diff --git a/CMakeLists.txt b/CMakeLists.txt index 6973fbc5c..9fa330033 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -34,7 +34,7 @@ set(CMAKE_C_STANDARD 11) set(CMAKE_C_STANDARD_REQUIRED ON) set(CMAKE_POSITION_INDEPENDENT_CODE ON) set(CMAKE_C_VISIBILITY_PRESET hidden) -set(OQS_VERSION_TEXT "0.10.2-dev") +set(OQS_VERSION_TEXT "0.11.0") set(OQS_COMPILE_BUILD_TARGET "${CMAKE_SYSTEM_PROCESSOR}-${CMAKE_HOST_SYSTEM}") set(OQS_MINIMAL_GCC_VERSION "7.1.0") set(CMAKE_EXPORT_COMPILE_COMMANDS ON) diff --git a/README.md b/README.md index ecc62daee..0d4ae69bb 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ The only algorithms in `liboqs` that implement NIST standards are the [`ML-KEM`] Falcon and SPHINCS+ have also been [selected for standardization](https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022), but the `liboqs` implementations of these algorithms are currently tracking Round 3 submissions and not NIST standards drafts. -All names other than `ML-KEM` and `ML-DSA` are subject to change. `liboqs` makes available a [selection mechanism for algorithms on the NIST standards track, continued NIST competition, or purely experimental nature by way of the configuration variable OQS_ALGS_ENABLED](CONFIGURE.md#oqs_algs_enabled). By default `liboqs` is built supporting all, incl. experimental, PQ algorithms listed below. +All names other than `ML-KEM` and `ML-DSA` are subject to change. `liboqs` makes available a [selection mechanism for algorithms on the NIST standards track, continued NIST competition, or purely experimental nature by way of the configuration variable OQS_ALGS_ENABLED](CONFIGURE.md#oQS_ALGS_ENABLED). By default `liboqs` is built supporting all, incl. experimental, PQ algorithms listed below. #### Key encapsulation mechanisms @@ -122,7 +122,7 @@ Various `cmake` build options to customize the resultant artifacts are available The following instructions assume we are in `build`. -3. By default the main build result is `lib/liboqs.a`, a static library. If you want to build a shared/dynamic library, append [`-DBUILD_SHARED_LIBS=ON`](CONFIGURE.md#build_shared_libs) to the `cmake -GNinja ..` command above and the result will be `lib/liboqs.so|dylib|dll`. The public headers are located in the `include` directory. There are also a variety of programs built under the `tests` directory: +3. By default the main build result is `lib/liboqs.a`, a static library. If you want to build a shared/dynamic library, append [`-DBUILD_SHARED_LIBS=ON`](CONFIGURE.md#bUILD_SHARED_LIBS) to the `cmake -GNinja ..` command above and the result will be `lib/liboqs.so|dylib|dll`. The public headers are located in the `include` directory. There are also a variety of programs built under the `tests` directory: - `test_kem`: Simple test harness for key encapsulation mechanisms - `test_sig`: Simple test harness for signature schemes diff --git a/RELEASE.md b/RELEASE.md index 6d022bb3b..e8a7273a7 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,4 +1,4 @@ -liboqs version 0.10.0 +liboqs version 0.11.0 ===================== About @@ -14,117 +14,120 @@ liboqs can be used with the following Open Quantum Safe application integrations - **OQS-BoringSSL**: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl. - **OQS-OpenSSH**: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh. -Several [demos](https://github.com/open-quantum-safe/oqs-demos) are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/. +Several [demos](https://github.com/open-quantum-safe/oqs-demos) are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. liboqs can also be used in the following programming languages via language-specific wrappers: - C++, via https://github.com/open-quantum-safe/liboqs-cpp - Go, via https://github.com/open-quantum-safe/liboqs-go - Java, via https://github.com/open-quantum-safe/liboqs-java -- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet - Python 3, via https://github.com/open-quantum-safe/liboqs-python - Rust, via https://github.com/open-quantum-safe/liboqs-rust Release notes ============= -This is version 0.10.0 of liboqs. It was released on March 20, 2024. +This is version 0.11.0 of liboqs. It was released on September 27, 2024. -This release adds support for ML-KEM (previously known as CRYSTALS-Kyber) and ML-DSA (previously known as CRYSTALS-Dilithium), based on the initial public drafts of [FIPS 203](https://csrc.nist.gov/pubs/fips/203/ipd) and [FIPS 204](https://csrc.nist.gov/pubs/fips/204/ipd), respectively. OQS continues to support the NIST Round 3 versions of Kyber and Dilithium for interoperability purposes. This release additionally updates HQC to the NIST Round 4 version and adds support for fixed-length Falcon signatures. +This release updates ML-KEM implementations to their [final FIPS 203](https://csrc.nist.gov/pubs/fips/203/final) versions. This release still includes the NIST Round 3 version of Kyber for interoperability purposes, but we plan to remove Kyber Round 3 in a future release. Additionally, this release adds support for MAYO and CROSS digital signature schemes from [NIST Additional Signatures Round 1](https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures) along with stateful hash-based signature schemes [XMSS](https://datatracker.ietf.org/doc/html/rfc8391) and [LMS](https://datatracker.ietf.org/doc/html/rfc8554). Finally, this release provides formally verified implementations of Kyber-512 and Kyber-768 from [libjade](https://github.com/formosa-crypto/libjade/releases/tag/release%2F2023.05-2). + +LMS and XMSS are disabled by default due to the security risks associated with their use in software. See the note on stateful hash-based signatures in [CONFIGURE.md](https://github.com/open-quantum-safe/liboqs/blob/0.11.0/CONFIGURE.md#stateful-hash-based-signatures). What's New ---------- -This release continues from the 0.9.2 release of liboqs. +This release continues from the 0.10.1 release of liboqs. ### Key encapsulation mechanisms -- BIKE: Updated portable C implementation to include constant-time fixes from upstream. -- HQC: Updated to NIST Round 4 version. -- ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-KEM-512, ML-KEM-768, and ML-KEM-1024. +- Kyber: Added formally-verified portable C and AVX2 implementations of Kyber-512 and Kyber-768 from [libjade](https://github.com/formosa-crypto/libjade/releases/tag/release%2F2023.05-2). +- ML-KEM: Updated portable C and AVX2 implementations of ML-KEM-512, ML-KEM-768, and ML-KEM-1024 to FIP 203 version. +- Kyber: Patched ARM64 implementations of Kyber-512, Kyber-768, and Kyber-1024 to work with AddressSanitizer. ### Digital signature schemes -- Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification. -- ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87. +- LMS/XMSS: Added implementations of stateful hash-based signature schemes: [XMSS](https://datatracker.ietf.org/doc/html/rfc8391) and [LMS](https://datatracker.ietf.org/doc/html/rfc8554). +- MAYO: Added portable C and AVX2 implementations of MAYO signature scheme from NIST Additional Signatures Round 1. +- CROSS: Added portable C and AVX2 implementations of CROSS signature scheme from NIST Additional Signatures Round 1. ### Other changes -- Improved thread safety. -- Added uninstall support via `ninja uninstall` -- Documented platforms by support tier in PLATFORMS.md. -- Added support for Zephyr RTOS. -- Improved support for macOS on Apple Silicon. -- Removed support for the "NIST-KAT" DRBG. -- Added extended KAT test programs. +- Added callback API to use custom implementations of AES, SHA2, and SHA3. +- Refactor SHA3 implementation to use OpenSSL's EVP_DigestSqueeze() API. --- Detailed changelog ------------------ -* PR template update & OpenSSL clarification by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1582 -* Use CMAKE_USE_PTHREADS_INIT by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1576 -* Add section to CONFIGURE.md link by @iyanmv in https://github.com/open-quantum-safe/liboqs/pull/1578 -* Run copy_from_upstream and test by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1589 -* Support several pqclean upstream versions by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1595 -* Call Keccak_(X4_)Dispatch with pthread_once by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1549 -* minor updates by @vsoftco in https://github.com/open-quantum-safe/liboqs/pull/1600 -* Pull new HQC implementation from upstream by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1585 -* add uninstall support by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1604 -* Ensure generic OQS_OPT_TARGET in weekly CT tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1618 -* update .travis.yml by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1629 -* Pull latest Kyber version from upstream by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1631 -* platform support documentation [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1605 -* Add support for Zephyr RTOS by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1621 -* Apply patch to Kyber aarch64 code from PQClean for variable-time division issue. by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1636 -* Fix BIKE constant-time errors by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1632 -* Fix falcon constant time check in Valgrind by @cothan in https://github.com/open-quantum-safe/liboqs/pull/1646 -* Correct cmake version requirement by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1643 -* Pull Kyber division fixes from PQ-Crystals into main by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1649 -* Bump gitpython from 3.1.37 to 3.1.41 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1659 -* Zephyr: fixes for platform support by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1658 -* Bump jinja2 from 2.11.3 to 3.1.3 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1661 -* Riscv zephyr support by @trigpolynom in https://github.com/open-quantum-safe/liboqs/pull/1641 -* Zephyr: CMake fixes by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1664 -* Clarify that copyright is held by authors and not the project itself [skip ci] by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1668 -* Make internal API available to (only) test programs by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1667 -* Remove reference to old BIKE variants from CONFIGURE.md [skip ci] by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1669 -* Add a document describing our subproject governance by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1675 -* Set the correct compile flag for the memory sanitizer build by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1680 -* Test against all 100 KAT values by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1560 -* Update BIKE documentation to exclude x86 by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1679 -* find_package(Threads) regardless of BUILD_ONLY_LIB by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1653 -* Call set_available_cpu_extensions using pthread_once by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1671 -* Discontinue AppVeyor CI testing by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1682 -* Run oqs-provider release tests in CI on release candidate branches by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1654 -* Fix link in GOVERNANCE.md by @Martyrshot in https://github.com/open-quantum-safe/liboqs/pull/1686 -* Rename weekly runs and skip Falcon-1024 [skip ci] by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1684 -* Update McEliece suppression files for generic config by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1677 -* Update SPHINCS+ "clean" suppression files by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1683 -* Update Sphincs+ Markdown documentation from YAML by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1690 -* properly document release support level [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1688 -* set(OQS_USE_PTHREADS OFF) on MinGW/Cygwin by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1695 -* Fix cross compilation and test in CI by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1696 -* update brew install instructions to use openssl@3 instead of openssl@1.1.1 [skip ci] by @Martyrshot in https://github.com/open-quantum-safe/liboqs/pull/1701 -* Add ML-DSA-ipd and ML-KEM-ipd & NIST supplied test vectors by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1626 -* Small fixes after adding ML-\* by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1702 -* Move MacOS CI tests to GitHub Actions; add M1 CI tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1709 -* Update liboqs readme to point to oqs-provider instead of deprecated openssl1.1.1 fork [skip ci] by @Martyrshot in https://github.com/open-quantum-safe/liboqs/pull/1699 -* Fix for the Zephyr CI tests by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1714 -* remove references to unsupported openssh [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1713 -* fix documentation generation by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1715 -* Support Falcon PADDED format by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1710 -* Fix for alg_support.cmake by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1716 -* Fix SPHINCS+ naming in CT tests [skip ci] by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1720 -* improve algorithm documentation [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1721 -* Always build "internal" library as static by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1725 +* [NFCI] Move Keccak rhotates tables to rodata by @aaupov in https://github.com/open-quantum-safe/liboqs/pull/1739 +* Document Fix by @pi-314159 in https://github.com/open-quantum-safe/liboqs/pull/1735 +* Add option to dynamically load libcrypto.so.* by @ueno in https://github.com/open-quantum-safe/liboqs/pull/1603 +* Allow windows linking of test programs by @matlimatli in https://github.com/open-quantum-safe/liboqs/pull/1751 +* Refactor OpenSSL Implementation of SHA3 SHAKE to use new Squeeze API by @Eddy-M-K in https://github.com/open-quantum-safe/liboqs/pull/1694 +* remove "maximum" words for most length fields by @wangweij in https://github.com/open-quantum-safe/liboqs/pull/1747 +* add compile_commands.json to .gitignore by @carsonRadtke in https://github.com/open-quantum-safe/liboqs/pull/1754 +* Fix linking of test programs on msys by @d0p1s4m4 in https://github.com/open-quantum-safe/liboqs/pull/1758 +* restrict Windows platform support documentation [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1762 +* Add workflow dispatch to action by @ryjones in https://github.com/open-quantum-safe/liboqs/pull/1778 +* Bump jinja2 from 3.1.3 to 3.1.4 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1782 +* Algorithm selection clarification by @beldmit in https://github.com/open-quantum-safe/liboqs/pull/1784 +* Use OPENSSL_cleanse if OpenSSL is used by @bencemali in https://github.com/open-quantum-safe/liboqs/pull/1773 +* Errors not printed out when OPENSSL_NO_STDIO is set by @bencemali in https://github.com/open-quantum-safe/liboqs/pull/1774 +* Add Stateful Signature (XMSS and LMS) by @ashman-p in https://github.com/open-quantum-safe/liboqs/pull/1650 +* Forward-declare OQS_SIG in sig_stfl.h by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1820 +* Move Linux ARM64 "build" test from CircleCI to GitHub Actions by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1814 +* Fix test_alg_info.py on Windows platform by @qnfm in https://github.com/open-quantum-safe/liboqs/pull/1821 +* Increment version string to 0.10.2-dev by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1813 +* Add XMSS-SHA256_{10, 16, 20}_192 parameters by @cothan in https://github.com/open-quantum-safe/liboqs/pull/1817 +* Add XMSS-SHAKE256_{10, 16, 20}_192 parameters by @cothan in https://github.com/open-quantum-safe/liboqs/pull/1818 +* Add XMSS-SHAKE256_{10, 16, 20}_256 parameters by @cothan in https://github.com/open-quantum-safe/liboqs/pull/1819 +* Create scorecard.yml (OpenSSF) by @planetf1 in https://github.com/open-quantum-safe/liboqs/pull/1708 +* Expose callback API for replacing low-level cryptographic primitives by @ueno in https://github.com/open-quantum-safe/liboqs/pull/1832 +* Add MAYO signature scheme from NIST onramp by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1707 +* Bump zipp from 3.4.0 to 3.19.1 in /scripts/copy_from_upstream in the pip group by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1836 +* Update and fix CI status badges by @anvega in https://github.com/open-quantum-safe/liboqs/pull/1844 +* Use `cmake -LA -N` instead of `cmake -LA` in CI by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1848 +* Fix passes.json entries for MAYO by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1852 +* ML-KEM NIST tests, fix order of d and z by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1854 +* Move from CircleCI to GitHub Actions by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1849 +* Add a convenience script for consistent astyle formatting by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1861 +* Quick fixes from Trail of Bits audit Week 1 by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1869 +* Check return value of fscanf in LMS/XMSS KAT tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1874 +* Fix downstream CI trigger by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1857 +* Don't hardcode OPENSSL_ROOT_DIR to /usr on Linux by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1873 +* Fix overflow in stateful sigs tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1887 +* Integrate Kyber from libjade by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1745 +* Use explicit_memset if available. NetBSD has support for it: by @loganaden in https://github.com/open-quantum-safe/liboqs/pull/1872 +* Disable erroring TravisCI build by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1901 +* Update OpenSSH downstream branch to OQS-v9 by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1898 +* Fix incorrect formatting in unix.yml by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1902 +* CMakeLists: add ppc case to known archs by @barracuda156 in https://github.com/open-quantum-safe/liboqs/pull/1816 +* Remove old ad hoc CI for Apple M1 by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1907 +* Add ML-KEM / FIPS203 final by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1899 +* Update checkout action in weekly.yml by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1908 +* Add CROSS by @rtjk in https://github.com/open-quantum-safe/liboqs/pull/1881 +* Refactor liboqs CI and update Ubuntu images by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1909 +* Check workflows for issues during CI by @jplomas in https://github.com/open-quantum-safe/liboqs/pull/1916 +* Patch Kyber to fix ASAN error on ARM64 by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1922 +* Change README links to be doxygen-friendly by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1927 ## New Contributors -* @zxjtan made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1576 -* @iyanmv made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1578 -* @Frauschi made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1621 -* @cothan made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1646 -* @trigpolynom made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1641 - -**Full Changelog**: https://github.com/open-quantum-safe/liboqs/compare/0.9.2...0.10.0 +* @aaupov made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1739 +* @pi-314159 made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1735 +* @ueno made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1603 +* @matlimatli made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1751 +* @Eddy-M-K made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1694 +* @wangweij made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1747 +* @carsonRadtke made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1754 +* @d0p1s4m4 made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1758 +* @ryjones made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1778 +* @bencemali made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1773 +* @qnfm made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1821 +* @anvega made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1844 +* @loganaden made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1872 +* @barracuda156 made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1816 +* @rtjk made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1881 +* @jplomas made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1916 + +**Full Changelog**: https://github.com/open-quantum-safe/liboqs/compare/0.10.1...0.11.0 \ No newline at end of file diff --git a/SECURITY.md b/SECURITY.md index 27f816db3..ae4c0e983 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -4,12 +4,12 @@ We only support the most recent release. -Using any code prior to 0.9.2 is strongly discouraged due to a [known security vulnerability in Kyber](https://github.com/open-quantum-safe/liboqs/releases/tag/0.9.2). +Using any code prior to 0.10.1 is strongly discouraged due to a [known security vulnerability in Kyber](https://github.com/open-quantum-safe/liboqs/releases/tag/0.10.1). | Version | Supported | | ------- | ------------------ | -| 0.10.0 | :white_check_mark: | -| < 0.10 | :x: | +| 0.11.0 | :white_check_mark: | +| < 0.11 | :x: | ## Reporting a Vulnerability Please follow [this information to report a vulnerability](https://openquantumsafe.org/liboqs/security.html#reporting-security-bugs).