diff options
| -rw-r--r-- | doc/news.rst | 12 | ||||
| -rw-r--r-- | readme.rst | 6 |
2 files changed, 15 insertions, 3 deletions
diff --git a/doc/news.rst b/doc/news.rst index b1a04302a..fe6b5c4b7 100644 --- a/doc/news.rst +++ b/doc/news.rst @@ -23,6 +23,18 @@ Version 1.11.30, Not Yet Released caused incorrect computation when the plaintext or AAD was exactly a multiple of 16 bytes. +Version 1.10.13, 2016-04-23 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* Use constant time modular inverse algorithm to avoid possible + side channel attack against ECDSA (CVE-2016-2849) + +* Use constant time PKCS #1 unpadding to avoid possible side channel + attack against RSA decryption (CVE-2015-7827) + +* Avoid a compilation problem in OpenSSL engine when ECDSA was + disabled. Gentoo bug 542010 + Version 1.11.29, 2016-03-20 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/readme.rst b/readme.rst index f8df887ef..ff8f769c0 100644 --- a/readme.rst +++ b/readme.rst @@ -108,9 +108,9 @@ and is the most commonly packaged version. It is still supported for security patches, but all development efforts are focused on 1.11. The latest 1.10 release is -`1.10.12 <http://botan.randombit.net/releases/Botan-1.10.12.tgz>`_ -`(sig) <http://botan.randombit.net/releases/Botan-1.10.12.tgz.asc>`_ -released on 2016-02-03 +`1.10.13 <http://botan.randombit.net/releases/Botan-1.10.13.tgz>`_ +`(sig) <http://botan.randombit.net/releases/Botan-1.10.13.tgz.asc>`_ +released on 2016-04-23 Books and other resources ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |