[Botan-announce] Botan 2.3.0 and 1.10.17 released
jack at randombit.net
Mon Oct 2 12:35:58 EDT 2017
Botan 1.10.17 has been released. It has a few bugfixes, adds a few small changes
to help make it easier to support both 1.10 and 2.x in the same application,
and fixes a cache based side channel affecting RSA and DH (CVE-2017-14737).
Please remember that 1.10 is only supported until the end of this year. After
that no further releases will be made. I'd recommend moving to 2.x as soon as
possible. If you need help porting your application open an issue on Github.
Botan 2.3.0 has also been released. It fixes the same side channel.
It also has the normal slew of new features, most notably
- SHACAL2 block cipher
- ARIA block cipher
- XTS and OCB modes now support 256 and 512 bit block ciphers
- Support for ARMv8 AES and GCM acceleration
- System_RNG works on iOS now
- ECDHE_PSK ciphersuites
- Raw PSS signatures (PSS signing an externally generated hash)
- LLVM bitcode target (Emscripten works, but needs polishing)
- Improved support for Windows Phone/Windows Store
- Optimization in TLS CBC ciphersuite decryption
Plus many smaller improvements documented in the release notes.
More information about the botan-announce