diff options
| -rw-r--r-- | doc/contributing.rst | 23 | ||||
| -rw-r--r-- | doc/news.rst | 61 |
2 files changed, 75 insertions, 9 deletions
diff --git a/doc/contributing.rst b/doc/contributing.rst index 0d160c680..64b609af5 100644 --- a/doc/contributing.rst +++ b/doc/contributing.rst @@ -112,9 +112,11 @@ Sending patches ======================================== All contributions should be submitted as pull requests via GitHub -(https://github.com/randombit/botan). If you are planning a large change email -the mailing list or open a discussion ticket on github before starting out to -make sure you are on the right path. +(https://github.com/randombit/botan). If you are planning a large +change email the mailing list or open a discussion ticket on github +before starting out to make sure you are on the right path. And once +you have something written, free to open a [WIP] PR for early review +and comment. If possible please sign your git commits using a PGP key. See https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work for @@ -136,6 +138,21 @@ Also, try building and testing it on whatever hardware you have handy, especially non-x86 platforms, or especially C++11 compilers other than the regularly tested GCC, Clang, and Visual Studio compilers. +Git Usage +======================================== + +Do *NOT* merge ``master`` into your topic branch, this creates +needless commits and noise in history. Instead, as needed, rebase your +branch against master (``git rebase -i master``) and force push the +branch to update the PR. If the GitHub PR page does not report any +merge conflicts and nobody asks you to rebase, you don't need to +rebase. + +Try to keep your history clean and use rebase to squash your commits +as needed. If your diff is less than roughly 100 lines, it should +probably be a single commit. Only split commits as needed to help with +review/understanding of the change. + External Dependencies ======================================== diff --git a/doc/news.rst b/doc/news.rst index 6e9b88479..b5cfa86ab 100644 --- a/doc/news.rst +++ b/doc/news.rst @@ -36,20 +36,56 @@ Version 1.11.31, Not Yet Released * Add FRP256v1 curve (GH #551) * RNG changes: NIST SP900-80's HMAC_DRBG is now the default generator - for userspace RNG (AutoSeeded_RNG). HMAC_DRBG now attempts to detect - use of fork (via pid checks) + for userspace RNG (in AutoSeeded_RNG). HMAC_DRBG now attempts to detect + use of fork via pid checks and perform automatic reseeding. + GH #520 -* The X9.31 and HMAC_RNG RNGs are deprecated and will be removed in a - future release. If you need a userspace PRNG switch to HMAC_DRBG - (or AutoSeeded_RNG which is HMAC_DRBG with useful defaults). +* Add RDRAND_RNG which directly exposes the CPU RNG (GH #543) + +* Add PKCS #1 v1.5 id for SHA-512/256 (GH #554) + +* Add X509_Time::to_std_timepoint (GH #560) * Fix a bug in ANSI X9.23 padding mode, which returned one byte more than the given block size (GH #529). -* Fixes for FreeBSD (GH #517) and OpenBSD (GH #523) +* Fix bug in SipHash::clear, which did not reset all state (GH #547) + +* Fixes for FreeBSD (GH #517) and OpenBSD (GH #523). The compiler defaults + to Clang on FreeBSD now. + +* SonarQube static analysis integration (GH #592) + +* Switched Travis CI to Ubuntu 14.04 LTS (GH #592) + +* Clean up in TLS ciphersuite handling (GH #583) + +* Threefish-512 AVX2 optimization work (GH #581) + +* Remove build configuration host and timestamp from build.h + This makes this header reproducible and allows using ccache's direct mode + (GH #586 see also #587) + +* Prevent building for x86-64 with x86-32 compiler and the reverse (GH #585) + +* Avoid build problem on 32-bit userspace ARMv8 (GH #563) + +* Refactor of internal MP headers (GH #549) + +* Avoid MSVC C4100 warning (GH #525) + +* More tests for RSA-KEM (GH #538), DH (GH #556), EME (GH #553), + cipher mode padding (GH #529), CTS mode (GH #531), + KDF1/ISO18033 (GH #537), OctetString (GH #545), OIDs (GH #546), + parallel hash (GH #548), charset handling (GH #555), + BigInt (GH #558) * New deprecations. See the full list in doc/deprecated.txt + The X9.31 and HMAC_RNG RNGs are deprecated. + If you need a userspace PRNG, use HMAC_DRBG (or AutoSeeded_RNG + which is HMAC_DRBG with defaults). + Support for getting entropy from EGD is deprecated, and will be removed in a future release. The developers believe that it is unlikely that any modern system requires EGD and so the code is now @@ -296,6 +332,19 @@ Version 1.11.29, 2016-03-20 * Support for locking allocator on Windows using VirtualLock. GH #450 +Version 1.18.15, 2016-02-13 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* NOTE WELL: Botan 1.8 is not supported for security issues anymore. + Moving to 1.10 or 1.11 is certainly recommended. +* Fix CVE-2014-9742: Insufficient randomness in Miller-Rabin primality check +* Fix CVE-2016-2194: Infinite loop in modulur square root algorithm +* Fix CVE-2015-5726: Crash in BER decoder +* Fix CVE-2015-5727: Excess memory allocation in BER decoder + Note: Unlike the fix in 1.10 which checks that the source actually + contains enough data to satisfy the read before allocating the + memory, 1.8.15 simply rejects all ASN.1 blocks larger than 1 MiB. + This simpler check avoids the problem without breaking ABI. + Version 1.10.12, 2016-02-03 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |