Skip to content

Commit

Permalink
Merge bitcoin-core/secp256k1#1266: release: Prepare for 0.3.1
Browse files Browse the repository at this point in the history
898e1c6 release: Prepare for 0.3.1 (Tim Ruffing)
1d9a13f changelog: Remove inconsistent newlines (Tim Ruffing)
0e09166 changelog: Catch up in preparation of 0.3.1 (Tim Ruffing)

Pull request description:

ACKs for top commit:
  sipa:
    ACK 898e1c6
  jonasnick:
    ACK 898e1c6

Tree-SHA512: 941b1524f8b34ca803a2ede55a7baf54d2faa69a4c5e47254297e96cc4ac2121094ed90e7cd64a708f3e9af830b0de0ef3c755dfee1b01ce958cc998fc1a1311
  • Loading branch information
jonasnick committed Apr 10, 2023
2 parents 7b7503d + 898e1c6 commit ec98fce
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 4 deletions.
17 changes: 14 additions & 3 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,20 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [Unreleased]
## [0.3.1] - 2023-04-10
We strongly recommend updating to 0.3.1 if you use or plan to use Clang >=14 to compile libsecp256k1, e.g., Xcode >=14 on macOS has Clang >=14. When in doubt, check the Clang version using `clang -v`.

#### Security
- Fix "constant-timeness" issue with Clang >=14 that could leave applications using libsecp256k1 vulnerable to a timing side-channel attack. The fix avoids secret-dependent control flow and secret-dependent memory accesses in conditional moves of memory objects when libsecp256k1 is compiled with Clang >=14.

#### Added
- Added tests against [Project Wycheproof's](https://github.com/google/wycheproof/) set of ECDSA test vectors (Bitcoin "low-S" variant), a fixed set of test cases designed to trigger various edge cases.

#### Changed
- Increased minimum required CMake version to 3.13. CMake builds remain experimental.

#### ABI Compatibility
The ABI is compatible with version 0.3.0.

## [0.3.0] - 2023-03-08

Expand All @@ -25,7 +38,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Removed the configuration header `src/libsecp256k1-config.h`. We recommend passing flags to `./configure` or `cmake` to set configuration options (see `./configure --help` or `cmake -LH`). If you cannot or do not want to use one of the supported build systems, pass configuration flags such as `-DSECP256K1_ENABLE_MODULE_SCHNORRSIG` manually to the compiler (see the file `configure.ac` for supported flags).

#### ABI Compatibility

Due to changes in the API regarding `secp256k1_context_static` described above, the ABI is *not* compatible with previous versions.

## [0.2.0] - 2022-12-12
Expand All @@ -45,7 +57,6 @@ Due to changes in the API regarding `secp256k1_context_static` described above,
- Module `schnorrsig`: renamed `secp256k1_schnorrsig_sign` to `secp256k1_schnorrsig_sign32`.

#### ABI Compatibility

Since this is the first release, we do not compare application binary interfaces.
However, there are earlier unreleased versions of libsecp256k1 that are *not* ABI compatible with this version.

Expand Down
2 changes: 1 addition & 1 deletion configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ AC_PREREQ([2.60])
define(_PKG_VERSION_MAJOR, 0)
define(_PKG_VERSION_MINOR, 3)
define(_PKG_VERSION_PATCH, 1)
define(_PKG_VERSION_IS_RELEASE, false)
define(_PKG_VERSION_IS_RELEASE, true)

# The library version is based on libtool versioning of the ABI. The set of
# rules for updating the version can be found here:
Expand Down

0 comments on commit ec98fce

Please sign in to comment.