aboutsummaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorJack Lloyd <lloyd@randombit.net>2015-11-11 05:43:01 -0500
committerJack Lloyd <lloyd@randombit.net>2015-11-11 05:43:01 -0500
commitcf05aea092fad448c2f4a8e8b66159237096ba8e (patch)
tree00631bcc84809a1eeac5dd32dd92c62143ef831b /doc
parent6bb38ae2fa0e1be46b3a3256ac03f435b16a57ea (diff)
Update and consolidate the test framework.
The tests previously had used 4 to 6 different schemes internally (the vec file reader framework, Catch, the old InSiTo Boost.Test tests, the PK/BigInt tests which escaped the rewrite in 1.11.7, plus a number of one-offs). Converge on a design that works everywhere, and update all the things. Fix also a few bugs found by the test changes: SHA-512-256 name incorrect, OpenSSL RC4 name incorrect, signature of FFI function botan_pubkey_destroy was wrong.
Diffstat (limited to 'doc')
-rw-r--r--doc/news.rst15
1 files changed, 13 insertions, 2 deletions
diff --git a/doc/news.rst b/doc/news.rst
index 35b0c1532..240d5e67d 100644
--- a/doc/news.rst
+++ b/doc/news.rst
@@ -4,7 +4,18 @@ Release Notes
Version 1.11.25, Not Yet Released
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+* In this release the test suite has been largely rewritten. Previously the
+ tests had internally used several different test helper frameworks created or
+ adopted over time, each of which was insufficient on its own for testing the
+ entire library. These have been fully converged on a new framework which
+ suffices for all of the tests. There should be no user-visible change as a
+ result of this.
+* The OpenSSL implementation of RC4 would return the wrong value from `name` if
+ leading bytes of the keystream had been skipped in the output.
+
+* Fixed the signature of botan_pubkey_destroy which took the wrong type and was
+ not usable.
Version 1.11.24, 2015-11-04
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -37,7 +48,7 @@ Version 1.11.23, 2015-10-26
* CVE-2015-7826: X.509 path validation violated RFC 6125 and would accept
certificates which should not validate under those rules. In particular botan
would accept wildcard certificates as matching in situations where it should
- not (for example it would erronously accept '*.example.com' as a valid
+ not (for example it would erroneously accept '*.example.com' as a valid
wildcard for 'foo.bar.example.com')
* CVE-2015-7827: The routines for decoding PKCS #1 encryption and OAEP blocks
@@ -71,7 +82,7 @@ Version 1.11.23, 2015-10-26
deriving the next value by squaring the previous ones. The reinitializion
interval can be controlled by the build.h parameter BOTAN_BLINDING_REINIT_INTERVAL.
-* A bug decoding DTLS client hellos prevented session resumption for suceeding.
+* A bug decoding DTLS client hellos prevented session resumption for succeeding.
* DL_Group now prohibits creating a group smaller than 1024 bits.