Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Dmitry Baryshkov
nettle
Commits
09f13a4a
Commit
09f13a4a
authored
Sep 06, 2016
by
Niels Möller
Browse files
Update NEWS for 3.3.
parent
50d8c444
Changes
2
Hide whitespace changes
Inline
Side-by-side
ChangeLog
View file @
09f13a4a
2016-09-06 Niels Möller <nisse@lysator.liu.se>
* NEWS: Update for 3.3.
* configure.ac: Bump package version to 3.3.
(LIBNETTLE_MINOR): Bump library version to 6.3.
(LIBHOGWEED_MINOR): Bump library version to 4.3.
...
...
NEWS
View file @
09f13a4a
NEWS for the Nettle 3.3 release
This release fixes a couple of bugs, and improves resistance
to side-channel attacks on RSA private key operations.
Changes in behavoir:
* Invalid private RSA keys, with an even modulo, are now
rejected by rsa_private_key_prepare. (Earlier versions
allowed such keys, even if results of using them were bogus).
Nettle applications are required to call
rsa_private_key_prepare and check the return value, before
using any other RSA private key functions. Failing to do so
will now lead to crashes for invalid private keys.
The Gnutls library used to not call rsa_private_key_prepare.
To avoid crashes when using Gnutls with an invalid private
key, Nettle performs additional checks for even moduli in
the functions the rsa_*_sign_tr, and rsa_decrypt_tr, which
are used by all recent versions of Gnutls.
* Ignore bit 255 of the x coordinate of the input point to
curve25519_mul, as required by RFC 7748. To differentiate at
compile time, curve25519.h defines the constant
NETTLE_CURVE25519_RFC7748.
Security:
* RSA and DSA now use side-channel silent modular
exponentiation, to defend against attacks on the private key
from evil processes sharing the same processor cache. This
attack scenario is of particular relevance when running an
HTTPS server on a virtual machine, where you don't know who
you share the cache hardware with.
Bug fixes:
* Fix sexp-conv crashes on invalid input. Reported by Hanno
Böck.
* Fix out-of-bounds read in des_weak_p. Fixed by Nikos
Mavrogiannopoulos.
* Fix a couple of formally undefined shift operations,
reported by Nikos Mavrogiannopoulos.
Miscellaneous:
* Building the public key support of nettle now requires GMP
version 5.0 or later (unless --enable-mini-gmp is used).
* Filenames of windows DLL libraries now include major number
only. So the dll names change at the same time as the
corresponding soname on ELF platforms. Fixed by Nikos
Mavrogiannopoulos.
* Fix compilation with c89. Reported by Henrik Grubbström.
* Eliminate most pointer-signedness warnings. In the process,
the strings representing expression type for sexp_interator
functions were changed from const uint8_t * to const char *.
These functions are undocumented, and it doesn't change the
ABI on any platform I'm aware of.
The shared library names are libnettle.so.6.3 and
libhogweed.so.4.3, with sonames still libnettle.so.6 and
libhogweed.so.4. It is intended to be fully binary compatible
with nettle-3.1.
NEWS for the Nettle 3.2 release
Bug fixes:
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment