diff --git a/CMakeLists.txt b/CMakeLists.txt index e691fdcd8..31562ef61 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -28,7 +28,7 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}") You must delete them, or cmake will refuse to work.") endif() -project(wolfssl VERSION 5.0.0 LANGUAGES C) +project(wolfssl VERSION 5.0.1 LANGUAGES C) # shared library versioning # increment if interfaces have been added, removed or changed diff --git a/README b/README index a78c44868..38742789e 100644 --- a/README +++ b/README @@ -78,11 +78,11 @@ See INSTALL file for build instructions. More info can be found on-line at https://wolfssl.com/wolfSSL/Docs.html # wolfSSL Release 5.0.0 (Nov 01, 2021) -Release 5.0.0 of wolfSSL embedded TLS has bug fixes and new features including: +[Release 5.0.0](https://github.com/wolfSSL/wolfssl/releases/tag/v5.0.0-stable) of wolfSSL embedded TLS has bug fixes and new features including: ### Vulnerabilities -* [\Low\] Hang with DSA signature creation when a specific q value is used in a maliciously crafted key. If a DSA key with an invalid q value of either 1 or 0 was decoded and used for creating a signature, it would result in a hang in wolfSSL. Users that are creating signatures with DSA and are using keys supplied from an outside source are affected. -* [\Low\] Issue with incorrectly validating a certificate that has multiple subject alternative names when given a name constraint. In the case where more than one subject alternative name is used in the certificate, previous versions of wolfSSL could incorrectly validate the certificate. Users verifying certificates with multiple alternative names and name constraints, are recommended to either use the certificate verify callback to check for this case or update the version of wolfSSL used. Thanks to Luiz Angelo Daros de Luca for the report. +* \[Low\] Hang with DSA signature creation when a specific q value is used in a maliciously crafted key. If a DSA key with an invalid q value of either 1 or 0 was decoded and used for creating a signature, it would result in a hang in wolfSSL. Users that are creating signatures with DSA and are using keys supplied from an outside source are affected. +* \[Low\] Issue with incorrectly validating a certificate that has multiple subject alternative names when given a name constraint. In the case where more than one subject alternative name is used in the certificate, previous versions of wolfSSL could incorrectly validate the certificate. Users verifying certificates with multiple alternative names and name constraints, are recommended to either use the certificate verify callback to check for this case or update the version of wolfSSL used. Thanks to Luiz Angelo Daros de Luca for the report. ### New Feature Additions ###### New Product diff --git a/README.md b/README.md index 8c7ae1bf0..e3e57b68d 100644 --- a/README.md +++ b/README.md @@ -78,11 +78,11 @@ single call hash function. Instead the name `WC_SHA`, `WC_SHA256`, `WC_SHA384` a `WC_SHA512` should be used for the enum name. # wolfSSL Release 5.0.0 (Nov 01, 2021) -Release 5.0.0 of wolfSSL embedded TLS has bug fixes and new features including: +[Release 5.0.0](https://github.com/wolfSSL/wolfssl/releases/tag/v5.0.0-stable) of wolfSSL embedded TLS has bug fixes and new features including: ### Vulnerabilities -* [\Low\] Hang with DSA signature creation when a specific q value is used in a maliciously crafted key. If a DSA key with an invalid q value of either 1 or 0 was decoded and used for creating a signature, it would result in a hang in wolfSSL. Users that are creating signatures with DSA and are using keys supplied from an outside source are affected. -* [\Low\] Issue with incorrectly validating a certificate that has multiple subject alternative names when given a name constraint. In the case where more than one subject alternative name is used in the certificate, previous versions of wolfSSL could incorrectly validate the certificate. Users verifying certificates with multiple alternative names and name constraints, are recommended to either use the certificate verify callback to check for this case or update the version of wolfSSL used. Thanks to Luiz Angelo Daros de Luca for the report. +* \[Low\] Hang with DSA signature creation when a specific q value is used in a maliciously crafted key. If a DSA key with an invalid q value of either 1 or 0 was decoded and used for creating a signature, it would result in a hang in wolfSSL. Users that are creating signatures with DSA and are using keys supplied from an outside source are affected. +* \[Low\] Issue with incorrectly validating a certificate that has multiple subject alternative names when given a name constraint. In the case where more than one subject alternative name is used in the certificate, previous versions of wolfSSL could incorrectly validate the certificate. Users verifying certificates with multiple alternative names and name constraints, are recommended to either use the certificate verify callback to check for this case or update the version of wolfSSL used. Thanks to Luiz Angelo Daros de Luca for the report. ### New Feature Additions ###### New Product diff --git a/configure.ac b/configure.ac index 465c47046..1b466b0ba 100644 --- a/configure.ac +++ b/configure.ac @@ -7,7 +7,7 @@ # AC_COPYRIGHT([Copyright (C) 2006-2020 wolfSSL Inc.]) AC_PREREQ([2.69]) -AC_INIT([wolfssl],[5.0.0],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com]) +AC_INIT([wolfssl],[5.0.1],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com]) AC_CONFIG_AUX_DIR([build-aux]) # The following sets CFLAGS to empty if unset on command line. We do not diff --git a/wolfssl.rc b/wolfssl.rc index aef67f153..bc0e6d001 100644 Binary files a/wolfssl.rc and b/wolfssl.rc differ diff --git a/wolfssl/version.h b/wolfssl/version.h index 660144ef1..2f9e65155 100644 --- a/wolfssl/version.h +++ b/wolfssl/version.h @@ -28,8 +28,8 @@ extern "C" { #endif -#define LIBWOLFSSL_VERSION_STRING "5.0.0" -#define LIBWOLFSSL_VERSION_HEX 0x05000000 +#define LIBWOLFSSL_VERSION_STRING "5.0.1" +#define LIBWOLFSSL_VERSION_HEX 0x05000001 #ifdef __cplusplus }