| Changelog for libsodium |
| Release |
What has changed? |
| 2.0.23 |
- PHP 8.0.x compatibility. |
| 2.0.22 |
- Security: the sodium_crypto_generichash_init() function used to return a partially uninitialized buffer. This has been fixed. Thanks to @CiPHPerCoder for spotting this.
- SODIUM_CRYPTO_PWHASH_STRBYTES has been added |
| 2.0.21 |
- Detached signature strings were not properly terminated. This has been fixed. |
| 2.0.20 |
- Restore compatibility with PHP |
| 2.0.19 |
- Restore compatibility with 7.3 |
| 2.0.18 |
- Restore compatibility with PHP before 7.3 |
| 2.0.17 |
- PHP 7.3 compatibility. |
| 2.0.16 |
- PHP 7.3 compatibility. |
| 2.0.15 |
- The version displayed in `phpinfo()` wasn't updated in the previous
release. This has been fixed. Nothing else has changed. |
| 2.0.14 |
- Some Base64-encoded values couldn't be decoded when using unpadded variants. This has been fixed. |
| 2.0.13 |
- Security fix: sodium_pad() used to read extra memory when given an empty string |
| 2.0.12 |
- Bug fix: sodium_pad() din't support block sizes over 255 bytes
- Bug fix: file descriptors were not properly closed when using PHP as an Apache module, and Apache was reloaded |
| 2.0.11 |
- Added a workaround for a PHP vulnerability affecting all PHP7 versions up to and including 7.2.5.
- Bindings for crypto_aead_*_detached() functions have been added. |
| 2.0.10 |
No code change. Fixes an installation issue with PECL. |
| 2.0.9 |
No code change. This release was made to ensure that the stable channel installs version 2.x. |
| 1.0.7 |
This is a maintenance release, compatible with libsodium 1.0.15+ |
| 2.0.8 |
Support for libsodium 1.0.15 was implemented. |
| 2.0.7 |
Requires at least php 7.0 and libsodium 1.0.9. |
| 2.0.6 |
Requires at least php 7.0 and libsodium 1.0.9. |
| 2.0.5 |
Requires at least php 7.0 and libsodium 1.0.9. |
| 2.0.4 |
Requires at least php 7.0 and libsodium 1.0.9. |
| 2.0.3 |
Requires at least php 7.0 and libsodium 1.0.9. |
| 2.0.2 |
Version 2.0.0 couldn't be compiled on old libsodium versions.
This has been fixed. |
| 2.0.1 |
Version 2.0.0 couldn't be compiled on old libsodium versions.
This has been fixed. |
| 2.0.0 |
This is a major release, featuring a new API identical to the one of sodium extension included with PHP 7.2.
Functions are now in the global namespace, and return exceptions.
Note that PHP 5 is not supported any more.
Support for the key exchange API (crypto_kx), key derivation (crypto_kdf) and
for the xchacha20-poly1305 construction have been added.
Many bugs have been squashed. |
| 1.0.6 |
- The PWHASH_MEMLIMIT_{MODERATE,SENSITIVE} constants are correctly defined |
| 1.0.5 |
- The IETF variant of the ChaCha20-Poly1305 construction has been added |
| 1.0.4 |
- Fixed compatibility with old libsodium versions |
| 1.0.3 |
- The Argon2 function is now available for password hashing |
| 1.0.2 |
- Compatibility with old distros and old versions of libsodium |
| 1.0.1 |
- Added crypto_aead_aes256gcm_*()
- Added crypto_box_seed_keypair()
- Added crypto_sign_ed25519_sk_to_curve25519() and crypto_sign_ed25519_pk_to_curve25519()
- Added compare()
- On PHP7, make memzero() and increment() avoid zeroing an object if it is not a reference or if its reference count is > 1 |
| 1.0.0 |
- The extension can now be statically compiled.
- crypto_sign_publickey_from_secretkey(), and crypto_auth() have been added.
- The extension and its API are now marked stable. |
| 0.2.1 |
- Fixed support for old versions of libsodium
- New helper function: increment() |
| 0.2.0 |
- Methods were moved to functions in a \Sodium\ namespace.
- PHP 7 is now fully supported.
- crypto_aead_chacha20poly1305_decrypt() now returns FALSE instead of a PHP error if verification fails.
- multi-part hashing was implemented (crypto_generichash_{init|update|final})
- sealed boxes have been implemented (crypto_seal) |
| 0.1.3 |
crypto_scalarmult() has been added. |
| 0.1.2 |
Initial release |
| 0.1.1 |
Initial release |
