From berry at nlnetlabs.nl Tue Mar 17 18:59:18 2020 From: berry at nlnetlabs.nl (Berry A.W. van Halderen) Date: Tue, 17 Mar 2020 19:59:18 +0100 Subject: [Opendnssec-announce] SoftHSM 2.6.0 [resend] In-Reply-To: References: <47b85281-f90e-fc18-fd8f-607c84037979@nlnetlabs.nl> Message-ID: On 3/17/20 5:27 PM, Berry A.W. van Halderen wrote: Dear all, SoftHSM version 2.6.0 has just been released. This is mostly a continued development of SoftHSMv2, and thus should replace the 2.5 branch to receive any patches. Even though this is continuation of the development, I should point out that we have upgraded the optional dependency to Botan to version 2. Other fixes and improvements should not influence existing functionality. For a more complete list of improvements see below and the NEWS file inside the package. No migration, configuration changes or path changes are necessary and the build configuration should not need changing. Download: * https://dist.opendnssec.org/source/softhsm-2.6.0.tar.gz * https://dist.opendnssec.org/source/softhsm-2.6.0.tar.gz.sig * Checksum SHA256: 19c2500f22c547b69d314fda55a91c40b0d2a9c269496a5da5d32ae1b835d6d1 Be safe and don't panic () P.S. Sorry about the duplicate mails. \Berry Improvements: * Issue #493: Upgrade to Botan 2. * Issue #530: Update appveyor build. * Issue #438: Detect crypto algorithms by default. (Patch from Alon Bar-Lev) * Issue #455: Provide a new configuration option to allow enabling and disabling various mechanisms (slots.mechanisms in the softhsm2.conf). (Thanks to Jakub Jelen) * Issue #479: Increase SQLite busy timeout from 15 seconds to 3 minutes. (Patch from Jan Luebbe) * Issue #513: Add configuration option to reset state on fork closing all sessions rather than keeping all sessions open in duplicate process. (Thanks to Anderson Toshiyuki Sasaki) * Issue #500: C_WaitForSlotEvent implementation. (Patch from massey101) * Issue #445: Add wrap support with CKM_AES_CBC. Bugfixes: * Issue #418: Set fields to NULL to avoid double free. (Patch from Brian J Murray) * Issue #423: ENGINE_load_rdrand is not supported with older openssl. (Patch from Alon Bar-Lev) * Issue #429: Updated prerequisite to build from repository. (Patch from Dharmesh Khandelwal) * Issue #434: Fix build issues with CMake. (Patch from Peter Wu) * Issue #435: Fix botan build without EDDSA. (Patch from Peter Wu) * Issue #442: Release resources from OSSLEVPSymmetricAlgorithm. (Patch from Petr Men??k) * Issue #449/#502: Do not copy zero sized buffer avoid null pointer reference. (Patch from space88man) * Issue #464: Race condition with multiple threads closing last session and opening a newer sessions. (Patch from Takarth) * Issue #452: Fixes to automake build fir undefined macros. * Issue #462: User PIN count wrongly calculated. (Patch from Ond?ej Hlavat?) * Issue #516: Fix memory leak in OSSLCryptoFactory. (Patch from Anderson Sasaki) * Issue #494: Allow null pointers as arguments when count is zero. (Patch from Yunjong Jeong) * Issue #518: Sporadic problem in closing sessions because of lookup of object without prior locking. * Issue #506: Check key type for C_EncryptInit and C_DecryptInit. (Patch from Yunjong Jeong) * Issue #526: Adjust EDDSA code to return valid EC_PARAMS. (Patch from Jakub Jelen) * Issue #452: Autogen failure on undefined macro AC_MSG_ERROR. * Issue #527: Fixed some build errors for GCC 10. * Issue #470: Null pointer arguments validation for C_EncryptFinal, etc.