Menu
▾
▴
[Opensc-announce] (no subject)
|
From: Jakub J. <jj...@re...> - 2024-09-11 17:26:38
|
Hello all, You can find a release candidate for OpenSC version 0.26.0 for testing on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.26.0-rc1 >From the outstanding changes, the release includes additional fixes for removing the time side-channel leakage related to RSA PKCS#1 v1.5 padding removal after decryption, unified OpenSSL logging, several features for pkcs11-tool and fixes for CVEs targeting uninitialized memory problems. For the full changelog, please refer to the NEWS file: https://github.com/OpenSC/OpenSC/blob/master/NEWS We are looking forward to your feedback, which we may discuss via this mailing list or GitHub: https://github.com/OpenSC/OpenSC/issues/3223 Advises for systematic testing can be found here: https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing We would like to release the final version in a few weeks. After that, it is recommended to use the last version (or your distribution's latest maintained version) due to published PoC with Kerberos to side-channel leaking while RSA PKCS#1 v1.5 padding. Details can be found here: https://github.com/OpenSC/OpenSC/security/advisories/GHSA-h6ww-xfc2-jw4h The Windows binaries contain signed installers provided by Signpath.io. The macOS installer is signed by Tim Wilbrink, as in previous releases. You can find SHA-256 hashes of the release artifacts below (calculated with `openssl sha256 $file`): OpenSC-0.26.0-rc1.dmg ae4fde25be52b3e05f8722f22a2392d7881a0680cc625863d9c1c82ecc2200f7 OpenSC-0.26.0-rc1_win32-Light-Debug.zip ea1df15005bcac89ddee5b0bec37cc0d5dc2261bb11b6d9254316a5dd381c33b OpenSC-0.26.0-rc1_win32-Light.msi bd6b5ab0f25a235af96929d85073433e2a7963d2f6083fcdae2ba09ea22677f2 OpenSC-0.26.0-rc1_win32.msi 9fd4d51925ee0d01f329844c8b91aad9743dffb7493e5421d2c5acf612ff8350 OpenSC-0.26.0-rc1_win64-Debug.zip 8864278af69f84bb167af2d10c0a7825612f7f14321d4850378695e2a708386b OpenSC-0.26.0-rc1_win64-Light-Debug.zip c00d9e0d5f6e802883f54a8c6ad823306da473d822f1782505d66c02a211fc9c OpenSC-0.26.0-rc1_win64-Light.msi aa5e4bb4b98423ed23f6753af885d73fdf94ea3dbe9d0cb0b6cba843c364ac0a OpenSC-0.26.0-rc1_win64.msi fb150006e916bd1260abb6ccaf83d296b3ee800e8170aeee59d8f43612b01059 opensc-0.26.0-rc1.tar.gz f11a69a9cb07e7dc34b59cfbd7176136c05cbb4628059f21189c9f194bea54ca Best regards, The OpenSC team |
