diff options
| author | Pieter Wuille <pieter@wuille.net> | 2023-04-14 10:35:51 -0400 |
|---|---|---|
| committer | Pieter Wuille <pieter@wuille.net> | 2023-04-14 10:35:51 -0400 |
| commit | f5fdd4e2799b318ff004b2349fd1e4176cb752fa (patch) | |
| tree | 01e46d46b2845ad4638684f0d38582c704961898 /src/secp256k1/CHANGELOG.md | |
| parent | 69460bd8bc56762513b20218b9839c2ae4c40aaf (diff) | |
| parent | c981671e9b206de4681a2e0d06996b800fcc985b (diff) | |
| download | bitcoin-f5fdd4e2799b318ff004b2349fd1e4176cb752fa.tar.xz | |
Update src/secp256k1 to latest upstream master (v0.3.1 + CI fix)
Diffstat (limited to 'src/secp256k1/CHANGELOG.md')
| -rw-r--r-- | src/secp256k1/CHANGELOG.md | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/src/secp256k1/CHANGELOG.md b/src/secp256k1/CHANGELOG.md index 7f43843641..6d23662a93 100644 --- a/src/secp256k1/CHANGELOG.md +++ b/src/secp256k1/CHANGELOG.md @@ -7,6 +7,21 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +## [0.3.1] - 2023-04-10 +We strongly recommend updating to 0.3.1 if you use or plan to use Clang >=14 to compile libsecp256k1, e.g., Xcode >=14 on macOS has Clang >=14. When in doubt, check the Clang version using `clang -v`. + +#### Security + - Fix "constant-timeness" issue with Clang >=14 that could leave applications using libsecp256k1 vulnerable to a timing side-channel attack. The fix avoids secret-dependent control flow and secret-dependent memory accesses in conditional moves of memory objects when libsecp256k1 is compiled with Clang >=14. + +#### Added + - Added tests against [Project Wycheproof's](https://github.com/google/wycheproof/) set of ECDSA test vectors (Bitcoin "low-S" variant), a fixed set of test cases designed to trigger various edge cases. + +#### Changed + - Increased minimum required CMake version to 3.13. CMake builds remain experimental. + +#### ABI Compatibility +The ABI is compatible with version 0.3.0. + ## [0.3.0] - 2023-03-08 #### Added @@ -25,7 +40,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Removed the configuration header `src/libsecp256k1-config.h`. We recommend passing flags to `./configure` or `cmake` to set configuration options (see `./configure --help` or `cmake -LH`). If you cannot or do not want to use one of the supported build systems, pass configuration flags such as `-DSECP256K1_ENABLE_MODULE_SCHNORRSIG` manually to the compiler (see the file `configure.ac` for supported flags). #### ABI Compatibility - Due to changes in the API regarding `secp256k1_context_static` described above, the ABI is *not* compatible with previous versions. ## [0.2.0] - 2022-12-12 @@ -45,7 +59,6 @@ Due to changes in the API regarding `secp256k1_context_static` described above, - Module `schnorrsig`: renamed `secp256k1_schnorrsig_sign` to `secp256k1_schnorrsig_sign32`. #### ABI Compatibility - Since this is the first release, we do not compare application binary interfaces. However, there are earlier unreleased versions of libsecp256k1 that are *not* ABI compatible with this version. @@ -55,7 +68,8 @@ This version was in fact never released. The number was given by the build system since the introduction of autotools in Jan 2014 (ea0fe5a5bf0c04f9cc955b2966b614f5f378c6f6). Therefore, this version number does not uniquely identify a set of source files. -[unreleased]: https://github.com/bitcoin-core/secp256k1/compare/v0.3.0...HEAD +[unreleased]: https://github.com/bitcoin-core/secp256k1/compare/v0.3.1...HEAD +[0.3.1]: https://github.com/bitcoin-core/secp256k1/compare/v0.3.0...v0.3.1 [0.3.0]: https://github.com/bitcoin-core/secp256k1/compare/v0.2.0...v0.3.0 [0.2.0]: https://github.com/bitcoin-core/secp256k1/compare/423b6d19d373f1224fd671a982584d7e7900bc93..v0.2.0 [0.1.0]: https://github.com/bitcoin-core/secp256k1/commit/423b6d19d373f1224fd671a982584d7e7900bc93 |