3.03 Sun 18 Apr 2021 10:54:19 PM EDT
- Fixed bug which caused an extraneous block of garbage data to be appended to encrypted
string when "nopadding" specified and plaintext is even multiple of blocksize.
3.02
- CTR mode now requires the Math::Int128 module, which gives a ~5x performance
boost over Math::BigInt.
3.01
- Warn when the deprecated opensslv1 PBKDF (key derivation function) is used
for encryption. Turn off with -nodeprecate=>1 or by choosing a different
PBKDF, such as -pbkdf=>'pbkdf2'.
- Fix a regression when passing the legacy -salt=>1 argument.
3.00 Sun Feb 7 10:28:08 EST 2021
- Released version 3.00 in recognition of multiple new features
and cleanups.
2.37 Sun Feb 7 10:20:17 EST 2021
- Added better argument checking.
- Fixed long-standing standard padding bug: plaintext ending with
bytes between 0x00 and 0x0A would be truncated in some conditions.
- Fixed Rijndael_compat padding.
2.36 Wed 03 Feb 2021 09:19:06 AM EST
- Add support for OFB, CFB and CTR chain modes.
- New dependency: Math::BigInt
2.35 Sun Jan 31 22:02:42 EST 2021
- Add support for PBKDF2 key derivation algorithm
- New dependencies: Digest::SHA, Crypt::PBKDF2, Crypt::Cipher::AES
2.34 Fri Jan 29 18:08:12 EST 2021
- Support for openssl SHA-256 key derivation algorithm
PBKDF2 is a secure password hashing algorithm that uses the techniques
of "key strengthening" to make the complexity of a brute-force
attack arbitrarily high. PBKDF2 uses any other cryptographic hash
or cipher (by convention, usually HMAC-SHA1, but Crypt::PBKDF2 is
fully pluggable), and allows for an arbitrary number of iterations
of the hashing function, and a nearly unlimited output hash size
(up to 2**32 - 1 times the size of the output of the backend hash).
The hash is salted, as any password hash should be, and the salt
may also be of arbitrary size.
* Add Eq instance for Ctx
* Add start and startlazy producing Ctx
* Introduce new use-cbits cabal flag in order to add support for
FFI-less cryptohash-sha256-pure pass-thru
Version 1.5.5
* QUIC support #419#427#428#430#433#441
* Server ECDSA for P-256 #436
* Sort ciphersuites based on hardware-acceleration support #439
* Sending no_application_protocol #440
* Internal improvements #426#431
Version 1.5.4
* Restore interoperability with early Java 6 #422
* Test cleanups for timeout and async usage #416
0.28
* Add hash constant time capability
* Prevent possible overflow during hashing by hashing in 4GB chunks
0.27
* Optimise AES GCM and CCM
* Optimise P256R1 implementation
* Various AES-NI building improvements
* Add better ECDSA support
* Add XSalsa derive
* Implement square roots for ECC binary curve
* Various tests and benchmarks
gcc on solaris/illumos defines __STDC_VERSION__ in c++ mode where _Noreturn
does not exist.
This causes breakage when building c++17 programs that use openssl.
### Version 5.59, 2021.04.05, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 1.1.1k.
* New features
- Client-side "protocol = ldap" support (thx to Bart
Dopheide and Seth Grover).
* Bugfixes
- The test suite fixed not to require external connectivity.
- Fixed paths in generated manuals (thx to Tatsuki Makino).
- Fixed configuration reload when compression is used.
- Fixed compilation with early releases of OpenSSL 1.1.1.
Noteworthy changes in version 1.9.3 (2021-04-19)
------------------------------------------------
* Bug fixes:
- Fix build problems on i386 using gcc-4.7.
- Fix checksum calculation in OCB decryption for AES on s390.
- Fix a regression in gcry_mpi_ec_add related to certain usages of
curve 25519.
- Fix a symbol not found problem on Apple M1.
- Fix for Apple iOS getentropy peculiarity.
- Make keygrip computation work for compressed points.
* Performance:
- Add x86_64 VAES/AVX2 accelerated implementation of Camellia.
- Add x86_64 VAES/AVX2 accelerated implementation of AES.
- Add VPMSUMD acceleration for GCM mode on PPC.
* Internal changes.
- Harden MPI conditional code against EM leakage.
- Harden Elgamal by introducing exponent blinding.
- Fix memory leaks in the error code paths of EdDSA.
Changes:
3.11.13
-------
- Update user_guide.md
- Removed the previous CI/CD configuration
3.11.12
-------
- format: write characterization tests for parse.go
- Moved the DNS resolvers package to another repository
- Increased speed of the Google certificate transparency data source
- Addressing crash during cleanup issue #599
- Added the Security Weekly interview information
3.11.11
-------
- Improved data source service performance
- Addressing #519 by noticing expired contexts quickly
3.11.10
-------
- Support for the AMASS_CONFIG environment variable
Certbot 1.14.0
Changed
certbot-auto no longer checks for updates on any operating system.
The module acme.magic_typing is deprecated and will be removed in a future release.
Please use the built-in module typing instead.
The DigitalOcean plugin now creates TXT records for the DNS-01 challenge with a lower 30s TTL.
Fixed
Don't output an empty line for a hidden certificate when certbot certificates is being used
in combination with --cert-name or -d.
i would post a changelog, but loading the honeyd forum fails with this:
SQL ERROR [ mysql4 ]
Table './phpbb2/phpbb3_sessions' is marked as crashed and should be repaired [145]
An sql error occurred while fetching this page. Please contact an administrator if this problem persists.
This release is from 2007.
upstream has disappeared, this doesn't build with modern C++ compilers,
and i can't find any other packages from which to steal packages to fix
it in any other packaging systems.
development of this module appears to have been inactive upstream for
years so there's no support for modern openssl available.
the other packaging systems with a package for this are macports and
opensuse, neither of which have patches.
