aboutsummaryrefslogtreecommitdiff
path: root/CHANGELOG.rst
AgeCommit message (Collapse)Author
2020-10-06bump version numbers and update changelog3.2.1Hubert Chathi
2020-10-06bump version numbers and update changelog3.2.0Hubert Chathi
2020-06-11changelog for releaseHubert Chathi
2019-10-09release 3.1.43.1.4Hubert Chathi
2019-06-24release 3.1.33.1.3Hubert Chathi
2019-04-30release 3.1.23.1.2Hubert Chathi
2019-04-29update changelog for 3.1.1Hubert Chathi
2019-04-22update changelog3.1.0Hubert Chathi
2019-04-17update changelog links to point to new repoHubert Chathi
2019-04-17prepare for 3.1.0 releaseHubert Chathi
2018-10-23prepare release 3.0.0Hubert Chathi
2018-10-02Add other breaking changeDavid Baker
2018-09-25Breking changeDavid Baker
2018-07-04prepare 2.3.02.3.0Hubert Chathi
2017-03-01prepare v2.2.22.2.2Richard van der Hoff
2017-01-18Prep v2.2.12.2.1Richard van der Hoff
2017-01-18Prep changelog for 2.2.0Richard van der Hoff
2016-12-22Update CHANGELOGRichard van der Hoff
2016-11-17OLMKit: Add it to olm from version 2.0.1manuroe
2016-10-24Changelog: Mention install-headersRichard van der Hoff
2016-10-24Prepare changelog for v2.0.0Richard van der Hoff
2016-09-14Changelog and version bump for 1.3.01.3.0Mark Haines
2016-09-06Prepare changelog for v1.2.0Richard van der Hoff
2016-09-01update changelogRichard van der Hoff
pre-1.0.0 was broken too
2016-09-01Fix Ed25519 keypair generationRichard van der Hoff
Ed25519 private keys, it turns out, have 64 bytes, not 32. We were previously generating only 32 bytes (which is all that is required to generate the public key), and then using the public key as the upper 32 bytes when generating the per-message session key. This meant that everything appeared to work, but the security of the private key was severely compromised. By way of fixes: * Use the correct algorithm for generating the Ed25519 private key, and store all 512 bits of it. * Update the account pickle format and refuse to load the old format (since we should consider it compromised). * Bump the library version, and add a function to retrieve the library version, so that applications can verify that they are linked against a fixed version of the library. * Remove the curve25519_{sign, verify} functions which were unused and of dubious quality.
2016-07-11Prepare 1.0.0 release1.0.0Richard van der Hoff