diff options
| author | Jack Lloyd <[email protected]> | 2016-11-28 05:59:02 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2016-11-28 05:59:02 -0500 |
| commit | b816a3652c1359028f59d64a2f742564547ab782 (patch) | |
| tree | 887ab6949458bdde981f3797297c40f7101e56b2 | |
| parent | aac07df1f23ad9196150af6dc2e67f31a32573e2 (diff) | |
Update for 1.10.14 and 1.11.34 releases1.11.34
| -rw-r--r-- | news.rst | 18 | ||||
| -rw-r--r-- | readme.rst | 12 |
2 files changed, 23 insertions, 7 deletions
@@ -1,7 +1,7 @@ Release Notes ======================================== -Version 1.11.34, Not Yet Released +Version 1.11.34, 2016-11-28 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * Fix integer overflow during BER decoding, found by Falko Strenzke. @@ -138,6 +138,22 @@ Version 1.11.34, Not Yet Released * Add (back) the Perl XS wrapper and sqlite encryption code. +Version 1.10.14, 2016-11-28 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* NOTE WELL: Botan 1.10.x is supported for security patches only until + 2017-12-31 + +* Fix integer overflow during BER decoding, found by Falko Strenzke. + This bug is not thought to be directly exploitable but upgrading ASAP + is advised. (CVE-2016-9132) + +* Fix two cases where (in error situations) an exception would be + thrown from a destructor, causing a call to std::terminate. + +* When RC4 is disabled in the build, also prevent it from being + included in the OpenSSL provider. (GH #638) + Version 1.11.33, 2016-10-26 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/readme.rst b/readme.rst index cf8ba6d4a..1920d6154 100644 --- a/readme.rst +++ b/readme.rst @@ -103,9 +103,9 @@ Versions 1.11 and later require a working C++11 compiler; GCC 4.8 and later, Clang 3.5 and later, and MSVC 2015 are regularly tested. The latest 1.11 release is -`1.11.33 <http://botan.randombit.net/releases/Botan-1.11.33.tgz>`_ -`(sig) <http://botan.randombit.net/releases/Botan-1.11.33.tgz.asc>`_ -released on 2016-10-26 +`1.11.34 <http://botan.randombit.net/releases/Botan-1.11.34.tgz>`_ +`(sig) <http://botan.randombit.net/releases/Botan-1.11.34.tgz.asc>`_ +released on 2016-11-28 Old Stable Series (1.10) ---------------------------------------- @@ -116,9 +116,9 @@ critical security updates (with all support ending on 2018-1-1), and the developers do not recommend its use anymore. The latest 1.10 release is -`1.10.13 <http://botan.randombit.net/releases/Botan-1.10.13.tgz>`_ -`(sig) <http://botan.randombit.net/releases/Botan-1.10.13.tgz.asc>`_ -released on 2016-04-23 +`1.10.14 <http://botan.randombit.net/releases/Botan-1.10.14.tgz>`_ +`(sig) <http://botan.randombit.net/releases/Botan-1.10.14.tgz.asc>`_ +released on 2016-11-28 Books and other resources ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |