18287f17a5
- Updated to 0.12.0:
- This release updates the ML-DSA implementation to the [final
FIPS 204](https://csrc.nist.gov/pubs/fips/204/final) version. This
release still includes the NIST Round 3 version of Dilithium for
interoperability purposes, but we plan to remove Dilithium Round 3 in
a future release.
- This will be the last release of liboqs to include Kyber (that is,
the NIST Round 3 version of Kyber, prior to its standardization by NIST
as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203).
- The addition of ML-DSA FIPS 204 final version to liboqs has
introduced a new signature API which includes a context string
parameter. We are planning to remove the old version of the API
without a context string in the next release to streamline the
API and bring it in line with NIST specifications. Users who
have an opinion on this removal are invited to provide input at
https://github.com/open-quantum-safe/liboqs/issues/2001.
Security issues:
- CVE-2024-54137: Fixed bug in HQC decapsulation that leads to incorrect
shared secret value during decapsulation when called with an invalid
ciphertext. (bsc#1234292) (forwarded request 1230160 from msmeissn)
OBS-URL: https://build.opensuse.org/request/show/1230161
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/liboqs?expand=0&rev=15