diff options
| author | Jack Lloyd <[email protected]> | 2015-12-07 09:10:42 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2015-12-07 09:10:42 -0500 |
| commit | 91c194957a12b174f4a51f41319b0d9604450d87 (patch) | |
| tree | 2baf396e7e36a2013d28956b6113bdd8086e3bc5 | |
| parent | f75ae7463a7f300a0b2a95693062b7129b6cc53d (diff) | |
1.11.25 release1.11.25
| -rw-r--r-- | doc/news.rst | 18 | ||||
| -rw-r--r-- | readme.rst | 6 |
2 files changed, 17 insertions, 7 deletions
diff --git a/doc/news.rst b/doc/news.rst index cce298ffd..d52adfbb9 100644 --- a/doc/news.rst +++ b/doc/news.rst @@ -1,7 +1,7 @@ Release Notes ======================================== -Version 1.11.25, Not Yet Released +Version 1.11.25, 2015-12-07 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * In this release the test suite has been largely rewritten. Previously the @@ -11,13 +11,23 @@ Version 1.11.25, Not Yet Released suffices for all of the tests. There should be no user-visible change as a result of this, except that the output format of `botan-test` has changed. -* Improved side channel countermeasures for the table based AES implementation, - by ensuring the table is loaded into memory at start and computing the table - at runtime to avoid flush+reload based attacks due to shared VMM mappings. +* Improved side channel countermeasures for the table based AES implementation. + The 4K T tables are computed (once) at runtime to avoid various cache based + attacks which are possible due to shared VMM mappings of read only tables. + Additionally every cache line of the table is read from prior to processing + the block(s). * Support for the insecure ECC groups secp112r1, secp112r2, secp128r1, and secp128r2 has been removed. +* The portable version of GCM has been changed to run using only + constant time operations. + +* Work around a bug in MSVC 2013 std::mutex which on some Windows + versions can result in a deadlock during static initialization. On + Windows a CriticalSection is used instead. Analysis and patch from + Matej Kenda (TopIT d.o.o.). GH #321 + * The OpenSSL implementation of RC4 would return the wrong value from `name` if leading bytes of the keystream had been skipped in the output. diff --git a/readme.rst b/readme.rst index 144364bb4..43a40fca3 100644 --- a/readme.rst +++ b/readme.rst @@ -105,9 +105,9 @@ later, Clang 3.4 and later, and MSVC 2013 are regularly tested. A new development release is made on the first Monday of every month. The latest development release is -`1.11.24 <http://botan.randombit.net/releases/Botan-1.11.24.tgz>`_ -`(sig) <http://botan.randombit.net/releases/Botan-1.11.24.tgz.asc>`_ -released on 2015-11-04 +`1.11.25 <http://botan.randombit.net/releases/Botan-1.11.25.tgz>`_ +`(sig) <http://botan.randombit.net/releases/Botan-1.11.25.tgz.asc>`_ +released on 2015-12-07 Old Stable Series (1.10) ---------------------------------------- |