak in OSSLCryptoFactory.
(Patch from Anderson Sasaki)
* Issue #494: Allow null pointers as arguments when count is zero.
(Patch from Yunjong Jeong)
* Issue #518: Sporadic problem in closing sessions because of lookup of
object without prior locking.
* Issue #506: Check key type for C_EncryptInit and C_DecryptInit.
(Patch from Yunjong Jeong)
* Issue #526: Adjust EDDSA code to return valid EC_PARAMS.
(Patch from Jakub Jelen)
* Issue #452: Autogen failure on undefined macro AC_MSG_ERROR.
* Issue #527: Fixed some build errors for GCC 10.
* Issue #470: Null pointer arguments validation for C_EncryptFinal, etc.
|
|
Informally OK'ed by joerg@
Pkgsrc changes:
* Add comment the patches which lacked them.
* Adjust PLIST.
Upstream changes:
Version 2.17.3, 2020-12-21
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Change base64, base58, base32, and hex encoding and decoding opearations
to run in constant time (GH #2549)
* Fix a build problem on PPC64 building with Clang (GH #2547)
* Fix an install problem introduced in 2.17.2 affecting MSVC 2015
* Fix use of -L flag in linking when configured using ``--with-external-libdir``
(GH #2496)
* Fix a build problem on big-endian PowerPC related to VSX instructions
in the AES code. (GH #2515)
Version 2.17.2, 2020-11-13
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Fix an build problem on ppc64 introduced with certain recent
versions of GCC or binutils where using the DARN instruction
requires using an appropriate -mcpu flag to enable the instruction
in the assembler. (GH #2481 2463)
* Resolve an issue in the modular square root algorithm where a loop
to find a quadratic non-residue could, for a carefully chosen
composite modulus, not terminte in a timely manner. (GH #2482 #2476)
* Fix a regression in MinGW builds introduced in 2.17.1
Version 2.17.1, 2020-11-07
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Fix a build problem that could occur if Python was not in the PATH.
This was known to occur on some installations of macOS.
* Re-enable support for the x86 CLMUL instruction on Visual C++, which was
accidentally disabled starting in 2.12.0. (GH #2460)
Version 2.17.0, 2020-11-05
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Fix a bug in ECDSA which could occur when the group size and hash length
differ. In this case, on occasion the generated signature would not be
accepted by other ECDSA implementations. This was particularly likely to
affect users of 160-bit or 239-bit curves. (GH #2433 #2415)
* Fix a bug in ECDSA verification when the public key was chosen to be
a small multiple of the group generator. In that case, verification
would fail even if the signature was actually valid. (GH #2425)
* SIV's functionality of supporting multiple associated data inputs has been
generalized onto the AEAD_Mode interface. However at the moment SIV is the
only AEAD implemented which supports more than one AD. (GH #2440)
* The contents of ASN.1 headers ``asn1_str.h``, ``asn1_time.h``, ``asn1_oid.h``
and ``alg_id.h`` have been moved to ``asn1_obj.h``. The header files remain
but simply forward the include to ``asn1_obj.h``. These now-empty header files
are deprecated, and will be removed in a future major release. (GH #2441)
* The contents of X.509/PKIX headers ``asn1_attribute.h`` ``asn1_alt_name.h``
``name_constraint.h`` ``x509_dn.h`` ``cert_status.h`` and ``key_constraint.h``
have been merged into ``pkix_enums.h`` (for enumerations) and ``pkix_types.h``
(for all other definitions). The previous header files remain but simply
forward the include to the new header containing the definition. These
now-empty header files are deprecated, and will be removed in a future major
release. (GH #2441)
* A number of other headers including those related to HOTP/TOTP, XMSS,
PKCS11, PSK_DB have also been merged. Any now deprecated/empty headers
simply include the new header and issue a deprecation warning.
(GH #2443 #2446 #2447 2448 #2449)
* Small optimizations in the non-hardware assisted AES key generation
code path (GH #2417 #2418)
* Move the GHASH code to a new module in utils, making it possible
to build GMAC support without requiring GCM (GH #2416)
* Add more detection logic for AVX-512 features (GH #2430)
* Avoid std::is_pod which is deprecated in C++20 (GH #2429)
* Fix a bug parsing deeply nested cipher names (GH #2426)
* Add support for ``aarch64_be`` target CPU (GH #2422)
* Fix order of linker flags so they are always applied effectively (GH #2420)
* Prevent requesting DER encoding of signatures when the algorithm
did not support it (GH #2419)
Version 2.16.0, 2020-10-06
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Now userspace PRNG objects (such as AutoSeeded_RNG and HMAC_DRBG)
use an internal lock, which allows safe concurrent use. This however
is purely a precaution in case of accidental sharing of such RNG
objects; for performance reasons it is always preferable to use
a RNG per thread if a userspace RNG is needed. (GH #2399)
* DL_Group and EC_Group objects now track if they were created from a
known trusted group (such as P-256 or an IPsec DH parameter). If
so, then verification tests can be relaxed, as compared to
parameters which may have been maliciously constructed in order to
pass primality checks. (GH #2409)
* RandomNumberGenerator::add_entropy_T assumed its input was a POD
type but did not verify this. (GH #2403)
* Support OCSP responders that live on a non-standard port (GH #2401)
* Add support for Solaris sandbox (GH #2385)
* Support suffixes on release numbers for alpha/beta releases (GH #2404)
* Fix a bug in EAX which allowed requesting a 0 length tag, which had
the effect of using a full length tag. Instead omit the length field,
or request the full tag length explicitly. (GH #2392 #2390)
* Fix a memory leak in GCM where if passed an unsuitable block cipher
(eg not 128 bit) it would throw an exception and leak the cipher
object. (GH #2392 #2388)
Version 2.15.0, 2020-07-07
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Fix a bug where the name constraint extension did not constrain the
alternative DN field which can be included in a subject alternative name. This
would allow a corrupted sub-CA which was otherwise constrained by a name
constraint to issue a certificate with a prohibited DN.
* Fix a bug in the TLS server during client authentication where where
if a (disabled by default) static RSA ciphersuite was selected, then
no certificate request would be sent. This would have an equivalent
effect to a client which simply replied with an empty Certificate
message. (GH #2367)
* Replace the T-Tables implementation of AES with a 32-bit bitsliced
version. As a result AES is now constant time on all processors.
(GH #2346 #2348 #2353 #2329 #2355)
* In TLS, enforce that the key usage given in the server certificate
allows the operation being performed in the ciphersuite. (GH #2367)
* In X.509 certificates, verify that the algorithm parameters are
the expected NULL or empty. (GH #2367)
* Change the HMAC key schedule to attempt to reduce the information
leaked from the key schedule with regards to the length of the key,
as this is at times (as for example in PBKDF2) sensitive information.
(GH #2362)
* Add Processor_RNG which wraps RDRAND or the POWER DARN RNG
instructions. The previous RDRAND_RNG interface is deprecated.
(GH #2352)
* The documentation claimed that mlocked pages were created with a
guard page both before and after. However only a trailing guard page
was used. Add a leading guard page. (GH #2334)
* Add support for generating and verifying DER-encoded ECDSA signatures
in the C and Python interfaces. (GH #2357 #2356)
* Workaround a bug in GCC's UbSan which triggered on a code sequence
in XMSS (GH #2322)
* When building documentation using Sphinx avoid parallel builds with
version 3.0 due to a bug in that version (GH #2326 #2324)
* Fix a memory leak in the CommonCrypto block cipher calls (GH #2371)
* Fix a flaky test that would occasionally fail when running the tests
with a large number of threads. (GH #2325 #2197)
* Additional algorithms are now deprecated: XTEA, GOST, and Tiger.
They will be removed in a future major release.
Version 2.14.0, 2020-04-06
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Add support for using POWER8+ VPSUMD instruction to accelerate GCM
(GH #2247)
* Optimize the vector permute AES implementation, especially improving
performance on ARMv7, Aarch64, and POWER. (GH #2243)
* Use a new algorithm for modular inversions which is both faster and
more resistant to side channel attacks. (GH #2287 #2296 #2301)
* Address an issue in CBC padding which would leak the length of the
plaintext which was being padded. Unpadding during decryption was
not affected. Thanks to Maximilian Blochberger for reporting this.
(GH #2312)
* Optimize NIST prime field reductions, improving ECDSA by 3-9% (GH #2295)
* Increase the size of the ECC blinding mask and scale it based on the
size of the group order. (GH #880 #893 #2308)
* Add server side support for the TLS asio wrapper. (GH #2229)
* Add support for using Windows certificate store on MinGW (GH #2280)
* Use the library thread pool instead of a new thread for RSA computations,
improving signature performance by up to 20%. (GH #2257)
* Precompute and cache additional fields in ``X509_Certificate`` (GH #2250)
* Add a CLI utility ``cpu_clock`` which estimates the speed of the
processor cycle counter. (GH #2251)
* Fix a bug which prevented using DER-encoded ECDSA signatures with a PKCS11
key (GH #2293)
* Enable use of raw block ciphers from CommonCrypto (GH #2278)
* Support for splitting up the amalgamation file by ABI extension has
been removed. Instead only ``botan_all.cpp`` and ``botan_all.h`` are
generated. (GH #2246)
* Improve support for baremetal systems with no underlying OS, with
target OS ``none`` (GH #2303 #2304 #2305)
* The build system now avoids using ``-rpath=$ORIGIN`` or (on macOS)
install_name which allowed running the tests from the build
directory without setting ``LD_LIBRARY_PATH``/``DYLD_LIBRARY_PATH``
environment variables. Instead set the dynamic linker variables
appropriately, or use ``make check``. (GH #2294 #2302)
* Add new option ``--name-amalgamation`` which allows naming the
amalgamation output, instead of the default ``botan_all``. (GH #2246)
* Avoid using symbolic links on Windows (GH #2288 #2286 #2285)
* Fix a bug that prevented compilation of the amalgamation on ARM and
POWER processors (GH #2245 #2241)
* Fix some build problems under Intel C++ (GH #2260)
* Remove use of Toolhelp Windows library, which was known to trigger
false positives under some antivirus systems. (GH #2261)
* Fix a compilation problem when building on Windows in Unicode mode.
Add Unicode build to CI to prevent regressions. (GH #2254 #2256)
* Work around a GCC bug affecting old libc (GH #2235)
* Workaround a bug in macOS 10.15 which caused a test to crash.
(GH #2279 #2268)
* Avoid a crash in PKCS8::load_key due to a bug in Clang 8.
(GH #2277)
Version 2.13.0, 2020-01-06
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Add Roughtime client (GH #2143 #1842)
* Add support for XMSS X.509 certificates (GH #2172)
* Add support for X.509 CRLs in FFI layer and Python wrapper (GH #2213)
* It is now possible to disable TLS v1.0/v1.1 and DTLS v1.0 at build time.
(GH #2188)
* The format of encrypted TLS sessions has changed, which will
invalidate all existing session tickets. The new format will make
it easier to support ticket key rotation in the future. (GH #2225)
* Improve RSA key generation performance (GH #2148)
* Make gcd computation constant-time (GH #2147)
* Add AVX2 implementation of SHACAL2 (GH #2196)
* Update BSI policy to reflect 2019 update of TR 02102-2 (GH #2195)
* Support more functionality for X.509 in the Python API (GH #2165)
* Add ``generic`` CPU target useful when building for some new or unusual
platform.
* Disable MD5 in BSI or NIST modes (GH #2188)
* Disable stack protector on MinGW as it causes crashes with some recent
versions. (GH #2187)
* On Windows the DLL is now installed into the binary directory (GH #2233)
* Previously Windows required an explicit ``.lib`` suffix be added when
providing an explicit library name, as is used for example for Boost.
Now the ``.lib`` suffix is implicit, and should be omitted.
* Remove the 32-bit x86 inline asm for Visual C++ as it seemed to not offer
much in the way of improved performance. (GH #2204 #256)
* Resolve all compile time warnings generated by GCC, Clang and MSVC.
Modify CI to compile with warnings-as-errors. (GH #2170 #2206 #2211 #2212)
* Fix bugs linking to 3rd party libraries on Windows due to invalid
link specifiers. (GH #2210 #2215)
* Add long input and NIST Monte-Carlo hash function tests.
* Fix a bug introduced in 2.12.0 where ``TLS::Channel::is_active`` and
``TLS::Channel::is_closed`` could simultaneously return true.
(GH #2174 #2171)
* Use ``std::shared_ptr`` instead of ``boost::shared_ptr`` in some examples.
(GH #2155)
Version 2.12.1, 2019-10-14
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Fix a bug that prevented building with nmake (GH #2142 #2141)
* Fix an issue where make install would attempt to build targets which
were disabled. (GH #2140)
* If the option ``--without-documentation`` is used, avoid invoking the
documentation build script. (GH #2138)
* Fix a bug that prevented compilation on x86-32 using GCC 4.9 (GH #2139)
* Fix a bug in CCM encryption, where it was possible to call ``finish`` without
ever setting a nonce (GH #2151 #2150)
* Improve ECIES/DLIES interfaces. If no initialization vector was set, they
would typically produce hard to understand exceptions. (GH #2151 #2150)
Version 2.12.0, 2019-10-07
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Many currently public headers are being deprecated. If any such header is
included by an application, a warning is issued at compile time. Headers
issuing this warning will be made internal in a future major release.
(GH #2061)
* RSA signature performance improvements (GH #2068 #2070)
* Performance improvements for GCM (GH #2024 #2099 #2119), OCB (#2122),
XTS (#2123) and ChaCha20Poly1305 (GH #2117), especially for small messages.
* Add support for constant time AES using NEON and AltiVec (GH
#2093 #2095 #2100)
* Improve performance of POWER8 AES instructions (GH #2096)
* Add support for the POWER9 hardware random number generator (GH #2026)
* Add support for 64-bit version of RDRAND, doubling performance
on x86-64 (GH #934 #2022)
* In DTLS server, support a client crashing and then reconnecting from
the same source port, as described in RFC 6347 sec 4.2.8 (GH #2029)
* Optimize DTLS MTU splitting to split precisely to the set MTU (GH #2042)
* Add support for the TLS v1.3 downgrade indicator. (GH #2027)
* Improve the error messages generated when an invalid TLS state
transition occurs (GH #2030)
* Fix some edge cases around TLS close_notify support. (GH #2054)
* Modifications to support GOST 34.10-2012 signatures (GH #2055
#2056 #1860 #1897)
* Add some new APIs on ``OID`` objects (GH #2057)
* Properly decode OCSP responses which indicate an error (GH #2110)
* Add a function to remove an X.509 extension from an Extensions object.
(GH #2101 #2073 #2065)
* Support Argon2 outputs longer than 64 bytes (GH #2079 #2078)
* Correct a bug in CAST-128 which caused incorrect computation using
11, 13, 14, or 15 byte keys. (GH #2081)
* Fix a bug which would cause Streebog to produce incorrect outputs for
certain messages (GH #2082 #2083)
* Fix a bug that prevented loading EC points with an affine x or y
value of 0. For certain curves such points can exist. (GH #2102)
* Fix a bug which would cause PBKDF2 to go into a very long loop if
it was requested to use an iteration count of 0. (GH #2090 #2088)
* The BearSSL provider has been removed (GH #2020)
* Add a new ``entropy`` cli which allows sampling the output of
the entropy sources.
* Add new ``base32_enc`` and ``base32_dec`` cli for base32 encoding
operations. (GH #2111)
* Support setting TLS policies in CLIs like ``tls_client`` and
``tls_proxy_server`` (GH #2047)
* The tests now run in multithreaded mode by default. Provide option
``--test-threads=1`` to return to previous single-threaded
behavior. (GH #2071 #2075)
* Cleanups in TLS record layer (GH #2021)
* Fix typos in some OCSP enums which used "OSCP" instead. (GH #2048)
* In the Python module, avoid trying to load DLLs for names that
don't match the current platform (GH #2062 #2059)
* In the Python module, also look for ``botan.dll`` so Python
wrapper can run on Windows. (GH #2059 #2060)
* Add support for TOTP algorithm to the Python module. (GH #2112)
* Now the minimum Windows target is set to Windows 7 (GH #2036 #2028)
* Add ``BOTAN_FORCE_INLINE`` macro to resolve a performance issue
with BLAKE2b on MSVC (GH #2092 #2089)
* Avoid using ``__GNUG__`` in headers that may be consumed by a C
compiler (GH #2013)
* Improve the PKCS11 tests (GH #2115)
* Fix a warning from Klocwork (GH #2128 #2129)
* Fix a bug which caused amalgamation builds to fail on iOS (GH #2045)
* Support disabling thread local storage, needed for building on
old iOS (GH #2045)
* Add a script to help with building for Android, using Docker (GH
#2016 #2033 #513)
* Add Android NDK build to Travis CI (GH #2017)
|
|
|
|
|
