[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ANNOUNCE: Nettle-3.10.1
From: |
Niels Möller |
Subject: |
ANNOUNCE: Nettle-3.10.1 |
Date: |
Mon, 30 Dec 2024 22:01:24 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) |
I'm happy to announce a new release of GNU Nettle, a low-level
cryptographics library. This release includes a few bug fixes and
portability improvements. See NEWS entries below.
Users of powerpc64 are adviced to upgrade; the bugs in the powerpc64
sha256 assembly of nettle-3.10 has the potential to cause crashes due to
invalid memory read accesses. It's unclear if it could be exploitable,
but it seems unlikely that any exploit could do worse than denial of
service.
The Nettle home page can be found at
https://www.lysator.liu.se/~nisse/nettle/, and the manual at
https://www.lysator.liu.se/~nisse/nettle/nettle.html.
The release can be downloaded from
https://ftp.gnu.org/gnu/nettle/nettle-3.10.1.tar.gz
https://www.lysator.liu.se/~nisse/archive/nettle-3.10.1.tar.gz
Happy hacking,
/Niels Möller
NEWS for the Nettle 3.10.1 release
This is a maintenance release, with only a few bugfixes and
portability improvements.
The new version is intended to be fully source and binary
compatible with Nettle-3.6. The shared library names are
libnettle.so.8.10 and libhogweed.so.6.10, with sonames
libnettle.so.8 and libhogweed.so.6.
Bug fixes:
* Fix buffer overread in the new sha256 assembly for
powerpc64, as well as a stack alignment issue.
* Added missing nettle_mac structs for hmac-gosthash.
* Fix configure test for valgrind, to not attempt to run
valgrind on executables built using memory sanitizers.
Optimizations:
* Improved runtime detection of cpu features for OpenBSD and
FreeBSD, using elf_aux_info when available. This also adds
runtime detection for FreeBSD on arm64. Contributed by Brad
Smith.
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- ANNOUNCE: Nettle-3.10.1,
Niels Möller <=