Page MenuHomeSolus

Update botan2 to 2.18.2

Authored by EbonJaeger on Tue, Nov 23, 6:05 PM.



Summarized Changelog:

  • Avoid using short exponents when encrypting in ElGamal, as some PGP implementations generate keys with parameters that are weak when short exponents are used
  • Fix a low risk OAEP decryption side channel
  • Remove support in OpenSSL provider for algorithms which are disabled by default in OpenSSL 3.0

Full changelog available here.

Test Plan

Build CoreCtrl against this version.

Diff Detail

R4803 botan2
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

EbonJaeger created this revision.Tue, Nov 23, 6:05 PM
EbonJaeger requested review of this revision.Tue, Nov 23, 6:05 PM
JoshStrobl accepted this revision.Fri, Nov 26, 3:28 PM
JoshStrobl added a subscriber: JoshStrobl.

LGTM, thanks!

This revision is now accepted and ready to land.Fri, Nov 26, 3:28 PM
This revision was automatically updated to reflect the committed changes.