[Botan-announce] Botan 1.11.29 released
lloyd at randombit.net
Sun Mar 20 21:47:56 EDT 2016
-----BEGIN PGP SIGNED MESSAGE-----
Botan 1.11.29 has been released.
Several bugs with possible security implications have been resolved:
* There was a timing channel in DSA/ECDSA signature generation due to
the use of modular inverse algorithm which had input dependent loops
(found by Sean Devlin, CVE-2016-2849).
* The TLS v1.2 client did not verify that the hash algorithm or ECC
curve that the server chose actually matched the preferences
indicated by the TLS server (CVE-2016-2850).
* Reading an empty TLS record could cause a crash/abort when running
under iterator debugging (but no other ill effect seems possible).
Found by Juraj Somorovsky.
* The TLS server had a possible timing channel in checking the
formatting of client encrypted RSA ciphertexts.
New features include
* Add support for X.509 name constraint extensions
* Add PK_Decryptor::decrypt_or_random which supports constant-time
content checks on decrypted ciphertexts.
* Windows now supports the locking allocator via use of VirtualLock
* TLS can now be compiled without support for SRP
Features removed include
* Support for the TLS heartbeat and minimum fragment length extensions
have been removed.
* Support for MD5 and SHA-224 signatures in TLS have been removed.
* Support for negotiating ECC groups under 256 bits for TLS has been removed
In other announcements randombit.net is now using the Let's Encrypt CA
instead of CACert, so all browsers should accept https connections the
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the botan-announce