summary refs log tree commit diff
path: root/crypto/Readme.html
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2024-05-07 22:44:37 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2024-05-07 22:44:37 +0700
commit45c6b993945f01076e386cb59988b1836a329999 (patch)
treeaf2cfef4965004df69538b330db2923d3f4e7b20 /crypto/Readme.html
parentSet version to '2.3' (diff)
downloadBouncyCastle.NET-ed25519-45c6b993945f01076e386cb59988b1836a329999.tar.xz
Patch #1 for 2.3 release-2.3.1 release/v2.3
- TLS: fix timing side-channel for RSA key exchange
- fix method Write(ReadOnlySpan<byte>) in LimitedBuffer
- ASN.1: Limit OID contents to 4096 bytes
- EdDSA: fix verification infinite loop
- EC: restrict m value in F2m curves
Diffstat (limited to 'crypto/Readme.html')
-rw-r--r--crypto/Readme.html23
1 files changed, 23 insertions, 0 deletions
diff --git a/crypto/Readme.html b/crypto/Readme.html
index ee726b5a4..c6e37779c 100644
--- a/crypto/Readme.html
+++ b/crypto/Readme.html
@@ -32,6 +32,8 @@
                                 <a href="#mozTocId3413">Notes:</a>
                                 <ol>
                                     <li>
+                                        <a href="#mozTocId85332">Release 2.3.1</a>
+                                    <li>
                                         <a href="#mozTocId85331">Release 2.3.0</a>
                                     <li>
                                         <a href="#mozTocId85330">Release 2.2.1</a>
@@ -329,6 +331,27 @@
         <hr style="WIDTH: 100%; HEIGHT: 2px">
         <h3><a class="mozTocH3" name="mozTocId3413"></a>Notes:</h3>
 
+        <h4><a class="mozTocH4" name="mozTocId85332"></a>Release 2.3.1, Tuesday May 7, 2024</h4>
+        <h5>Defects Fixed</h5>
+        <ul>
+            <li>TLS: Fixed timing side-channel for RSA key exchange ("The Marvin Attack").</li>
+            <li>PSS: Fixed regression in 2.3.0 when updating signer from a span.</li>
+            <li>EdDSA: Fixed verification infinite loop (regression in 2.1.0)
+                - see <a href="https://github.com/bcgit/bc-java/issues/1599">corresponding bc-java issue</a>.</li>
+        </ul>
+        <h5>Additional Features and Functionality</h5>
+        <ul>
+            <li>ASN.1: Limited OID contents to 4096 bytes.</li>
+            <li>EC: Restricted m value in F2m curves.</li>
+        </ul>
+        <h5>Additional Notes</h5>
+        <ul>
+            <li>
+                See the (cumulative) list of GitHub pull requests that we have accepted at
+                <a href="https://github.com/bcgit/bc-csharp/pulls?q=is%3Apr+is%3Aclosed">bcgit/bc-csharp</a>.
+            </li>
+        </ul>
+
         <h4><a class="mozTocH4" name="mozTocId85331"></a>Release 2.3.0, Monday February 5, 2024</h4>
         <h5>Defects Fixed</h5>
         <ul>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 16:44:05 +0000