From 0e091669a13190289ed9dcc2ea9b8c330412cbc7 Mon Sep 17 00:00:00 2001 From: Tim Ruffing Date: Mon, 10 Apr 2023 15:16:10 +0200 Subject: [PATCH 1/3] changelog: Catch up in preparation of 0.3.1 Co-authored-by: Pieter Wuille --- CHANGELOG.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7f4384364..4785d83b3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +#### Security + - Fix "constant-timeness" issue with Clang >=14 that could leave applications using libsecp256k1 vulnerable to a timing side-channel attack. The fix avoids secret-dependent control flow and secret-dependent memory accesses in conditional moves of memory objects when libsecp256k1 is compiled with Clang >=14. + +#### Added + - Added tests against [Project Wycheproof's](https://github.com/google/wycheproof/) set of ECDSA test vectors (Bitcoin "low-S" variant), a fixed set of test cases designed to trigger various edge cases. + +#### Changed + - Increased minimum required CMake version to 3.13. CMake builds remain experimental. + ## [0.3.0] - 2023-03-08 #### Added From 1d9a13fc2640b9bf870cba65dc69c504c1c9468d Mon Sep 17 00:00:00 2001 From: Tim Ruffing Date: Mon, 10 Apr 2023 15:19:10 +0200 Subject: [PATCH 2/3] changelog: Remove inconsistent newlines --- CHANGELOG.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4785d83b3..a1c5aaf1a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -34,7 +34,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Removed the configuration header `src/libsecp256k1-config.h`. We recommend passing flags to `./configure` or `cmake` to set configuration options (see `./configure --help` or `cmake -LH`). If you cannot or do not want to use one of the supported build systems, pass configuration flags such as `-DSECP256K1_ENABLE_MODULE_SCHNORRSIG` manually to the compiler (see the file `configure.ac` for supported flags). #### ABI Compatibility - Due to changes in the API regarding `secp256k1_context_static` described above, the ABI is *not* compatible with previous versions. ## [0.2.0] - 2022-12-12 @@ -54,7 +53,6 @@ Due to changes in the API regarding `secp256k1_context_static` described above, - Module `schnorrsig`: renamed `secp256k1_schnorrsig_sign` to `secp256k1_schnorrsig_sign32`. #### ABI Compatibility - Since this is the first release, we do not compare application binary interfaces. However, there are earlier unreleased versions of libsecp256k1 that are *not* ABI compatible with this version. From 898e1c676e177af73b2c7b540cc93e72a2790fa2 Mon Sep 17 00:00:00 2001 From: Tim Ruffing Date: Mon, 10 Apr 2023 15:52:26 +0200 Subject: [PATCH 3/3] release: Prepare for 0.3.1 --- CHANGELOG.md | 6 +++++- configure.ac | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a1c5aaf1a..8346cf33e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,8 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). -## [Unreleased] +## [0.3.1] - 2023-04-10 +We strongly recommend updating to 0.3.1 if you use or plan to use Clang >=14 to compile libsecp256k1, e.g., Xcode >=14 on macOS has Clang >=14. When in doubt, check the Clang version using `clang -v`. #### Security - Fix "constant-timeness" issue with Clang >=14 that could leave applications using libsecp256k1 vulnerable to a timing side-channel attack. The fix avoids secret-dependent control flow and secret-dependent memory accesses in conditional moves of memory objects when libsecp256k1 is compiled with Clang >=14. @@ -16,6 +17,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 #### Changed - Increased minimum required CMake version to 3.13. CMake builds remain experimental. +#### ABI Compatibility +The ABI is compatible with version 0.3.0. + ## [0.3.0] - 2023-03-08 #### Added diff --git a/configure.ac b/configure.ac index 1976789f1..a062b3d0f 100644 --- a/configure.ac +++ b/configure.ac @@ -6,7 +6,7 @@ AC_PREREQ([2.60]) define(_PKG_VERSION_MAJOR, 0) define(_PKG_VERSION_MINOR, 3) define(_PKG_VERSION_PATCH, 1) -define(_PKG_VERSION_IS_RELEASE, false) +define(_PKG_VERSION_IS_RELEASE, true) # The library version is based on libtool versioning of the ABI. The set of # rules for updating the version can be found here: