NEWS for the Nettle 3.8 release
This release includes a couple of new features, and many
performance improvements. It adds assembly code for two more
architectures: ARM64 and S390x.
The new version is intended to be fully source and binary
compatible with Nettle-3.6. The shared library names are
libnettle.so.8.5 and libhogweed.so.6.5, with sonames
libnettle.so.8 and libhogweed.so.6.
New features:
* AES keywrap (RFC 3394), contributed by Nicolas Mora.
* SM3 hash function, contributed by Tianjia Zhang.
* New functions cbc_aes128_encrypt, cbc_aes192_encrypt,
cbc_aes256_encrypt.
On processors where AES is fast enough, e.g., x86_64 with
aesni instructions, the overhead of using Nettle's general
cbc_encrypt can be significant. The new functions can be
implemented in assembly, to do multiple blocks with reduced
per-block overhead.
Note that there's no corresponding new decrypt functions,
since the general cbc_decrypt doesn't suffer from the same
performance problem.
Bug fixes:
* Fix fat builds for x86_64 windows, these appear to never
have worked.
Optimizations:
* New ARM64 implementation of AES, GCM, Chacha, SHA1 and
SHA256, for processors supporting crypto extensions. Great
speedups, and fat builds are supported. Contributed by
Mamone Tarsha.
* New s390x implementation of AES, GCM, Chacha, memxor, SHA1,
SHA256, SHA512 and SHA3. Great speedups, and fat builds are
supported. Contributed by Mamone Tarsha.
* New PPC64 assembly for ecc modulo/redc operations,
contributed by Amitay Isaacs, Martin Schwenke and Alastair
D´Silva.
* The x86_64 AES implementation using aesni instructions has
been reorganized with one separate function per key size,
each interleaving the processing of two blocks at a time
(when the caller processes multiple blocks with each call).
This gives a modest performance improvement on some
processors.
* Rewritten and faster x86_64 poly1305 assembly.
Known issues:
* Nettle's testsuite doesn't work out-of-the-box on recent
MacOS, due to /bin/sh discarding the DYLD_LIBRARY_PATH
environment variable. Nettle's test scripts handle this in
some cases, but currently fails the test cases that are
themselves written as /bin/sh scripts. As a workaround, use
make check EMULATOR='env DYLD_LIBRARY_PATH=$(TEST_SHLIB_DIR)'
Miscellaneous:
* Updated manual to current makeinfo conventions, with no
explicit node pointers. Generate pdf version with texi2pdf,
to get working hyper links.
* Added square root functions for NIST ecc curves, as a
preparation for supporting compact point representation.
* Reworked internal GCM/ghash interfaces, simplifying assembly
implementations. Deleted unused GCM C implementation
variants with less than 8-bit lookup table.
camlp4 is an outdated way to build packages with caml and does not work
with pkgsrc ocaml versions for more than a year.
Remove camlp4 and all packages using it.
Ok jaapb@
Approved during freeze by gdt@, tested on SmartOS and macOS.
Major changes between OpenSSL 1.1.1o and OpenSSL 1.1.1p [21 Jun 2022]
o Fixed additional bugs in the c_rehash script which was not properly
sanitising shell metacharacters to prevent command injection
(CVE-2022-2068)
2.5.1
Fix
Add missing Vulnerability comparator for sorting (#246) (c3f3d0d)
2.5.0
Feature
Use SortedSet in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson (8a1c404)
Documentation
Fix typo "This is out" -> "This is our" (ef0278a)
2.4.0
Feature
deps: Remove unused typing-extensions constraints (2ce358a)
Version 2.19.2
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Add support for parallel computation in Argon2 (GH #2937#2926)
* Add SSSE3 implementation of Argon2 (GH #2937#2927)
* The OpenSSL provider was incompatible with OpenSSL 3.0.
It has been removed (GH #2902)
* Avoid using reserve in secure_vector appending, which caused
a performance problem (GH #2945#2920)
* Fix TLS::Text_Policy behavior when X25519 is disabled
at build time (GH #2894)
* Fix several warnings from Clang (#2888#2886)
Upstream changes:
OpenDNSSEC 2.1.10 - 2021-09-10
* OPENDNSSEC-957: Fix exit code signer daemon to not always report failure.
* OPENDNSSEC-958: Fix immediate resalting after migration from 1.4.
* OPENDNSSEC-959: Emit warning on ods-kaspcheck for NSEC iteration count
that is deemed too high.
* SUPPORT-265: Resolve conflict when deleting keys from HSM whilst
also performing step in key roll process. Typically a message
"key_data_update failed" is present in logs.
* Provided RedHat/CentOS spec file in contrib directory.
- The location of the system certificate store can now be set using
a new configuration file (ca-certificates-dir.conf).
- Installing the certificates to the system certificate store must
be enabled by the administrator.
Point out that this is from Debian and that Debian's policy is unclear
(it's not on HOMEPAGE at least; they probably do have one).
Note that modification outside of the package's files is either to
base or to pkgsrc openssl.
Clarify that there's a supported way to exclude particular certs as
trust anchors.
-do not read config files that have already been processed
-permit reason (-r) strings as regex matches
-%{HOSTNAME} expands to hostname in regex rules
-suggest -d when invoked with cd and cd is not located
-new option of timeout for password prompt
-new option of target_group for run/edit
1.28.0
Added
Updated Apache/NGINX TLS configs to document contents are based on ssl-config.mozilla.org
Changed
A change to order finalization has been made to the acme module and Certbot:
An order's certificate field will only be processed if the order's status is valid.
An order's error field will only be processed if the order's status is invalid.
(Once I did import with wrong directory name, R-soduim, and I noticed
that before I did commit security/Makefile and doc/CHANGES-2022,
so those two are correct, but I did not notice the necessity of correcting
importing commit, now re-importing the correct name, I hope,
sorry and thanks leot@)
Bindings to 'libsodium': a modern, easy-to-use software library for
encryption, decryption, signatures, password hashing and more. Sodium
uses curve25519, a state-of-the-art Diffie-Hellman function by Daniel
Bernstein, which has become very popular after it was discovered that
the NSA had backdoored Dual EC DRBG.
Bindings to 'libsodium': a modern, easy-to-use software library for
encryption, decryption, signatures, password hashing and more. Sodium
uses curve25519, a state-of-the-art Diffie-Hellman function by Daniel
Bernstein, which has become very popular after it was discovered that
the NSA had backdoored Dual EC DRBG.
[0.9.0] - 2022-05-27
Added
Support customizing key bindings (#6)
Add a separate script for preparing the test environment
Changed
Bump dependencies
Bump the Rust version in Dockerfile
Update man page about custom key bindings
Fixed
Fix the formatting
Update application handler tests about custom key bindings
Update custom key binding handler test
Fix the keycode handler test
Fix typo in the script name
Removed
Remove edition key from rustfmt config
Upstream changes:
20211001
- Update mk-ca-bundle.pl and Mozilla data to 2021-10-01 (Aaron Rowe)
- Improve metadata for license information (Shoichi Kaji)
## [2.3.0] - 2022-05-18
### Added
* CLI: The `--ignore-vuln` option has been added, allowing users to
specify vulnerability IDs to ignore during the final report
([#275](https://github.com/trailofbits/pip-audit/pull/275))
* CLI: The `--no-deps` flag has been added, allowing users to skip dependency
resolution entirely when `pip-audit` is used in requirements mode
([#255](https://github.com/trailofbits/pip-audit/pull/255))
Version 3.7.6 (released 2022-05-27)
** libgnutls: Fixed invalid write when gnutls_realloc_zero()
is called with new_size < old_size. This bug caused heap
corruption when gnutls_realloc_zero() has been set as gmp
reallocfunc
0.4.9
Added a status attribute to the returned object from gen_key() which is set to 'ok' if a key was successfully created, or 'key not created' if that was reported by gpg, or None in any other case.
Provided the ability to add subkeys. Thanks to Daniel Kilimnik for the feature request and patch.
Added keygrip values to the information collected when keys are listed. Thanks to Daniel Kilimnik for the feature request and patch.
Added extra_args to send_keys(), recv_keys() and search_keys() to allow passing options relating to key servers.
Release 2.10.1 (16 Apr 2022)
----------------------------
* Added support for "Match Exec" in config files and updated AsyncSSH
API calls to do config parsing in an executor to avoid blocking the
event loop if a "Match Exec" command doesn't return immediately.
* Fixed an issue where settings associated with server channels set
when creating a listener rather than at the time a new channel is
opened were not always being applied correctly.
* Fixed config file handling to be more consistent with OpenSSH, making
all relative paths be evaluated relative to ~/.ssh and allowing
references to config file patterns which don't match anything to only
trigger a debug message rather than an error. Thanks go to Caleb Ho
for reporting this issue!
* Update minimum required version of cryprography package to 3.1, to
allow calls to it to be made without passing in a "backend" argument.
This was missed back in the 2.9 release. Thanks go to Github users
sebby97 and JavaScriptDude for reporting this issue!
Release 2.10.0 (26 Mar 2022)
----------------------------
* Added new get_server_auth_methods() function which returns the set
of auth methods available for a given user and SSH server.
* Added support for new line_echo argument when creating a server
channel which controls whether input in the line editor is echoed
to the output immediately or under the control of the application,
allowing more control over the ordering of input and output.
* Added explicit support for RSA SHA-2 certificate algorithms.
Previously, SHA-2 signatures were supported using the original
ssh-rsa-cert-v01@openssh.com algorithm name, but recent versions
of SSH now disable this algorithm by default, so the new SHA-2
algorithm names need to be advertised for SHA-2 signatures to
work when using OpenSSH certificates.
* Improved handling of config file loading when options argument is
used, allowing config loading to be overridden at connect() time
even if the options passed in referenced a config file.
* Improved speed of unit tests by avoiding some network timeouts
when connecting to invalid addresses.
* Merged GitHub workflows contributed by GitHub user hexchain to
run unit tests and collect code coverage information on multiple
platforms and Python versions. Thanks so much for this work!
* Fixed issue with GSS auth unit tests hanging on Windows.
* Fixed issue with known_hosts matching when ProxyJump is being used.
Thanks go to GitHub user velavokr for reporting this and helping
to debug it.
* Fixed type annotations for SFTP client and server open methods.
Thanks go to Marat Sharafutdinov for reporting this!
Basically lasso installs additional files when Inkscape is available,
which it would normally re-generate but are already in the source tree.
This unconditionally caches "/bin/false" as the path to Inkscape, which:
* will always behave the same (install the missing files)
* will break if they ever have to be re-generated (thus exposing the
issue directly, which is a good thing)
In addition since lasso can provide additional documentation when
gtk-doc is installed, I have enabled this by default as well.
Bumps PKGREVISION.
Reviewed by manu@, thanks!