diff options
Diffstat (limited to 'news.rst')
| -rw-r--r-- | news.rst | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -4,6 +4,10 @@ Release Notes Version 1.11.34, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* Fix integer overflow during BER decoding, found by Falko Strenzke. + This bug is not thought to be directly exploitable but upgrading ASAP + is advised. (CVE-2016-9132) + * Add post-quantum signature scheme XMSS. Provides either 128 or 256 bit (post-quantum) security, with small public and private keys, fast verification, and reasonably small signatures (2500 bytes for 128-bit @@ -17,6 +21,8 @@ Version 1.11.34, Not Yet Released ECDH and NewHope to provide post-quantum security. The ciphersuites are not IETF standard, but is compatible with BoringSSL. (GH #729) +* Add support for client-side OCSP stapling to TLS. (GH #738) + * Previously both public and private keys performed automatic self testing after generation or loading. However this often caused unexpected application performance problems, and so has been removed. Instead applications must call @@ -100,6 +106,8 @@ Version 1.11.34, Not Yet Released * Allow a custom ECC curve to be specified at build time, for application or system specific curves. (GH #636 #710) +* Use NOMINMAX on Windows to avoid problems in amalgamation build. (GH #740) + * Add support to output bakefiles with new `configure.py` option `--with-bakefile`. (GH #360 #720) |