[Botan-announce] Botan 1.10.14 and 1.11.34 released

Jack Lloyd jack at randombit.net
Mon Nov 28 06:50:10 EST 2016


Good morning,

Botan 1.11.34 and 1.10.14 have been released.

https://botan.randombit.net/releases/Botan-1.11.34.tgz
https://botan.randombit.net/releases/Botan-1.11.34.tgz.asc
59ad548f8ddb967737f102b252bab30ca0b49f039f204502394cf506ae731f16  Botan-1.11.34.tgz

https://botan.randombit.net/releases/Botan-1.10.14.tgz
https://botan.randombit.net/releases/Botan-1.10.14.tgz.asc
10ed0b394db165733ac9557d8656356b7e9744d38c61c2b9c44cba6d84ff4c1c  Botan-1.10.14.tgz

Both versions address CVE-2016-9132, an integer overflow in the BER
decoder. The bug is not obviously exploitable but exploitation cannot
be ruled out and upgrading ASAP is advised. Thanks to Falko Strenzke
of cryptosource GmbH for finding and reporting this issue.

In addition to the security fix Botan 1.11.34 contains a number
of exciting new features including

- XMSS (post quantum hash based signature scheme), contributed by
  Matthias Gierlings

- CECPQ1 TLS ciphersuites provide post quantum secured key exchange
  using NewHope Ring-LWE. Compatible with BoringSSL/google.com

- Add (client-side only) support for OCSP stapling to TLS

- Add SHAKE-128 and SHAKE-256 hash functions

- Add GMAC message authentication code

- Add HDKF_Extract and full HKDF

- Add Cipher_Mode::reset which allows reseting message specific
  state (nonce, message buffers) without also resetting the keys.

- The default TLS policy now prohibits static RSA ciphersuites as well
  as DSA certificates. It also prefers x25519 over any other ECC, and
  prefers CECPQ1 over any other key exchange and ChaCha20 over any
  other cipher. The default (Botan<->Botan) ciphersuite is now
  CECPQ1_{RSA|ECDSA}_WITH_CHACHA20_POLY1305_SHA256, which both
  provides post-quantum security and is well secured against side
  channels.

There are also many bugfixes, test enhancements, and other smaller
features in the 1.11.34 release, see the notes for details.

Botan 1.11.34 is expected to be the last major release before an API
stable Botan 2.0 branch, ETA December 26th 2016. The current plan is
to have a small number (1-3, depending on need) of further 1.11.x
releases in December acting as 2.0.0 release candidates. Please test
1.11.34 on any available systems/compilers you might have available,
especially unusual ones which are not covered by our CI, or running
the fuzzers (see src/extra_tests/fuzzers) on systems with spare CPU
power.

Thanks,
  Jack


More information about the botan-announce mailing list