-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-f1a0c3d9e2 2017-10-01 18:17:17.234014 --------------------------------------------------------------------------------
Name : libsodium Product : Fedora 27 Version : 1.0.14 Release : 1.fc27 URL : http://libsodium.org/ Summary : The Sodium crypto library Description : Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further. Its goal is to provide all of the core operations needed to build higher-level cryptographic tools. The design choices emphasize security, and "magic constants" have clear rationales.
The same cannot be said of NIST curves, where the specific origins of certain constants are not described by the standards. And despite the emphasis on higher security, primitives are faster across-the-board than most implementations of the NIST standards.
-------------------------------------------------------------------------------- Update Information:
** Version 1.0.14** - WebAssembly is now officially supported. Special thanks to facekapow and pepyakin who helped to make it happen. - Internal consistency checks failing and primitives used with dangerous/out-of-bounds/invalid parameters used to call abort(3). Now, a custom handler *that doesn't return* can be set with the `set_sodium_misuse()` function. It still aborts by default or if the handler ever returns. This is not a replacement for non-fatal, expected runtime errors. This handler will be only called in unexpected situations due to potential bugs in the library or in language bindings. - `*_MESSAGEBYTES_MAX` macros (and the corresponding `_messagebytes_max()` symbols) have been added to represent the maximum message size that can be safely handled by a primitive. Language bindings are encouraged to check user inputs against these maximum lengths. - The test suite has been extended to cover more edge cases. - crypto_sign_ed25519_pk_to_curve25519() now rejects points that are not on the curve, or not in the main subgroup. - Further changes have been made to ensure that smart compilers will not optimize out code that we don't want to be optimized. - Visual Studio solutions are now included in distribution tarballs. - The `sodium_runtime_has_*` symbols for CPU features detection are now defined as weak symbols, i.e. they can be replaced with an application-defined implementation. This can be useful to disable AVX* when temperature/power consumption is a concern. - `crypto_kx_*()` now aborts if called with no non-NULL pointers to store keys to. - SSE2 implementations of `crypto_verify_*()` have been added. - Passwords can be hashed using a specific algorithm with the new `crypto_pwhash_str_alg()` function. - Due to popular demand, base64 encoding (`sodium_bin2base64()`) and decoding (`sodium_base642bin()`) have been implemented. - A new `crypto_secretstream_*()` API was added to safely encrypt files and multi-part messages. - The `sodium_pad()` and `sodium_unpad()` helper functions have been added in order to add & remove padding. - An AVX512 optimized implementation of Argon2 has been added (written by Ondrej Mosn����ek, thanks!) - The `crypto_pwhash_str_needs_rehash()` function was added to check if a password hash string matches the given parameters, or if it needs an update. - The library can now be compiled with recent versions of emscripten/binaryen that don't allow multiple variables declarations using a single `var` statement. --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade libsodium' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------