Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release prep for 0.6.1 #157

Closed
wants to merge 5 commits into from
Closed

Release prep for 0.6.1 #157

wants to merge 5 commits into from

Conversation

poljar
Copy link
Collaborator

@poljar poljar commented May 20, 2024

No description provided.

@poljar
fix: Use a constant-time Base64 encoder for secret key material
73e42dd 
This patch fixes a security issue around a side-channel vulnerability[1]
when decoding secret key material using Base64.

In some circumstances an attacker can obtain information about secret
secret key material via a controlled-channel and side-channel attack.

This patch avoids the side-channel by switching to the base64ct crate
for the encoding, and more importantly, the decoding of secret key
material.

[1]: https://arxiv.org/abs/2108.04600
@poljar poljar requested a review from dkasak as a code owner May 20, 2024 14:34
@codecov-commenter
Copy link

codecov-commenter commented May 20, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 90.38%. Comparing base (94ffb9d) to head (eb0f8de).
Report is 7 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #157      +/-   ##
==========================================
+ Coverage   90.37%   90.38%   +0.01%     
==========================================
  Files          32       32              
  Lines        1787     1789       +2     
==========================================
+ Hits         1615     1617       +2     
  Misses        172      172

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

dkasak
dkasak approved these changes May 20, 2024
View reviewed changes
cliff.toml Outdated Show resolved Hide resolved
@poljar poljar force-pushed the poljar/0.6.1-release-prep branch from 6b85b74 to eb0f8de Compare May 20, 2024 14:46
@poljar poljar changed the base branch from main to 0.6-release May 20, 2024 14:53
@dkasak dkasak changed the title Relase prep for 0.6.1 Release prep for 0.6.1 Jun 11, 2024
@poljar
Copy link
Collaborator Author

poljar commented Jul 17, 2024

Superseded by #160.

@poljar poljar closed this Jul 17, 2024
@poljar poljar deleted the poljar/0.6.1-release-prep branch July 17, 2024 12:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dkasak dkasak dkasak approved these changes

@Hywan Hywan Hywan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@poljar @codecov-commenter @dkasak @Hywan