38.0.3 - 2022-11-01
~~~~~~~~~~~~~~~~~~~
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.7,
which resolves *CVE-2022-3602* and *CVE-2022-3786*.
38.0.2 - 2022-10-11
~~~~~~~~~~~~~~~~~~~
This release was subsequently yanked from PyPI due to a regression in OpenSSL.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.6.
## 2.7.4 (2022-10-29)
### Changes
- Add 2 months expiration preset [#8687]
- CLI: Add Unicode support on Windows [#8618]
### Fixes
- Fix crash on macOS when unlocking database [#8676]
- Fix display of passwords in preview panel [#8633]
- Fix clicking links in entry preview panel [#8644]
- Prevent expired entries search if no results returned [#8643]
- Browser: Revert code causing connection problems [#8665]
- Browser: Fix socket file symbolic link on Linux [#8656]
- Flatpak: Fix launching browser proxy service [#8680]
- SSH Agent: Fix paegent support on Windows [#8619]
## 2.7.3 (2022-10-23)
### Changes
- Enhance Tags Support and Add Saved Searches [#8435, #8607]
- Significant improvements to entry preview panel [#7993]
- Add password strength indicator to all password fields [#7885]
- Limit zxcvbn entropy estimation length to 128 characters [#7748]
- Try full URL path when fetching favicon [#8565]
- Hide usernames in preview panel when hidden in entry view [#8608]
- Enable dark title bar on windows when accent color is not used [#8498]
- Add option to display passwords in color in preview panel [#7097]
- Add XML Export option to GUI [#8524]
- Increase entropy required for a "good" password rating to 75 [#8523]
- Add shortcut to copy password with TOTP appended [#8443]
- Show entry count in status bar [#8435]
- Allow KeePassXC to be built without X11 [#8147]
- Enable use of VivoKey Apex and Dangerous Things FlexSecure tokens [#8332]
- Add setting for number of recent files [#8239]
- Add Ctrl+Tab shortcut to cycle databases in unlock dialog [#8168]
- Replace offensive words in eff_large.wordlist [#7968]
- Auto-Type: PICKCHARS can specify attribute and ignore BEEP [#8118]
- Linux: Add isHardwareKeySupported and refreshHardwareKeys to DBus methods [#8055]
- Add config variable to specify default database file name [#8042]
- Support numeric aware sorting on Windows and macOS [#8363]
- CLI: Add `db-edit` command [#8400]
- CLI: Add option to display all attributes with `show` command [#8256]
- CLI: Show UUID and tags with `show` and `clip` commands [#8241]
- Browser: Move socket into separate directory on Linux [#8030]
- Browser: Add group setting to omit WWW subdomain when matching URLs [#7988]
- FdoSecrets: Ask to unlock the database when creating items [#8022, #8028]
- FdoSecrets: Skip entries in recycle bin when searching [#8021]
### Fixes
- Fix potential deadlock in UI when saving [#8606]
- Fix newlines when copying notes from preview panel [#8542]
- Fix dark mode detection on Linux [#8477]
- Fix crash when deleting items in recycle bin while searching [#8117]
- Fix crash when trying to close database during unlock [#8144]
- Fix tabbing around the interface [#8435, #8520]
- Fix OPVault import when there are multiple OTP fields [#8436]
- Fix various Windows Hello bugs [#8354]
- Fix use of Apple Watch for Quick Unlock [#8311]
- Better handling of "Lock on Minimize" setting [#8202]
- Check for write permission before entering portable mode [#8447]
- Correct regex escape logic to prevent parse errors [#7778]
- Normalize slashes and file case for last used databases [#7864, #7214]
- Link ykcore against pthread [#7807]
- Auto-Type: Fix menu entries in selection dialog on Windows [#7987]
- Auto-Type: Fix use of modifiers under macOS [#8111]
- CLI: Fix output when using clip with the -t flag [#8271]
- Browser: Use asynchronous access confirm dialog [#8273]
- Browser: Always send database locked/unlocked status [#8114]
ssh-audit is a tool for ssh server & client configuration auditing.
Features:
* SSH1 and SSH2 protocol server support
* analyze SSH client configuration
* grab banner, recognize device or software and OS, detect compression
* gather key-exchange, host-key, encryption and MAC algorithms
* output algorithm information
(available since, removed/disabled, unsafe/weak/legacy, etc)
* output algorithm recommendations
(append or remove based on recognized software version)
* output security information (related issues, assigned CVE list, etc)
* analyze SSH version compatibility based on algorithm information
* historical information from OpenSSH, Dropbear SSH and libssh
* policy scans to ensure adherence to a hardened/standard configuration
0.6.0
Features
Update to allow for 3PI credentials
Bug Fixes
Add timeout to run_local_server when waiting for response
Documentation
Update readme to point to current docs url
2.13.0 (2022-10-14)
Features
Adds new external account authorized user credentials
Implement pluggable auth interactive mode
Introduce the functionality to override token_uri in credentials
Bug Fixes
Adding one more pattern to relax the regex check for sts and impersonation url endpoints
2.12.0 (2022-09-26)
Features
Retry behavior
Bug Fixes
Modify RefreshError exception to use gcloud ADC command.
Revert "Update token refresh threshold from 20 seconds to 5 minutes".
1.5.0
BACKWARDS INCOMPATIBLE: Removed support for Python 2.7 and Python 3.5.
BACKWARDS INCOMPATIBLE: We no longer distribute manylinux1 wheels.
Added manylinux2014, manylinux_2_24, musllinux, and macOS universal2 wheels (the latter supports macOS arm64).
Update libsodium to 1.0.18-stable (July 25, 2021 release).
Add inline type hints.
What's new in Sudo 1.9.12
* Fixed a bug in the ptrace-based intercept mode where the current
working directory could include garbage at the end.
* Fixed a compilation error on systems that lack the stdint.h
header.
* Fixed a bug when logging the command's exit status in intercept
mode. The wrong command could be logged with the exit status.
* For ptrace-based intercept mode, sudo will now attempt to
verify that the command path name, arguments and environment
have not changed from the time when they were authorized by the
security policy. The new "intercept_verify" sudoers setting can
be used to control this behavior.
* Fixed running commands with a relative path (e.g. ./foo) in
intercept mode. Previously, this would fail if sudo's current
working directory was different from that of the command.
* Sudo now supports passing the execve(2) system call the NULL
pointer for the `argv` and/or `envp` arguments when in intercept
mode. Linux treats a NULL pointer like an empty array.
* The sudoers LDAP schema now allows sudoUser, sudoRunasUser and
sudoRunasGroup to include UTF-8 characters, not just 7-bit ASCII.
* Fixed a problem with "sudo -i" on SELinux when the target user's
home directory is not searchable by sudo.
* Neovim has been added to the list of visudo editors that support
passing the line number on the command line.
* Fixed a bug in sudo's SHA384 and SHA512 message digest padding.
* Added a new "-N" (--no-update) command line option to sudo which
can be used to prevent sudo from updating the user's cached
credentials. It is now possible to determine whether or not a
user's cached credentials are currently valid by running:
$ sudo -Nnv
and checking the exit value. One use case for this is to indicate
in a shell prompt that sudo is "active" for the user.
* PAM approval modules are no longer invoked when running sub-commands
in intercept mode unless the "intercept_authenticate" option is set.
There is a substantial performance penalty for calling into PAM
for each command run. PAM approval modules are still called for
the initial command.
* Intercept mode on Linux now uses process_vm_readv(2) and
process_vm_writev(2) if available.
* The XDG_CURRENT_DESKTOP environment variable is now preserved
by default. This makes it possible for graphical applications
to choose the correct theme when run via sudo.
* On 64-bit systems, if sudo fails to load a sudoers group plugin,
it will use system-specific heuristics to try to locate a 64-bit
version of the plugin.
* The cvtsudoers manual now documents the JSON and CSV output
formats.
* Fixed a bug where sub-commands were not being logged to a remote
log server when log_subcmds was enabled.
* The new log_stdin, log_stdout, log_stderr, log_ttyin, and log_ttyout
sudoers settings can be used to support more fine-grained I/O logging.
The sudo front-end no longer allocates a pseudo-terminal when running
a command if the I/O logging plugin requests logging of stdin, stdout,
or stderr but not terminal input/output.
* Quieted a libgcrypt run-time initialization warning.
* Fixed a bug in visudo that caused literal backslashes to be removed
from the EDITOR environment variable.
* The sudo Python plugin now implements the "find_spec" method instead
of the the deprecated "find_module". This fixes a test failure when
a newer version of setuptools that doesn't include "find_module" is
found on the system.
* Fixed a bug introduced in sudo 1.9.9 where sudo_logsrvd created
the process ID file, usually /var/run/sudo/sudo_logsrvd.pid, as
a directory instead of a plain file. The same bug could result
in I/O log directories that end in six or more X's being created
literally in addition to the name being used as a template for
the mkdtemp(3) function.
* Fixed a long-standing bug where a sudoers rule with a command
line argument of "", which indicates the command may be run with
no arguments, would also match a literal "" on the command line.
* Added the -I option to visudo which only edits the main sudoers
file. Include files are not edited unless a syntax error is found.
* Fixed "sudo -l -U otheruser" output when the runas list is empty.
Previously, sudo would list the invoking user instead of the
list user.
* Fixed the display of command tags and options in "sudo -l" output
when the RunAs user or group changes. A new line is started for
RunAs changes which means we need to display the command tags
and options again.
* The sesh helper program now uses getopt_long(3) to parse the
command line options.
* The embedded copy of zlib has been updated to version 1.2.13.
* Fixed a bug that prevented event log data from being sent to the
log server when I/O logging was not enabled. This only affected
systems without PAM or configurations where the pam_session and
pam_setcred options were disabled in the sudoers file.
* Fixed a bug where "sudo -l" output included a carriage return
after the newline. This is only needed when displaying to a
terminal in raw mode.
Noteworthy changes in version 2.2.40 (2022-10-10)
-------------------------------------------------
* gpg: Do not consider unknown public keys as non-compliant while
decrypting.
* gpg: Avoid to emit a compliance mode line if Libgcrypt is
non-compliant.
* gpg: In de-vs mode use AES-128 instead of 3-DES as implicit
preference.
* gpgsm: Fix reporting of bad passphrase error during PKCS-11
import.
* dirmngr: Fix CRL Distribution Point fallback to other schemes.
* dirmngr: New LDAP server flag "areconly" (A-record-only).
* dirmngr: Fix upload of multiple keys for an LDAP server specified
using the colon format.
* dirmngr: Use LDAP schema v2 when a Base DN is specified.
* wkd: New command --mirror for gpg-wks-client.
upstream changes:
-----------------
Version 1.0.12
o Fix building without calling configure first
Version 1.0.11
o Switch from using Travis to Github Actions as CI
o Fix compatibility with OTP24
upstream changes:
-----------------
Version 1.1.16
o Fix compilations on windows
o Reintroduce blocking of renegotions for Openssl < 1.1.0h
Version 1.1.15
o Fix compilation on pre c99 systems
Version 1.1.14
o Updating p1_utils to version 1.0.25.
o Improve compatibility with OpenSSL 3.0
o Improve compatiblity with LibreSSL >= 3.5
o Add 'keyfile', 'dh' and 'fips_mode' options
Version 1.1.13
o Updating p1_utils to version 1.0.23.
o Switch from using Travis to Github Actions as CI
upstream changes:
-----------------
Version 1.0.9
o Generate documentaion for hex.pm packages
o Update CA bundle
Version 1.0.8
o Switch from using Travis to Github Actions as CI
upstream changes:
-----------------
Version 1.0.20
o Updating yconf to version 1.0.14.
Version 1.0.19
o Updating yconf to version 1.0.13.
o Fix order in which dependencies are started
Version 1.0.18
o Updating jiffy to version 1.1.1 to support Mix compilation again
Version 1.0.17
o Updating jiffy to version 1.1.0 to support Erlang/OTP 25.0-rc1
o Copy code from eimp to use override_deps_versions only when not rebar3
Version 1.0.14
o Generate documentation when publishing to hex
o Updating jose to version 1.11.1.
Version 1.0.13
o Updating yconf to version 1.0.12.
o Switch from using Travis to Github Actions as CI
upstream changes:
-----------------
Version 0.6.11
o Generate documentation when generating hex.pm package
o Remove usage of deprecated crypto functions
o Improve errors reporting
Version 0.6.10
o Switch from using Travis to Github Actions as CI
Version 0.6.9
o Dialyzer: Update Response record definition: fields may be undefined
Version 1.1.0
This release contains breaking changes and security fixes.
Allow to pass claims_options to Framework OpenID Connect clients.
Fix .stream with context for HTTPX OAuth clients.
Fix Starlette OAuth client for cache store.
Breaking changes:
Raise InvalidGrantError for invalid code, redirect_uri and no user errors in OAuth 2.0 server.
The default authlib.jose.jwt would only work with JSON Web Signature algorithms, if you would like to use JWT with JWE algorithms, please pass the algorithms parameter:
jwt = JsonWebToken(['A128KW', 'A128GCM', 'DEF'])
Security fixes: CVE-2022-39175 and CVE-2022-39174, both related to JOSE.
Version 1.0.1
Fix authenticate_none method.
Allow to pass in alternative signing algorithm to RFC7523 authentication methods.
Fix missing_token for Flask OAuth client.
Allow openid in any place of the scope.
Security fix for validating essential value on blank value in JWT.
Version 1.0.0
We have dropped support for Python 2 in this release. We have removed built-in SQLAlchemy integration.
OAuth Client Changes:
The whole framework client integrations have been restructured, if you are using the client properly, e.g. oauth.register(...), it would work as before.
OAuth Provider Changes:
In Flask OAuth 2.0 provider, we have removed the deprecated OAUTH2_JWT_XXX configuration, instead, developers should define .get_jwt_config on OpenID extensions and grant types.
SQLAlchemy integrations has been removed from Authlib. Developers should define the database by themselves.
JOSE Changes
JWS has been renamed to JsonWebSignature
JWE has been renamed to JsonWebEncryption
JWK has been renamed to JsonWebKey
JWT has been renamed to JsonWebToken
The "Key" model has been re-designed, checkout the :ref:`jwk_guide` for updates.
Added ES256K algorithm for JWS and JWT.
The tarball was retracted due to a regression, to quote:
We have received a report of a significant regression in the latest
3.0.6 and 1.1.1r versions. The regression is not thought to have
security consequences. While the regression is further investigated we
have taken the decision to withdraw the 3.0.6 and 1.1.1r versions and
instead recommend that users remain on the previous 3.0.5 and 1.1.1q
versions for now.
We will issue a new plan for the release of 3.0.7 and 1.1.1s soon.
From https://mta.openssl.org/pipermail/openssl-announce/2022-October/000237.html
Major changes between OpenSSL 1.1.1q and OpenSSL 1.1.1r [11 Oct 2022]
o Added a missing header for memcmp that caused compilation failure on
some platforms
=========================
This release is focused on bug fixing.
Security
========
This release contains fixes for three minor memory safety problems.
None are believed to be exploitable, but we report most memory safety
problems as potential security vulnerabilities out of caution.
* ssh-keyscan(1): fix a one-byte overflow in SSH- banner processing.
Reported by Qualys
* ssh-keygen(1): double free() in error path of file hashing step in
signing/verify code; GHPR333
* ssh-keysign(8): double-free in error path introduced in openssh-8.9
Potentially-incompatible changes
--------------------------------
* The portable OpenSSH project now signs commits and release tags
using git's recent SSH signature support. The list of developer
signing keys is included in the repository as .git_allowed_signers
and is cross-signed using the PGP key that is still used to sign
release artifacts:
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
* ssh(1), sshd(8): SetEnv directives in ssh_config and sshd_config
are now first-match-wins to match other directives. Previously
if an environment variable was multiply specified the last set
value would have been used. bz3438
* ssh-keygen(8): ssh-keygen -A (generate all default host key types)
will no longer generate DSA keys, as these are insecure and have
not been used by default for some years.
New features
------------
* ssh(1), sshd(8): add a RequiredRSASize directive to set a minimum
RSA key length. Keys below this length will be ignored for user
authentication and for host authentication in sshd(8).
ssh(1) will terminate a connection if the server offers an RSA key
that falls below this limit, as the SSH protocol does not include
the ability to retry a failed key exchange.
* sftp-server(8): add a "users-groups-by-id@openssh.com" extension
request that allows the client to obtain user/group names that
correspond to a set of uids/gids.
* sftp(1): use "users-groups-by-id@openssh.com" sftp-server
extension (when available) to fill in user/group names for
directory listings.
* sftp-server(8): support the "home-directory" extension request
defined in draft-ietf-secsh-filexfer-extensions-00. This overlaps
a bit with the existing "expand-path@openssh.com", but some other
clients support it.
* ssh-keygen(1), sshd(8): allow certificate validity intervals,
sshsig verification times and authorized_keys expiry-time options
to accept dates in the UTC time zone in addition to the default
of interpreting them in the system time zone. YYYYMMDD and
YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed
with a 'Z' character.
Also allow certificate validity intervals to be specified in raw
seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This
is intended for use by regress tests and other tools that call
ssh-keygen as part of a CA workflow. bz3468
* sftp(1): allow arguments to the sftp -D option, e.g. sftp -D
"/usr/libexec/sftp-server -el debug3"
* ssh-keygen(1): allow the existing -U (use agent) flag to work
with "-Y sign" operations, where it will be interpreted to require
that the private keys is hosted in an agent; bz3429
Bugfixes
--------
* ssh-keygen(1): implement the "verify-required" certificate option.
This was already documented when support for user-verified FIDO
keys was added, but the ssh-keygen(1) code was missing.
* ssh-agent(1): hook up the restrict_websafe command-line flag;
previously the flag was accepted but never actually used.
* sftp(1): improve filename tab completions: never try to complete
names to non-existent commands, and better match the completion
type (local or remote filename) against the argument position
being completed.
* ssh-keygen(1), ssh(1), ssh-agent(1): several fixes to FIDO key
handling, especially relating to keys that request
user-verification. These should reduce the number of unnecessary
PIN prompts for keys that support intrinsic user verification.
GHPR302, GHPR329
* ssh-keygen(1): when enrolling a FIDO resident key, check if a
credential with matching application and user ID strings already
exists and, if so, prompt the user for confirmation before
overwriting the credential. GHPR329
* sshd(8): improve logging of errors when opening authorized_keys
files. bz2042
* ssh(1): avoid multiplexing operations that could cause SIGPIPE from
causing the client to exit early. bz3454
* ssh_config(5), sshd_config(5): clarify that the RekeyLimit
directive applies to both transmitted and received data. GHPR328
* ssh-keygen(1): avoid double fclose() in error path.
* sshd(8): log an error if pipe() fails while accepting a
connection. bz3447
* ssh(1), ssh-keygen(1): fix possible NULL deref when built without
FIDO support. bz3443
* ssh-keyscan(1): add missing *-sk types to ssh-keyscan manpage.
GHPR294.
* sshd(8): ensure that authentication passwords are cleared from
memory in error paths. GHPR286
* ssh(1), ssh-agent(1): avoid possibility of notifier code executing
kill(-1). GHPR286
* ssh_config(5): note that the ProxyJump directive also accepts the
same tokens as ProxyCommand. GHPR305.
* scp(1): do not not ftruncate(3) files early when in sftp mode. The
previous behaviour of unconditionally truncating the destination
file would cause "scp ~/foo localhost:foo" and the reverse
"scp localhost:foo ~/foo" to delete all the contents of their
destination. bz3431
* ssh-keygen(1): improve error message when 'ssh-keygen -Y sign' is
unable to load a private key; bz3429
* sftp(1), scp(1): when performing operations that glob(3) a remote
path, ensure that the implicit working directory used to construct
that path escapes glob(3) characters. This prevents glob characters
from being processed in places they shouldn't, e.g. "cd /tmp/a*/",
"get *.txt" should have the get operation treat the path "/tmp/a*"
literally and not attempt to expand it.
* ssh(1), sshd(8): be stricter in which characters will be accepted
in specifying a mask length; allow only 0-9. GHPR278
* ssh-keygen(1): avoid printing hash algorithm twice when dumping a
KRL
* ssh(1), sshd(8): continue running local I/O for open channels
during SSH transport rekeying. This should make ~-escapes work in
the client (e.g. to exit) if the connection happened to have
stalled during a rekey event.
* ssh(1), sshd(8): avoid potential poll() spin during rekeying
* Further hardening for sshbuf internals: disallow "reparenting" a
hierarchical sshbuf and zero the entire buffer if reallocation
fails. GHPR287
Portability
-----------
* ssh(1), ssh-keygen(1), sshd(8): automatically enable the built-in
FIDO security key support if libfido2 is found and usable, unless
--without-security-key-builtin was requested.
* ssh(1), ssh-keygen(1), sshd(8): many fixes to make the WinHello
FIDO device usable on Cygwin. The windows://hello FIDO device will
be automatically used by default on this platform unless requested
otherwise, or when probing resident FIDO credentials (an operation
not currently supported by WinHello).
* Portable OpenSSH: remove workarounds for obsolete and unsupported
versions of OpenSSL libcrypto. In particular, this release removes
fallback support for OpenSSL that lacks AES-CTR or AES-GCM.
Those AES cipher modes were added to OpenSSL prior to the minimum
version currently supported by OpenSSH, so this is not expected to
impact any currently supported configurations.
* sshd(8): fix SANDBOX_SECCOMP_FILTER_DEBUG on current Linux/glibc
* All: resync and clean up internal CSPRNG code.
* scp(1), sftp(1), sftp-server(8): avoid linking these programs with
unnecessary libraries. They are no longer linked against libz and
libcrypto. This may be of benefit to space constrained systems
using any of those components in isolation.
* sshd(8): add AUDIT_ARCH_PPC to supported seccomp sandbox
architectures.
* configure: remove special casing of crypt(). configure will no
longer search for crypt() in libcrypto, as it was removed from
there years ago. configure will now only search libc and libcrypt.
* configure: refuse to use OpenSSL 3.0.4 due to potential RCE in its
RSA implementation (CVE-2022-2274) on x86_64.
* All: request 1.1x API compatibility for OpenSSL >=3.x; GHPR#322
* ssh(1), ssh-keygen(1), sshd(8): fix a number of missing includes
required by the XMSS code on some platforms.
* sshd(8): cache timezone data in capsicum sandbox.
Noteworthy changes in version 1.6.2 (2022-10-07) [C22/A14/R2]
------------------------------------------------
* Fix integer overflow in the CRL parser.
Noteworthy changes in version 1.46 (2022-10-07) [C33/A33/R1]
-----------------------------------------------
* Support for bidirectional pipes under Windows. [T6112]
* REG_DWORD types are now support in the Windows Registry.
[rE745d333cf7]
* Added ES_SYSHD_SOCK support for gpgrt_sysopen under Windows.
[rE018ea46a30]
* Fixed gpgrt_log_get_fd for the file case. [T5922]
* Avoids header problem with C11 and "noreturn". [T4002]
* The gpg-error-config command is not installed by default, because
it is now replaced by use of pkg-config/gpgrt-config with
gpg-error.pc. Supply --enable-install-gpg-error-config configure
option, if it's really needed.
* Fixed support of posix-lock for FreeBSD. [rE6e17e70bb7]
* Build fixes for some Mingw tool chain versions. [T5890, T4656]
* Removed remaining support for WindowsCE. [T5912]
* Updated config.guess, config.sub, and config.rpath. [T6078]
* gpg-error-config is now only installed when enabled. [T5683]
* System paths are now stripped from --cflags --and --libs. [T6136]
The signify utility creates and verifies cryptographic signatures.
A signature verifies the integrity of a message
This version of signify is part of outils, a portable collection of
non-standard OpenBSD tools.
Certbot 1.31.0
Changed
If Certbot exits before setting up its usual log files, the temporary directory created to save logging information will begin with the name certbot-log- rather than a generic name. This should not be considered a stable aspect of Certbot and may change again in the future.
Fixed
Fixed an incompatibility in the certbot-dns-cloudflare plugin and the Cloudflare library
which was introduced in the Cloudflare library version 2.10.1. The library would raise
an error if a token was specified in the Certbot --dns-cloudflare-credentials file as
well as the cloudflare.cfg configuration file of the Cloudflare library.
Changes according to Changelog:
8.7.0 - August 7, 2022
- minor release, recompile of programs required
- expanded community input and support
* 81 unique contributors as of this release
- fix RSA key generation for small moduli
- fix AES-GCM with AESNI but without CLMUL
- fix Clang warning with C++17
- fix MinGW builds due to use of O_NOFOLLOW
- rework CFB_CipherTemplate::ProcessData and AdditiveCipherTemplate::ProcessData
* restored performance and avoided performance penalty of a temp buffer
- fix undersized SecBlock buffer in Integer bit operations
- work around several GCC 11 & 12 problems
8.6.0 - September 21, 2021
- minor release, recompile of programs required
- expanded community input and support
* 74 unique contributors as of this release
- fix ElGamal encryption
- fix ChaCha20 AVX2 implementation
- add octal and decimal literal prefix parsing to Integer
- add missing overload in ed25519Signer and ed25519Verifier
- make SHA-NI independent of AVX and AVX2
- fix OldRandomPool GenerateWord32
- use CPPFLAGS during feature testing
- fix compile on CentOS 5
- fix compile on FreeBSD
- fix feature testing on ARM A-32 and Aarch64
- enable inline ASM for CRC and PMULL on Apple M1
- fix Intel oneAPI compile
- rename test files with *.cpp extension
- fix GCC compile error due to missing _mm256_set_m128i
- add LSH-256 and LSH-512 hash functions
- add ECIES_P1363 for backwards compatibility
- fix AdditiveCipherTemplate<T> ProcessData
- remove CRYPTOPP_NO_CXX11 define
- add -fno-common for Darwin builds
- update documentation
8.5.0 - March 7, 2021
- minor release, no recompile of programs required
- expanded community input and support
* 70 unique contributors as of this release
- port to Apple M1 hardware
8.4.0 - January 2, 2021
- minor release, recompile of programs required
- expanded community input and support
* 67 unique contributors as of this release
- fix SIGILL on POWER8 when compiling with GCC 10
- fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup
- fix compile on AIX POWER7 with IBM XLC 12.01
- fix compile on Solaris with SunCC 12.6
- revert changes for constant-time elliptic curve algorithms
- fix makefile clean and distclean recipes
8.3.0 - December 20, 2020
- minor release, recompile of programs required
- expanded community input and support
* 66 unique contributors as of this release
- fix use of macro CRYPTOPP_ALIGN_DATA
- fix potential out-of-bounds read in ECDSA
- fix std::bad_alloc when using ByteQueue in pipeline
- fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang
- fix potential out-of-bounds read in GCM mode
- add configure.sh when preprocessor macros fail
- fix potential out-of-bounds read in SipHash
- fix compile error on POWER9 due to vec_xl_be
- fix K233 curve on POWER8
- add Cirrus CI testing
- fix broken encryption for some 64-bit ciphers
- fix Android cpu-features.c using C++ compiler
- disable RDRAND and RDSEED for some AMD processors
- fix BLAKE2 hash calculation using Salt and Personalization
- refresh Android and iOS build scripts
- add XTS mode
- fix circular dependency between misc.h and secblock.h
- add Certificate interface
- fix recursion in AES::Encryption without AESNI
- add missing OID for ElGamal encryption
- fix missing override in KeyDerivationFunction-derived classes
- fix RDSEED assemble under MSVC
- fix elliptic curve timing leaks (CVE-2019-14318)
- add link-library variable to Makefiles
- fix SIZE_MAX definition in misc.h
- add GetWord64 and PutWord64 to BufferedTransformation
- use HKDF in AutoSeededX917RNG::Reseed
- fix Asan finding in VMAC on i686 in inline asm
- fix undeclared identifier _mm_roti_epi64 on Gentoo
- fix ECIES and GetSymmetricKeyLength
- fix possible divide by zero in PKCS5_PBKDF2_HMAC
- refine ASN.1 encoders and decoders
- disable BMI2 code paths in Integer class
- fix use of CRYPTOPP_CLANG_VERSION
- add NEON SHA1, SHA256 and SHA512 from Cryptogams
- add ARM SHA1, SHA256 and SHA512 from Cryptogams
- make config.h more autoconf friendly
- handle Clang triplet armv8l-unknown-linux-gnueabihf
- fix reference binding to misaligned address in xed25519
- clear asserts in TestDataNameValuePairs
Changes since v5.5.0:
wolfSSL Release 5.5.1 (Sep 28, 2022) Latest
Vulnerabilities
* [Med] Denial of service attack and buffer overflow against TLS 1.3 servers
using session ticket resumption. When built with --enable-session-ticket and
making use of TLS 1.3 server code in wolfSSL, there is the possibility of a
malicious client to craft a malformed second ClientHello packet that causes
the server to crash. This issue is limited to when using both
--enable-session-ticket and TLS 1.3 on the server side. Users with TLS 1.3
servers, and having --enable-session-ticket, should update to the latest
version of wolfSSL. Thanks to Max at Trail of Bits for the report and
"LORIA, INRIA, France" for research on tlspuffin.
New Feature Additions
* Add support for non-blocking ECC key gen and shared secret gen for
P-256/384/521
* Add support for non-blocking ECDHE/ECDSA in TLS/DTLS layer.
* Port to NXP RT685 with FreeRTOS
* Add option to build post quantum Kyber API (--enable-kyber)
* Add post quantum algorithm sphincs to wolfCrypt
* Config. option to force no asm with SP build (--enable-sp=noasm)
* Allow post quantum keyshare for DTLS 1.3
Enhancements
* DTLSv1.3: Do HRR Cookie exchange by default
* Add wolfSSL_EVP_PKEY_new_CMAC_key to OpenSSL compatible API
* Update ide win10 build files to add missing sp source files
* Improve Workbench docs
* Improve EVP support for CHACHA20_POLY1305
* Improve wc_SetCustomExtension documentation
* RSA-PSS with OCSP and add simple OCSP response DER verify test case
* Clean up some FIPS versioning logic in configure.ac and WIN10 user_settings.h
* Don't over-allocate memory for DTLS fragments
* Add WOLFSSL_ATECC_TFLXTLS for Atmel port
* SHA-3 performance improvements with x86_64 assembly
* Add code to fallback to S/W if TSIP cannot handle
* Improves entropy with VxWorks
* Make time in milliseconds 64-bits for longer session ticket lives
* Support for setting cipher list with bytes
* wolfSSL_set1_curves_list(), wolfSSL_CTX_set1_curves_list() improvements
* Add to RSAES-OAEP key parsing for pkcs7
* Add missing DN nid to work with PrintName()
* SP int: default to 16 bit word size when NO_64BIT defined
* Limit the amount of fragments we store per a DTLS connection and error out
when max limit is reached
* Detect when certificate's RSA public key size is too big and fail on loading
of certificate
Fixes
* Fix for async with OCSP non-blocking in ProcessPeerCerts
* Fixes for building with 32-bit and socket size sign/unsigned mismatch
* Fix Windows CMakeList compiler options
* TLS 1.3 Middle-Box compat: fix missing brace
* Configuration consistency fixes for RSA keys and way to force disable of
private keys
* Fix for Aarch64 Mac M1 SP use
* Fix build errors and warnings for MSVC with DTLS 1.3
* Fix HMAC compat layer function for SHA-1
* Fix DTLS 1.3 do not negotiate ConnectionID in HelloRetryRequest
* Check return from call to wc_Time
* SP math: fix build configuration with opensslall
* Fix for async session tickets
* SP int mp_init_size fixes when SP_WORD_SIZE == 8
* Ed. function to make public key now checks for if the private key flag is set
* Fix HashRaw WC_SHA256_DIGEST_SIZE for wc_Sha256GetHash
* Fix for building with PSK only
* Set correct types in wolfSSL_sk_*_new functions
* Sanity check that size passed to mp_init_size() is no more than SP_INT_DIGITS
