diff --git a/CMakeLists.txt b/CMakeLists.txt index 7326b7fd3e..c5d8df9d88 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -28,13 +28,13 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}") You must delete them, or cmake will refuse to work.") endif() -project(wolfssl VERSION 5.5.2 LANGUAGES C ASM) +project(wolfssl VERSION 5.5.3 LANGUAGES C ASM) # shared library versioning # increment if interfaces have been added, removed or changed set(LIBTOOL_CURRENT 37) # increment if source code has changed set to zero if current is incremented -set(LIBTOOL_REVISION 0) +set(LIBTOOL_REVISION 1) # increment if interfaces have been added set to zero if interfaces have been # removed or changed set(LIBTOOL_AGE 2) diff --git a/ChangeLog.md b/ChangeLog.md index 8c9a917749..24a5f67aa7 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,12 @@ +# wolfSSL Release 5.5.3 (Nov 2, 2022) + +Release 5.5.3 of wolfSSL embedded TLS has the following bug fix: + +## Fixes + +* Fix for possible buffer zeroization overrun introduced at the end of v5.5.2 release cycle in GitHub pull request 5743 (https://github.com/wolfSSL/wolfssl/pull/5743) and fixed in pull request 5757 (https://github.com/wolfSSL/wolfssl/pull/5757). In the case where a specific memory allocation failed or a hardware fault happened there was the potential for an overrun of 0’s when masking the buffer used for (D)TLS 1.2 and lower operations. (D)TLS 1.3 only and crypto only users are not affected by the issue. This is not related in any way to recent issues reported in OpenSSL. + + # wolfSSL Release 5.5.2 (Oct 28, 2022) Release 5.5.2 of wolfSSL embedded TLS has bug fixes and new features including: diff --git a/IDE/WIN10/wolfssl-fips.rc b/IDE/WIN10/wolfssl-fips.rc index 45f0c721b1..73971ec0dc 100644 --- a/IDE/WIN10/wolfssl-fips.rc +++ b/IDE/WIN10/wolfssl-fips.rc @@ -51,8 +51,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 5,5,2,0 - PRODUCTVERSION 5,5,2,0 + FILEVERSION 5,5,3,0 + PRODUCTVERSION 5,5,3,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x1L @@ -69,12 +69,12 @@ BEGIN BEGIN VALUE "CompanyName", "wolfSSL Inc." VALUE "FileDescription", "The wolfSSL FIPS embedded SSL library is a lightweight, portable, C-language-based SSL/TLS library targeted at IoT, embedded, and RTOS environments primarily because of its size, speed, and feature set." - VALUE "FileVersion", "5.5.2.0" + VALUE "FileVersion", "5.5.3.0" VALUE "InternalName", "wolfssl-fips" VALUE "LegalCopyright", "Copyright (C) 2022" VALUE "OriginalFilename", "wolfssl-fips.dll" VALUE "ProductName", "wolfSSL FIPS" - VALUE "ProductVersion", "5.5.2.0" + VALUE "ProductVersion", "5.5.3.0" END END BLOCK "VarFileInfo" diff --git a/README b/README index e3cd96c08a..a91118bd62 100644 --- a/README +++ b/README @@ -70,6 +70,16 @@ should be used for the enum name. *** end Notes *** + +# wolfSSL Release 5.5.3 (Nov 2, 2022) + +Release 5.5.3 of wolfSSL embedded TLS has the following bug fix: + +## Fixes + +* Fix for possible buffer zeroization overrun introduced at the end of v5.5.2 release cycle in GitHub pull request 5743 (https://github.com/wolfSSL/wolfssl/pull/5743) and fixed in pull request 5757 (https://github.com/wolfSSL/wolfssl/pull/5757). In the case where a specific memory allocation failed or a hardware fault happened there was the potential for an overrun of 0’s when masking the buffer used for (D)TLS 1.2 and lower operations. (D)TLS 1.3 only and crypto only users are not affected by the issue. This is not related in any way to recent issues reported in OpenSSL. + + # wolfSSL Release 5.5.2 (Oct 28, 2022) Release 5.5.2 of wolfSSL embedded TLS has bug fixes and new features including: diff --git a/README.md b/README.md index 93e8928177..0e6e9f448f 100644 --- a/README.md +++ b/README.md @@ -78,6 +78,16 @@ macro `NO_OLD_SHA_NAMES`. These names get mapped to the OpenSSL API for a single call hash function. Instead the name `WC_SHA`, `WC_SHA256`, `WC_SHA384` and `WC_SHA512` should be used for the enum name. + +# wolfSSL Release 5.5.3 (Nov 2, 2022) + +Release 5.5.3 of wolfSSL embedded TLS has the following bug fix: + +## Fixes + +* Fix for possible buffer zeroization overrun introduced at the end of v5.5.2 release cycle in GitHub pull request 5743 (https://github.com/wolfSSL/wolfssl/pull/5743) and fixed in pull request 5757 (https://github.com/wolfSSL/wolfssl/pull/5757). In the case where a specific memory allocation failed or a hardware fault happened there was the potential for an overrun of 0’s when masking the buffer used for (D)TLS 1.2 and lower operations. (D)TLS 1.3 only and crypto only users are not affected by the issue. This is not related in any way to recent issues reported in OpenSSL. + + # wolfSSL Release 5.5.2 (Oct 28, 2022) Release 5.5.2 of wolfSSL embedded TLS has bug fixes and new features including: diff --git a/configure.ac b/configure.ac index 05c807158a..5b163c5449 100644 --- a/configure.ac +++ b/configure.ac @@ -7,7 +7,7 @@ # AC_COPYRIGHT([Copyright (C) 2006-2020 wolfSSL Inc.]) AC_PREREQ([2.69]) -AC_INIT([wolfssl],[5.5.2],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com]) +AC_INIT([wolfssl],[5.5.3],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com]) AC_CONFIG_AUX_DIR([build-aux]) # The following sets CFLAGS to empty if unset on command line. We do not @@ -45,8 +45,8 @@ AC_SUBST([WOLFSSL_CONFIG_ARGS]) # these numbers don't always line up nicely with the library version. WOLFSSL_LIBRARY_VERSION_FIRST=35 WOLFSSL_LIBRARY_VERSION_SECOND=2 -WOLFSSL_LIBRARY_VERSION_THIRD=0 -WOLFSSL_LIBRARY_VERSION=37:0:2 +WOLFSSL_LIBRARY_VERSION_THIRD=1 +WOLFSSL_LIBRARY_VERSION=37:1:2 # | | | # +------+ | +---+ # | | | diff --git a/wolfssl.rc b/wolfssl.rc index 9b57bc28d7..293979afa7 100644 Binary files a/wolfssl.rc and b/wolfssl.rc differ diff --git a/wolfssl/version.h b/wolfssl/version.h index 6f38c1b8bd..2c506d3269 100644 --- a/wolfssl/version.h +++ b/wolfssl/version.h @@ -28,8 +28,8 @@ extern "C" { #endif -#define LIBWOLFSSL_VERSION_STRING "5.5.2" -#define LIBWOLFSSL_VERSION_HEX 0x05005002 +#define LIBWOLFSSL_VERSION_STRING "5.5.3" +#define LIBWOLFSSL_VERSION_HEX 0x05005003 #ifdef __cplusplus }