[Botan-announce] Botan 2.15.0 released

Jack Lloyd jack at randombit.net
Tue Jul 7 08:23:14 EDT 2020

Good morning,

Botan 2.15.0 has been released today. Notable changes include:

- Fix a bug where the name constraint extension did not constrain the
  alternative DN field which can be included in a subject alternative name. This
  would allow a corrupted sub-CA which was otherwise constrained by a name
  constraint to issue a certificate with a prohibited DN. This seems to be a low
  severity issue, as until this release there was no way to actually access this
  field. So while an invalid certificate would be accepted it is unlikely any
  application would make an incorrect access decision since it could not observe
  the forbidden DN.

- AES is now constant-time on all processors due to replacing the code using
  table lookups with a new bitsliced implementation.

- Fix a bug in TLS server where the if a (disabled by default) static RSA
  ciphersuite is negotiated, then it would fail to request a certificate if
  certificate authentication was otherwise required.  This is not a security
  issue, as any client can simply send an empty Certificate message when a
  certificate is requested by the server, which would have the same effect.

- Add Processor_RNG (wrapping RDRAND or DARN instructions, will be extended for
  Aarch64 RNG instructions in the future) and deprecate RDRAND_RNG

Plus many smaller enhancements and bug fixes documented in the release notes.

SHA-256 d88af1307f1fefac79aa4f2f524699478d69ce15a857cf2d0a90ac6bf2a50009


More information about the botan-announce mailing list