Skip to content

3.4.10

Choose a tag to compare

View all tags
@Spomky Spomky released this 06 Jun 16:33
· 114 commits to 4.2.x since this release
3.4.10
1e231cb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Release Notes for 3.4.10

Security patch release.

This release addresses four security issues in the JOSE implementation:

  • PBES2-HS*+A*KW — the p2c (PBKDF2 iteration count) is now bounded (configurable) to prevent a CPU-amplification denial of service. (GHSA-3prj-6hqw-cm82)
  • ChaCha20-Poly1305 key encryption — the Poly1305 authentication tag is now emitted and verified; tampered tokens are rejected. (GHSA-6vvh-pxr4-25r7)
  • RSA1_5 — PKCS#1 v1.5 decryption now uses constant-time implicit rejection, mitigating Bleichenbacher-style padding oracles. (GHSA-5739-39v2-5754)
  • JWS — the alg parameter is read only from the integrity-protected header, preventing algorithm-confusion attacks. (GHSA-jc38-x7x8-2xc8)

Note: 3.4.10 ships the fixes; the accompanying test-suite update is included in 3.4.11.

Assets 2
Loading