Hi Everyone, Crypto++ 8.6 was released on September 24, 2021. The 8.6 release was a minor, unplanned release. There was one CVE and no memory errors.
This release clears CVE-2021-40530 and fixes a problem with ChaCha20 AVX2 implementation. The CVE was due to ElGamal encryption using a work estimate to size encryption exponents instead of subgroup order. The ChaCha20 issue was due to mishandling a carry in the AVX2 code path. The ChaCha20 issue was difficult to duplicate, so most users should not experience it. The release notes and list of issues fixed can be found at http://www.cryptopp.com/release860.html. The 8.6.0 ZIP archive can be downloaded from http://www.cryptopp.com/cryptopp860.zip. A GPG signature can be downloaded from http://www.cryptopp.com/cryptopp860.zip.sig. The checksums for the 8.6.0 ZIP archive are: * SHA1: d5756ceff1263cd827506c8189fa8899cec6397c * SHA256: 20aa413957d9c8ae353ee2f7747bd7ac392f933c60a53e3fd1e41cadbc48d193 * SHA512: e7773f5e4a7dc7e8e735b1702524bee56ba38e5211544c9c9778bc51ed8dc7b376c17f2e406410043b636312336f26f76dc963f298872f8c13933e88c232fc03 * BLAKE2b: c93998e2deb93abf12b801877404f0f82547bfbbbc5aae727e68daffc2407877dda76d7bcd06239d40a48baf21b6f2e29f74e9a97ecbc1b5d4b5bcc50ada71da * WHIRLPOOL: edc5b350d12bad9f48382bd225383720939d3371817d2d0bd0a428d37a54a2ec6289d1dc52daeba7fb314a738e78d32fc126c58c7f0c86ad9ecc4ea849985bd0 The 8.6.0 sources can be checked out from GitHub using the following. It is tagged as CRYPTOPP_8_6_0 at GitHub. * git clone http://github.com/weidai11/cryptopp.git cryptopp There are 18 outstanding issues. Most of them are feature requests and enhancements. One is a side channel leak that will be fixed in a future release. Thanks to everyone who made it happen. -- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/CAH8yC8%3DOzfp5vVGD0quLuCTu-9x20shu4EKgqfPxY7tnwo4DeQ%40mail.gmail.com.