Use ALTERNATIVES to handle different Python versions better.
0.14.0 - 2017-05-04
Added
- Python 3.3+ support for all Certbot packages. certbot-auto still
currently only supports Python 2, but the acme, certbot,
certbot-apache, and certbot-nginx packages on PyPI now fully support
Python 2.6, 2.7, and 3.3+.
- Certbot's Apache plugin now handles multiple virtual hosts per file.
- Lockfiles to prevent multiple versions of Certbot running
simultaneously.
Changed
- When converting an HTTP virtual host to HTTPS in Apache, Certbot
only copies the virtual host rather than the entire contents of the
file it's contained in.
- The Nginx plugin now includes SSL/TLS directives in a separate file
located in Certbot's configuration directory rather than copying the
contents of the file into every modified server block.
Fixed
- Ensure logging is configured before parts of Certbot attempt to log
any messages.
- Support for the --quiet flag in certbot-auto.
- Reverted a change made in a previous release to make the acme and
certbot packages always depend on argparse. This dependency is
conditional again on the user's Python version.
- Small bugs in the Nginx plugin such as properly handling empty
server blocks and setting server_names_hash_bucket_size during
challenges.
0.7.2 (May 8th, 2017)
BUG FIXES:
- audit: Fix auditing entries containing certain kinds of time values
0.7.1 (May 5th, 2017)
DEPRECATIONS/CHANGES:
- LDAP Auth Backend: Group membership queries will now run as the
binddn user when binddn/bindpass are configured, rather than as the
authenticating user as was the case previously.
FEATURES:
- AWS IAM Authentication
- MSSQL Physical Backend
- Lease Listing and Lookup
- TOTP Secret Backend
- Database Secret Backend & Secure Plugins (Beta)
IMPROVEMENTS:
- auth/cert: Support for constraints on subject Common Name and
DNS/email Subject Alternate Names in certificates
- auth/ldap: Use the binding credentials to search group membership
rather than the user credentials
- cli/revoke: Add -self option to allow revoking the currently active
token
- core: Randomize x coordinate in Shamir shares
- tidy: Improvements to auth/token/tidy and sys/leases/tidy to handle
more cleanup cases
- secret/pki: Add no_store option that allows certificates to be
issued without being stored. This removes the ability to look up
and/or add to a CRL but helps with scaling to very large numbers of
certificates.
- secret/pki: If used with a role parameter, the sign-verbatim/<role>
endpoint honors the values of generate_lease, no_store, ttl and
max_ttl from the given role
- secret/pki: Add role parameter allow_glob_domains that enables
defining names in allowed_domains containing * glob patterns
- secret/pki: Update certificate storage to not use characters that
are not supported on some filesystems
- storage/etcd3: Add discovery_srv option to query for SRV records to
find servers
- storage/s3: Support max_parallel option to limit concurrent
outstanding requests
- storage/s3: Use pooled transport for http client
- storage/swift: Allow domain values for V3 authentication
BUG FIXES:
- api: Respect a configured path in Vault's address
- auth/aws-ec2: New bounds added as criteria to allow role creation
- auth/ldap: Don't lowercase groups attached to users
- cli: Don't panic if vault write is used with the force flag but no
path
- core: Help operations should request forward since standbys may not
have appropriate info
- replication: Fix enabling secondaries when certain mounts already
existed on the primary
- secret/mssql: Update mssql driver to support queries with colons
- secret/pki: Don't lowercase O/OU values in certs
- secret/pki: Don't attempt to validate IP SANs if none are provided
- Added ``OpenSSL.X509Store.set_time()`` to set a custom verification time when verifying certificate chains.
- Added a collection of functions for working with OCSP stapling.
None of these functions make it possible to validate OCSP assertions, only to staple them into the handshake and to retrieve the stapled assertion if provided.
Users will need to write their own code to handle OCSP assertions.
We specifically added: ``Context.set_ocsp_server_callback``, ``Context.set_ocsp_client_callback``, and ``Connection.request_ocsp``.
- Changed the ``SSL`` module's memory allocation policy to avoid zeroing memory it allocates when unnecessary.
This reduces CPU usage and memory allocation time by an amount proportional to the size of the allocation.
For applications that process a lot of TLS data or that use very lage allocations this can provide considerable performance improvements.
- Automatically set ``SSL_CTX_set_ecdh_auto()`` on ``OpenSSL.SSL.Context``.
- Fix empty exceptions from ``OpenSSL.crypto.load_privatekey()``.
Added parser.peek()
Implemented proper support for BER-encoded indefinite length strings of all kinds - core.BitString, core.OctetString and all of the core classes that are natively represented as Python unicode strings
Fixed a bug with encoding LDAP URLs in x509.URI
Correct x509.DNSName to allow a leading ., such as when used with x509.NameConstraints
Fixed an issue with dumping the parsed contents of core.Any when explicitly tagged
Custom setup.py clean now accepts the short -a flag for compatibility
* Convert to use GTK 3 to fix build
Changelog:
These features are new in 0.69 (released 2017-04-29):
Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even the names we missed when we thought we'd fixed this in 0.68. See vuln-indirect-dll-hijack-2.
Windows PuTTY should work with MIT Kerberos again, after our DLL hijacking defences broke it.
Jump lists should now appear again on the PuTTY shortcut in the Windows Start Menu.
You can now explicitly configure SSH terminal mode settings not to be sent to the server, if your server objects to them.
We have released LibreSSL 2.5.4, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon. It includes the following
changes:
* Reverted a previous change that forced consistency between return
value and error code when specifing a certificate verification
callback, since this breaks the documented API. When a user supplied
callback always returns 1, and later code checks the error code to
potentially abort post verification, this will result in incorrect
successul certificate verification.
* Switched Linux getrandom() usage to non-blocking mode, continuing to
use fallback mechanims if unsuccessful. This works around a design
flaw in Linux getrandom(2) where early boot usage in a library makes
it impossible to recover if getrandom(2) is not yet initialized.
* Fixed a bug caused by the return value being set early to signal
successful DTLS cookie validation. This can mask a later failure and
result in a positive return value being returned from
ssl3_get_client_hello(), when it should return a negative value to
propagate the error.
* Fixed a build error on non-x86/x86_64 systems running Solaris.
We have released LibreSSL 2.5.3, based on OpenBSD 6.1, which will be the new
stable release series. LibreSSL 2.3.x support has also ended. LibreSSL 2.5.3
contains the following changes from the previous stable release.
* libtls now supports ALPN and SNI
* libtls adds a new callback interface for integrating custom IO functions.
Thanks to Tobias Pape.
* libtls now handles 4 cipher suite groups:
"secure" (TLSv1.2+AEAD+PFS)
"compat" (HIGH:!aNULL)
"legacy" (HIGH:MEDIUM:!aNULL)
"insecure" (ALL:!aNULL:!eNULL)
This allows for flexibility and finer grained control, rather than having
two extremes (an issue raised by Marko Kreen some time ago).
* Tightened error handling for tls_config_set_ciphers().
* libtls now always loads CA, key and certificate files at the time the
configuration function is called. This simplifies code and results in a single
memory based code path being used to provide data to libssl.
* Added support for OCSP intermediate certificates.
* Added functions used by stunnel and exim from BoringSSL - this brings in
X509_check_host, X509_check_email, X509_check_ip, and X509_check_ip_asc.
* Added initial support for iOS, thanks to Jacob Berkman.
* Improved behavior of arc4random on Windows when using memory leak analysis
software.
* Correctly handle an EOF that occurs prior to the TLS handshake completing.
Reported by Vasily Kolobkov, based on a diff from Marko Kreen.
* Limit the support of the "backward compatible" ssl2 handshake to only be
used if TLS 1.0 is enabled.
* Fix incorrect results in certain cases on 64-bit systems when BN_mod_word()
can return incorrect results. BN_mod_word() now can return an error condition.
Thanks to Brian Smith.
* Added constant-time updates to address CVE-2016-0702
* Fixed undefined behavior in BN_GF2m_mod_arr()
* Removed unused Cryptographic Message Support (CMS)
* More conversions of long long idioms to time_t
* Improved compatibility by avoiding printing NULL strings with printf.
* Reverted change that cleans up the EVP cipher context in EVP_EncryptFinal()
and EVP_DecryptFinal(). Some software relies on the previous behaviour.
* Avoid unbounded memory growth in libssl, which can be triggered by a TLS
client repeatedly renegotiating and sending OCSP Status Request TLS extensions.
* Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
* X509_cmp_time() now passes a malformed GeneralizedTime field as an error.
Reported by Theofilos Petsios.
* Detect zero-length encrypted session data early, instead of when malloc(0)
fails or the HMAC check fails. Noted independently by jsing@ and Kurt Cancemi.
* Check for and handle failure of HMAC_{Update,Final} or EVP_DecryptUpdate().
* Massive update and normalization of manpages, conversion to mandoc format.
Many pages were rewritten for clarity and accuracy. Portable doc links are
up-to-date with a new conversion tool.
* Curve25519 Key Exchange support.
* Support for alternate chains for certificate verification.
* Code cleanups, CBB conversions, further unification of DTLS/SSL handshake
code, further ASN1 macro expansion and removal.
* Private symbols are now hidden in libssl and libcrypto.
* Friendly certificate verification error messages in libtls, peer
verification is now always enabled.
* Added OCSP stapling support to libtls and nc.
* Added ocspcheck utility to validate a certificate against its OCSP responder
and save the reply for stapling
* Enhanced regression tests and error handling for libtls.
* Added explicit constant and non-constant time BN functions, defaulting to
constant time wherever possible.
* Moved many leaked implementation details in public structs behind opaque
pointers.
* Added ticket support to libtls.
* Added support for setting the supported EC curves via
SSL{_CTX}_set1_groups{_list}() - also provide defines for the previous
SSL{_CTX}_set1_curves{_list} names. This also changes the default list of
curves to be X25519, P-256 and P-384. All other curves must be manually
enabled.
* Added -groups option to openssl(1) s_client for specifying the curves to be
used in a colon-separated list.
* Merged client/server version negotiation code paths into one, reducing much
duplicate code.
* Removed error function codes from libssl and libcrypto.
* Fixed an issue where a truncated packet could crash via an OOB read.
* Added SSL_OP_NO_CLIENT_RENEGOTIATION option that disallows client-initiated
renegotiation. This is the default for libtls servers.
* Avoid a side-channel cache-timing attack that can leak the ECDSA private
keys when signing. This is due to BN_mod_inverse() being used without the
constant time flag being set. Reported by Cesar Pereida Garcia and Billy
Brumley (Tampere University of Technology). The fix was developed by Cesar
Pereida Garcia.
* iOS and MacOS compatibility updates from Simone Basso and Jacob Berkman.
* Added the recallocarray(3) memory allocation function, and converted various
places in the library to use it, such as CBB and BUF_MEM_grow. recallocarray(3)
is similar to reallocarray. Newly allocated memory is cleared similar to
calloc(3). Memory that becomes unallocated while shrinking or moving existing
allocations is explicitly discarded by unmapping or clearing to 0.
* Added new root CAs from SECOM Trust Systems / Security Communication of Japan.
* Added EVP interface for MD5+SHA1 hashes.
* Fixed DTLS client failures when the server sends a certificate request.
* Correct handling of padding when upgrading an SSLv2 challenge into an
SSLv3/TLS connection.
* Allow protocols and ciphers to be set on a TLS config object in libtls.
* Improved nc(1) TLS handshake CPU usage and server-side error reporting.
* Add a constant time version of BN_gcd and use it default for BN_gcd to avoid
the possibility of sidechannel timing attacks against RSA private key
generation - Thanks to Alejandro Cabrera
We have released LibreSSL 2.5.2, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon. It includes the following
changes:
* Added the recallocarray(3) memory allocation function, and converted
various places in the library to use it, such as CBB and BUF_MEM_grow.
recallocarray(3) is similar to reallocarray. Newly allocated memory
is cleared similar to calloc(3). Memory that becomes unallocated
while shrinking or moving existing allocations is explicitly
discarded by unmapping or clearing to 0.
* Added new root CAs from SECOM Trust Systems / Security Communication
of Japan.
* Added EVP interface for MD5+SHA1 hashes.
* Fixed DTLS client failures when the server sends a certificate
request.
* Correct handling of padding when upgrading an SSLv2 challenge into
an SSLv3/TLS connection.
* Allow protocols and ciphers to be set on a TLS config object in
libtls.
* Improved nc(1) TLS handshake CPU usage and server-side error
reporting.
The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this
release possible.
Significant changes since 1.2.0:
* A new -v option instructs scrypt to print the key derivation parameters
it has selected.
* A new --version option prints the version number of the scrypt utility.
* A new -P option make scrypt read the passphrase from standard input; this
is designed for scripts which pipe a passphrase in from elsewhere.
* A new -f option makes 'scrypt dec' ignore the amount of memory or CPU time
it thinks decrypting a file will take, and proceed anyway; this may be useful
in cases where scrypt's estimation is wrong.
* The '-M maxmem' option now accepts "humanized" inputs, e.g., "-M 1GB".
There are also a variety of less visible changes: Performance improvements
in the SHA256 routines, minor bug and compiler warning fixes, the addition
of a test suite, and some minor code reorganization.
Requests is an HTTP library, written in Python, for human beings. This
library adds optional Kerberos/GSSAPI authentication support and supports
mutual authentication.
Based on PR 52165 by Jonathan Schleifer.
Noteworthy changes in version 2.1.20 (2017-04-03)
-------------------------------------------------
* gpg: New properties 'expired', 'revoked', and 'disbaled' for the
import and export filters.
* gpg: New command --quick-set-primary-uid.
* gpg: New compliance field for the --with-colon key listing.
* gpg: Changed the key parser to generalize the processing of local
meta data packets.
* gpg: Fixed assertion failure in the TOFU trust model.
* gpg: Fixed exporting of zero length user ID packets.
* scd: Improved support for multiple readers.
* scd: Fixed timeout handling for key generation.
* agent: New option --enable-extended-key-format.
* dirmngr: Do not add a keyserver to a new dirmngr.conf. Dirmngr
uses a default keyserver.
* dimngr: Do not treat TLS warning alerts as severe error when
building with GNUTLS.
* dirmngr: Actually take /etc/hosts in account.
* wks: Fixed client problems on Windows. Published keys are now set
to world-readable.
* tests: Fixed creation of temporary directories.
* A socket directory for a non standard GNUGHOME is now created on
the fly under /run/user. Thus "gpgconf --create-socketdir" is now
optional. The use of "gpgconf --remove-socketdir" to clean up
obsolete socket directories is however recommended to avoid
cluttering /run/user with useless directories.
* Fixed build problems on some platforms.
Noteworthy changes in version 2.1.19 (2017-03-01)
-------------------------------------------------
* gpg: Print a warning if Tor mode is requested but the Tor daemon
is not running.
* gpg: New status code DECRYPTION_KEY to print the actual private
key used for decryption.
* gpgv: New options --log-file and --debug.
* gpg-agent: Revamp the prompts to ask for card PINs.
* scd: Support for multiple card readers.
* scd: Removed option --debug-disable-ticker. Ticker is used
only when it is required to watch removal of device/card.
* scd: Improved detection of card inserting and removal.
* dirmngr: New option --disable-ipv4.
* dirmngr: New option --no-use-tor to explicitly disable the use of
Tor.
* dirmngr: The option --allow-version-check is now required even if
the option --use-tor is also used.
* dirmngr: Handle a missing nsswitch.conf gracefully.
* dirmngr: Avoid PTR lookups for keyserver pools. The are only done
for the debug command "keyserver --hosttable".
* dirmngr: Rework the internal certificate cache to support classes
of certificates. Load system provided certificates on startup.
Add options --tls, --no-crl, and --systrust to the "VALIDATE"
command.
* dirmngr: Add support for the ntbtls library.
* wks: Create mails with a "WKS-Phase" header. Fix detection of
Draft-2 mode.
* The Windows installer is now build with limited TLS support.
* Many other bug fixes and new regression tests.
See-also: gnupg-announce/2017q1/000402.html
Some of the more important changes:
- Fix incorrect truncation in Bcrypt. Passwords in length between 56 and
72 characters were truncated at 56 characters. Found and reported by
Solar Designer. (CVE-2017-7252) (GH #938)
- Fix a bug in X509 DN string comparisons that could result in out of
bound reads. This could result in information leakage, denial of
service, or potentially incorrect certificate validation results.
Found independently by Cisco Talos team and OSS-Fuzz. (CVE-2017-2801)
- Correct minimum work factor for Bcrypt password hashes. All other
implementations require the work factor be at least 4. Previously
Botan simply required it be greater than zero. (GH #938)
- Converge on a single side channel silent EC blinded multiply
algorithm. Uses Montgomery ladder with order/2 bits scalar blinding
and point randomization now by default. (GH #893)
- Add ability to search for certificates using the SHA-256 of the
distinguished name. (GH #900)
- Support a 0-length IV in ChaCha stream cipher. Such an IV is treated
identically to an 8-byte IV of all zeros.
- Previously Botan forbid any use of times past 2037 to avoid Y2038
issues. Now this restriction is only in place on systems which have a
32-bit time_t. (GH #933 fixing #917)
- Fix a longstanding bug in modular exponentiation which caused most
exponentiations modulo an even number to have an incorrect result;
such moduli occur only rarely in cryptographic contexts. (GH #754)
- Fix a bug in BigInt multiply operation, introduced in 1.11.30, which
could cause incorrect results. Found by OSS-Fuzz fuzzing the ressol
function, where the bug manifested as an incorrect modular
exponentiation. OSS-Fuzz bug #287
- Fix a bug that meant the “ietf/modp/6144” and “ietf/modp/8192”
discrete log groups used an incorrect value for the generator,
specifically the value (p-1)/2 was used instead of the correct value
of 2.
- DL_Group strong generation previously set the generator to 2. However
sometimes 2 generates the entire group mod p, rather than the subgroup
mod q. This is invalid by X9.42 standard, and exposes incautious
applications to small subgroup attacks. Now DL_Group uses the smallest
g which is a quadratic residue. (GH #818)
- The default TLS policy now requires 2048 or larger DH groups by
default.
- The default Path_Validation_Restrictions constructor has changed to
require at least 110 bit signature strength. This means 1024 bit RSA
certificates and also SHA-1 certificates are rejected by default. Both
settings were already the default for certificate validation in TLS
handshake, but this changes it for applications also.
- Fix integer overflow during BER decoding, found by Falko Strenzke.
This bug is not thought to be directly exploitable but upgrading ASAP
is advised. (CVE-2016-9132)
- Add post-quantum signature scheme XMSS. Provides either 128 or 256 bit
(post-quantum) security, with small public and private keys, fast
verification, and reasonably small signatures (2500 bytes for 128-bit
security). Signature generation is very slow, on the order of seconds.
And very importantly the signature scheme is stateful: each leaf index
must only be used once, or all security is lost. In the appropriate
system where signatures are rarely generated (such as code signing)
XMSS makes an excellent choice. (GH #717#736)
- Add support for client-side OCSP stapling to TLS. (GH #738)
- Previously both public and private keys performed automatic self
testing after generation or loading. However this often caused
unexpected application performance problems, and so has been removed.
Instead applications must call check_key explicitly. (GH #704)
- Fix TLS session resumption bugs which caused resumption failures if an
application used a single session cache for both TLS and DTLS. (GH
#688)
- The default TLS policy now disables static RSA ciphersuites, all DSA
ciphersuites, and the AES CCM-8 ciphersuites. Disabling static RSA by
default protects servers from oracle attacks, as well as enforcing a
forward secure ciphersuite. Some applications may be forced to
re-enable RSA for interop reasons. DSA and CCM-8 are rarely used, and
likely should not be negotiated outside of special circumstances.
- The default TLS policy now prefers ChaCha20Poly1305 cipher over any
AES mode.
- The default TLS policy now orders ECC curve preferences in order by
performance, with x25519 first, then P-256, then P-521, then the rest.
Fix a bug in X509 DN string comparisons that could result in out of
bound reads. This could result in information leakage, denial of
service, or potentially incorrect certificate validation results.
(CVE-2017-2801)
Avoid throwing during a destructor since this is undefined in
C++11 and rarely a good idea. (GH #930)
Fix a bug causing modular exponentiations done modulo even numbers
to almost always be incorrect, unless the values were small. This
bug is not known to affect any cryptographic operation in Botan. (GH
#754)
Avoid use of C++11 std::to_string in some code added in 1.10.14
(GH #747#834)
Fix integer overflow during BER decoding, found by Falko Strenzke.
This bug is not thought to be directly exploitable but upgrading ASAP
is advised. (CVE-2016-9132)
Fix two cases where (in error situations) an exception would be thrown
from a destructor, causing a call to std::terminate.
When RC4 is disabled in the build, also prevent it from being included
in the OpenSSL provider. (GH #638)
- Wheel distribution format now supported
- Fix to misspelled rfc2459.id_at_sutname variable
- Fix to misspelled rfc2459.NameConstraints component tag ID
- Fix to misspelled rfc2459.GeneralSubtree component default status
-----------------------------------
- Improved SEQUENCE/SET/CHOICE decoding performance by maintaining a single shared
NamedType object for all instances of SEQUENCE/SET object.
- Improved INTEGER encoding/decoding by switching to Python's built-in
integer serialization functions.
- Improved BitString performance by rebasing it onto Python int type and leveraging
fast Integer serialization functions.
- BitString type usability improved in many ways: for example bitshifting and
numeric operation on BitString is now possible.
- Minor ObjectIdentifier type performance optimization.
- ASN.1 character types refactored to keep unicode contents internally
(rather than serialized octet stream) and duck-type it directly.
- ASN.1 OctetString initialized from a Python object performs bytes()
on it when running on Python 3 (used to do str() which is probably
less logical).
- Missing support for NoValue.__sizeof__ added.
- Added checks to make sure SEQUENCE/SET components being assigned
match the prototypes.
- Setter methods for constructed types consistently accept matchTags
and matchConstraints flags to control the strictness of inner
components compatibility verification. Previously, these checks
were tied to verifyConstraints flag, now they are all independent.
- General documentation improvements here and there.
- Fix to __reversed__() magic to make it returning an iterator.
- Test suite simplified and unified.
- The __all__ variable added to most of the Python modules.
- The "test" directory renamed into "tests" not to collide with
the "test" module.
--------------------------------------
2.09 2016.10.26
- Fix creation of keys in ecdsa, ed25519 key classes
- Update eg/pssh-keygen to create ecdsa, ed25519 keys
- Handle hostkeys-00@openssh.com global requests
- Add support for 'CheckHostIP' and 'UpdateHostKeys' config options
- Refactor handling of '+' syntax in options
- Key fingerprints now output sha256-base64 by default.
(md5 can be specified with FingerprintHash config option)
- Add id_ed25519, id_ecdsa to default identity files
- Documentation updates in Perl.pm to reflect new functionality in 2.XX
2.08 2016.10.14
- Use sha512 instead of md5 in Net::SSH::Perl::Cipher->new_from_key_str()
to provide ChachaPoly with enough key material
Tests in t/05-cipher.t should now pass on all platforms [ CPAN bug #114077 ]
- Add AES128_CBC to cipher tests
- Info on using features not enabled by default added to README
2.07 2016.10.13
- Fix blowfish compilation on SunOS [CPAN bug #116323]
- Fix bug in Packet [CPAN bug #118335]
- Add support for '+' syntax in MACs option
- Remove hmac-sha1 from default MACs. It can re-enabled
by passing the option: 'MACs +hmac-sha1'
2.06 2016.10.04
- Add support for additional fixed Diffie-Hellman 2K, 4K and 8K groups
from OpenSSH 7.3 (draft-ietf-curdle-ssh-kex-sha2-03)
- Kex defaults now updated to draft-ietf-curdle-ssh-kex-sha2-03
recommendations (diffie-hellman-group-exchange-sha1 removed)
It can re-enabled by passing the option:
'KexAlgorithms +diffie-hellman-group-exchange-sha1'
2.05 2016.10.03
- Add support for '+' syntax in Ciphers, KexAlgorithms, HostKeyAlgorithms
options as in OpenSSH
2.04 2016.05.11
- Add ECDSA key support
- Improve extract_public() in Key.pm inspired by
https://github.com/renormalist/Net-SSH-Perl/pull/12
but implement comment with backwards compat with RSA/DSA datafellows
- Fix XS from being loaded more than once (warnings from Net::SFTP)
2.03 2016.05.06
- Fixes so that "make test" passes
2.02 2016.05.04
- Use CryptX to further reduce module depedencies
This eliminates the need for:
Math::Pari
Crypt::DH
Crypt::RSA
Crypt::DSA
Crypt::DES
Crypt::Blowfish
MIME::Base64
- Add support for rsa-sha2-512,rsa-sha2-256 signing with RSA keys
- Implement HashKnownHosts, KexAlgorithms, MACs config directives
- Add XS code for Chacha20, BSD Blowfish, Ed25519 routines
- Properly handle and create known_hosts entries when port is specified
- Remove obsolete ciphers, MACs, Kex from default list to duplicate
upcoming OpenSSH behavior
- Bug fixes
2.01 2016.02.19
- Use CryptX to reduce module depedencies
This eliminates the need for:
BSD::arc4random
Digest::MD5
Digest::SHA
Digest::HMAC_MD5
Crypt::OpenSSL::AES
2.00 2015.12.07
- Add Chacha20-Poly1305 cipher support for best security
(Requires Crypt::OpenSSH::ChachaPoly, see README)
- Add AES Cipher support in CTR mode (CBC mode supported in Ed25519
keys only)
- Add Group Exchange (RFC4523) Diffie-Hellman Key Exchange
- Add Curve25519 (curve25519-sha256@libssh.org) Key Exchange support
(Requires Crypt::Curve25519)
- Add hmac-sha2-256,hmac-sha2-512 MAC support
- Add hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
Encrypt-then-MAC (ETM) MAC support
- Use BSD::arc4random for encrypted packet padding
- Add support for Ed25519 ssh/host keys (Requires Crypt::Ed25519)
Encrypted Ed25519 key support requires Crypt::OpenBSD::Blowfish
(See README for info)
- Default ciphers order is now chacha,aes,3des,blowfish,arcfour
- Default KEX order is now Curve25519, DHGEXSHA256, DHGEXSHA1, DH14, DH1
- Default MAC order is now hmac-sha2-512-etm@openssh.com,
hmac-sha2-256-etm@openssh.com, sha2-512, sha2-256, sha1, md5
- SSH Keys can now be in DOS format (no need to remove CR/LF)
- SOCKS proxy support via sub class Net::SSH:Perl::Proxy
- Now does not abort due to OpenSSH 6.8+ server
SSH2_MSG_GLOBAL_REQUEST messages for host key rotation
(pkgsrc changes)
- Adjust DEPENDS base upon above note (p5-CryptX related)
0.13.0 - 2017-04-06
Added
- --debug-challenges pauses Certbot after setting up challenges for
debugging.
- The Nginx parser can handle all valid directives in configuration
files.
- Nginx ciphersuites changed to Mozilla Intermediate.
- certbot-auto --no-bootstrap won't install OS dependencies.
Fixed
- --register-unsafely-without-email respects --quiet.
- Hyphenated renewalparams are now saved in renewal config files.
- --dry-run no longer persists keys and csrs.
- No longer hangs when trying to start Nginx in Arch Linux.
- Apache rewrite rules no longer double-encode characters.
0.12.0 - 2017-03-02
Added
- Allow non-camelcase Apache VirtualHost names
- Allow more log messages to be silenced
Fixed
- Fix a regression around using --cert-name when getting new
certificates
----------------------------------
2015-11-19 author <author@debian>
* README: Release 1.4.14
* PCSC.xs: Update copyright date
* PCSC.xs: _StringifyError(): cast Error in a (DWORD)
On Mac OS X El Capitan (at least) the value is extended to 64 bits and
is then wrong.
We get 0xFFFFFFFF80100068 instead of 0x80100068 and all the error codes
are all converted to the default error: "Unknown (reader specific ?) error..."
---------------------------------------------
changes from 0.07 to 0.08
=========================
* updated Makefile.PL to reflect changes in default @INC handling v5.25+.
* fleshed README with documentation
* added README.md for GitHub
* updated to 'Nil' license
---------------------------------------------
0.26 2015-12-08 Mike McCauley
- pass CFLAGS and CPPFLAGS explicitly in the subdirectory to get all
hardening flags, Patch from Florian Schlichting.
2.0.2 (2017-03-19)
------------------
* Dropped support for Python 2.6, 3.2 & 3.3.
* (FIX) `OpenIDConnector` will no longer raise an AttributeError when calling `openid_authorization_validator()` twice.
1.81
Patch from Alexander Bluhm to enable RSA_get_key_parameters with
LibreSSL. Again.
Fixed memory leak in X509_get_subjectAltNames. Reported and patched by Jim Westfall.
Added . to lib path in Makefile.PL to accommodate people who are using a perl with -Ddefault_inc_excludes_dot.
Fixed build failure if engine support not present. Patch from Paul Green.
Improvements to get_my_thread_id to work around possibility of ERRSV not being defined eg on OpenWRT.
BearSSL is an implementation of the SSL/TLS protocol (RFC 5246)
written in C. It aims at offering the following features:
* Be correct and secure. In particular, insecure protocol versions
and choices of algorithms are not supported, by design;
cryptographic algorithm implementations are constant-time by
default.
* Be small, both in RAM and code footprint. For instance, a minimal
server implementation may fit in about 20 kilobytes of compiled
code and 25 kilobytes of RAM.
* Be highly portable. BearSSL targets not only "big" operating
systems like Linux and Windows, but also small embedded systems
and even special contexts like bootstrap code.
* Be feature-rich and extensible. SSL/TLS has many defined cipher
suites and extensions; BearSSL should implement most of them,
and allow extra algorithm implementations to be added afterwards,
possibly from third parties.
bearssl is considered alpha-quality software, which means that it
runs but it probably has bugs, some of which being certainly
exploitable vulnerabilities.
A library was removed; recursive bump will follow soon.
Noteworthy changes in version 1.8.0 (2016-11-16)
------------------------------------------------
* The module of the Python bindings has been renamed to 'gpg'.
* New interface to query current software versions.
* New feature to use gpg's --{show,override}session-key options.
* New interface to set the sender of a mail.
* qt: Added Distinguished Name parser from libkleo
* The --homedir option is now used with recent gpgconf versions.
* On 64 bit Windows systems gpgconf is now properly located.
* The internal locking functions have been replaced by libgpg-error
locking functions.
* Interface changes relative to the 1.7.1 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme_set_sender NEW.
gpgme_get_sender NEW.
gpgme_op_query_swdb NEW.
gpgme_op_query_swdb_result NEW.
gpgme_query_swdb_result_t NEW.
gpgme_get_ctx_flag NEW.
gpgme_decrypt_result_t EXTENDED: New field session_key.
qt: DN NEW.
qt: DN::Attribute NEW.
qt: Job::context(Job*) NEW.
cpp: EngineInfo::Version::Version(const char*) NEW.
cpp: EngineInfo::Version::Version() NEW.
cpp: SwdbResult NEW.
cpp: Context::setSender(const char*) NEW.
cpp: Context::getSender() NEW.
[c=C28/A17/R0 cpp=C9/A3/R0 qt=C8/A1/R0]
Noteworthy changes in version 1.7.1 (2016-10-18)
------------------------------------------------
* Fixed problems with the new language bindings.
* New helper function gpgme_addrspec_from_uid.
* Use option --exit-on-status-write-error with newer gpg versions.
* qt: Missed API from the Qt Binding inclusion has
been added again.
* qt: abstractimportjob.h is now installed to that
ImportJobs can be used again.
* qt: Fixed spelling error in API (startReceive).
* Interface changes relative to the 1.7.0 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme_addrspec_from_uid NEW.
qt: WksPublishJob::startRecieve RENAMED to ::startReceive.
qt: MultiDeleteJob NEW.
qt: AbstractImportJob NEW.
qt: SpecialJob NEW.
cpp: Signature::key(bool, bool) NEW.
cpp: UserID::addrSpecFromString(const char*) NEW.
cpp: UserID::addrSpec() NEW.
[c=C27/A16/R0 cpp=C8/A2/R0 qt=C7/A0/R0]
Noteworthy changes in version 1.7.0 (2016-09-21)
------------------------------------------------
* New language bindings for Python 2 and 3.
* New language Bindings for C++ and the Qt-Framework API.
* New functions gpgme_op_createkey and gpgme_op_createsubkey to make
key creation easier (requires GnuPG 2.1).
* New functions gpgme_op_adduid and gpgme_op_revuid to make user id
management easier (requires GnuPG 2.1).
* New function gpgme_op_keysign to make key signing easier (requires
GnuPG 2.1).
* New function gpgme_op_interact to replace the now deprecated
functions gpgme_op_edit and gpgme_op_card_edit.
* New function gpgme_pubkey_algo_string to convert a public key
algorithm into a GnuPG 2.1 style string.
* Support for GnuPG 2.1's TOFU trust model.
* Notation flags are now correctly set on verify.
* New global flag "require-gnupg" to set a minimal gnupg version.
* More supported items in gpgme_get_dirinfo.
* New function gpgme_data_set_flag and flag "size-hint".
* New function gpgme_set_ctx_flag and flags "full-status" and
"raw-description".
* Improved gpgme_data_identify to distinguish more file types.
* New flag GPGME_ENCRYPT_SYMMETRIC for gpgme_op_encrypt to allow
mixed public key and symmetric encryption.
* New field KEYGRIP in gpgme_subkey_t. New fields FPR in gpgme_key_t.
* New flag GPGME_DATA_ENCODING_MIME to declare that the encrypted or
signed data is a valid MIME part. This is to support future GnuPG
versions.
* Interface changes relative to the 1.6.0 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme_pubkey_algo_string NEW.
GPGME_PK_EDDSA NEW.
gpgme_set_ctx_flag NEW.
gpgme_data_set_flag NEW.
gpgme_op_createkey NEW.
gpgme_op_createkey_start NEW.
gpgme_op_createsubkey NEW.
gpgme_op_createsubkey_start NEW.
gpgme_op_adduid_start NEW.
gpgme_op_adduid NEW.
gpgme_op_revuid_start NEW.
gpgme_op_revuid NEW.
gpgme_op_keysign_start NEW.
gpgme_op_keysign NEW.
gpgme_op_tofu_policy_start NEW.
gpgme_op_tofu_policy NEW.
gpgme_op_interact_start NEW.
gpgme_op_interact NEW.
gpgme_interact_cb_t NEW.
gpgme_op_edit_start DEPRECATED.
gpgme_op_edit DEPRECATED.
gpgme_op_card_edit_start DEPRECATED.
gpgme_op_card_edit DEPRECATED.
gpgme_edit_cb_t DEPRECATED.
gpgme_status_code_t DEPRECATED.
gpgme_genkey_result_t EXTENDED: New fields pubkey and seckey.
gpgme_signature_t EXTENDED: New field key.
gpgme_key_t EXTENDED: New field fpr.
gpgme_subkey_t EXTENDED: New field keygrip.
gpgme_user_id_t EXTENDED: New field tofu.
gpgme_tofu_policy_t NEW.
gpgme_tofu_info_t NEW.
GPGME_STATUS_KEY_CONSIDERED NEW.
GPGME_STATUS_TOFU_USER NEW.
GPGME_STATUS_TOFU_STATS NEW.
GPGME_STATUS_TOFU_STATS_LONG NEW.
GPGME_STATUS_NOTATION_FLAGS NEW.
GPGME_KEYLIST_MODE_WITH_TOFU NEW.
GPGME_DATA_TYPE_PGP_ENCRYPTED NEW.
GPGME_DATA_TYPE_PGP_SIGNATURE NEW.
GPGME_DATA_ENCODING_MIME NEW.
GPGME_ENCRYPT_SYMMETRIC NEW.
GPGME_CREATE_SIGN NEW.
GPGME_CREATE_ENCR NEW.
GPGME_CREATE_CERT NEW.
GPGME_CREATE_AUTH NEW.
GPGME_CREATE_NOPASSWD NEW.
GPGME_CREATE_SELFSIGNED NEW.
GPGME_CREATE_NOSTORE NEW.
GPGME_CREATE_WANTPUB NEW.
GPGME_CREATE_WANTSEC NEW.
GPGME_CREATE_FORCE NEW.
GPGME_KEYSIGN_LOCAL NEW.
GPGME_KEYSIGN_LFSEP NEW.
GPGME_INTERACT_CARD NEW.
- coveralls:convert_file is not 4 arg function
- Resolve vars.config relative to SCRIPT
- Comment debug line
- Fix a couple typos in the README's macOS/OS X section
- Small typo fix on readme
- Deprecate hash functions in favor of crypto:hash/2
- Fix certificate decoding to OTP format
SECURITY:
* Common name not being validated when `exclude_cn_from_sans` option used in
`pki` backend
DEPRECATIONS/CHANGES:
* List Operations Always Use Trailing Slash
* PKI Defaults to Unleased Certificates
FEATURES:
* Replication (Enterprise)
* Response Wrapping & Replication in the Vault Enterprise UI
* Expanded Access Control Policies
* SSH Backend As Certificate Authority
IMPROVEMENTS:
* api/request: Passing username and password information in API request
* audit: Logging the token's use count with authentication response and
logging the remaining uses of the client token with request
* auth/approle: Support for restricting the number of uses on the tokens
issued
* auth/aws-ec2: AWS EC2 auth backend now supports constraints for VPC ID,
Subnet ID and Region
* auth/ldap: Use the value of the `LOGNAME` or `USER` env vars for the
username if not explicitly set on the command line when authenticating
* audit: Support adding a configurable prefix (such as `@cee`) before each
line
* core: Canonicalize list operations to use a trailing slash
* core: Add option to disable caching on a per-mount level
* core: Add ability to require valid client certs in listener config
* physical/dynamodb: Implement a session timeout to avoid having to use
recovery mode in the case of an unclean shutdown, which makes HA much safer
* secret/pki: O (Organization) values can now be set to role-defined values
for issued/signed certificates
* secret/pki: Certificates issued/signed from PKI backend do not generate
leases by default
* secret/pki: When using DER format, still return the private key type
* secret/pki: Add an intermediate to the CA chain even if it lacks an
authority key ID
* secret/pki: Add role option to use CSR SANs
* secret/ssh: SSH backend as CA to sign user and host certificates
* secret/ssh: Support reading of SSH CA public key from `config/ca` endpoint
and also return it when CA key pair is generated
BUG FIXES:
* audit: When auditing headers use case-insensitive comparisons
* auth/aws-ec2: Return role period in seconds and not nanoseconds
* auth/okta: Fix panic if user had no local groups and/or policies set
* command/server: Fix parsing of redirect address when port is not mentioned
* physical/postgresql: Fix listing returning incorrect results if there were
multiple levels of children
Full changelog:
https://github.com/hashicorp/vault/blob/v0.7.0/CHANGELOG.md
PuTTY 0.68, released today, supports elliptic-curve cryptography for host
keys, user authentication keys, and key exchange. Also, for the first time,
it comes in a 64-bit Windows version.
This update may create a build issue for non-BSD due to ancient functions
being different on BSD and SYSV. there's always macros if this fails.
sqlmap is an open source penetration testing tool that automates
the process of detecting and exploiting SQL injection flaws and
taking over of database servers. It comes with a powerful detection
engine, many niche features for the ultimate penetration tester
and a broad range of switches lasting from database fingerprinting,
over data fetching from the database, to accessing the underlying
file system and executing commands on the operating system via
out-of-band connections.
1.8.1 - 2017-03-10
~~~~~~~~~~~~~~~~~~
* Fixed macOS wheels to properly link against 1.1.0 rather than 1.0.2.
1.8 - 2017-03-09
~~~~~~~~~~~~~~~~
* Added support for Python 3.6.
* Windows and macOS wheels now link against OpenSSL 1.1.0.
* macOS wheels are no longer universal. This change significantly shrinks the
size of the wheels. Users on macOS 32-bit Python (if there are any) should
migrate to 64-bit or build their own packages.
* Changed ASN.1 dependency from ``pyasn1`` to ``asn1crypto`` resulting in a
general performance increase when encoding/decoding ASN.1 structures. Also,
the ``pyasn1_modules`` test dependency is no longer required.
* Added support for
:meth:`~cryptography.hazmat.primitives.ciphers.CipherContext.update_into` on
:class:`~cryptography.hazmat.primitives.ciphers.CipherContext`.
* Added
:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKeyWithSerialization.private_bytes`
to
:class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKeyWithSerialization`.
* Added
:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKeyWithSerialization.public_bytes`
to
:class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKeyWithSerialization`.
* :func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key`
and
:func:`~cryptography.hazmat.primitives.serialization.load_der_private_key`
now require that ``password`` must be bytes if provided. Previously this
was documented but not enforced.
* Added support for subgroup order in :doc:`/hazmat/primitives/asymmetric/dh`.
Fast ASN.1 parser and serializer with definitions for private keys,
public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7, PKCS#8,
PKCS#12, PKCS#5, X.509 and TSP.
