WordPress.org

Make WordPress Core

Opened 14 months ago

Closed 12 months ago

Last modified 12 months ago

#48371 closed enhancement (fixed)

Update sodium_compat to v1.12.1

Reported by: paragoninitiativeenterprises Owned by: SergeyBiryukov
Milestone: 5.3.1 Priority: normal
Severity: normal Version: 5.3
Component: External Libraries Keywords: has-patch commit
Focuses: Cc:

Description

https://github.com/paragonie/sodium_compat/releases/tag/v1.12.0

paragonie/sodium_compat 1.12.0 includes a speedup for signature verification on most platforms (and bugfixes for PHP 5.2 and 32-bit platforms), so it might be worth including in the next minor release of WordPress.

I can supply a patch against trunk if that will be helpful.

Attachments (2)

47381-update-sodium-compat.patch (140.3 KB) - added by paragoninitiativeenterprises 13 months ago.
sodium_compat v1.12.0
47381-update-sodium-compat-1-12-1.patch (140.3 KB) - added by paragoninitiativeenterprises 13 months ago.
Update to version 1.12.1

Download all attachments as: .zip

Change History (13)

#1 @SergeyBiryukov
14 months ago

  • Keywords needs-patch added
  • Milestone changed from Awaiting Review to 5.3.1

#2 @pierlo
14 months ago

Hi @paragoninitiativeenterprises, a patch would be great to get this ticket moving.

#3 @paragoninitiativeenterprises
13 months ago

  • Keywords has-patch added; needs-patch removed

Patch supplied

#4 @lukaswaudentio
13 months ago

It appears there is an incompatibility between the version currently deployed by WordPress 5.2.4 and the latest version of the library, causing WordPress to crash if another source attempts to load the latest version. An update of the library would be strongly appreciated.

Not sure if I'm encouraged to change properties here, but I would love to classify this as bug with a severity of at least major.

#5 @paragoninitiativeenterprises
13 months ago

  • Summary changed from Update sodium_compat to v1.12.0 to Update sodium_compat to v1.12.1

This should be ready to be tested/reviewed for the next WordPress release.

#6 @pierlo
13 months ago

Hey @dd32 or @tellyworth could I get a quick review on this? Tagging you all since you are more familiar with the library.

This ticket was mentioned in Slack in #core by audrasjb. View the logs.


12 months ago

#8 @SergeyBiryukov
12 months ago

  • Keywords commit added

This ticket was mentioned in Slack in #core by audrasjb. View the logs.


12 months ago

#10 @SergeyBiryukov
12 months ago

  • Owner set to SergeyBiryukov
  • Resolution set to fixed
  • Status changed from new to closed

In 46858:

Upgrade/Install: Update sodium_compat to v1.12.1.

This includes a speedup for signature verification on most platforms and bugfixes for 32-bit platforms.

Props paragoninitiativeenterprises, lukaswaudentio.
Fixes #48371.

#11 @SergeyBiryukov
12 months ago

In 46859:

Upgrade/Install: Update sodium_compat to v1.12.1.

This includes a speedup for signature verification on most platforms and bugfixes for 32-bit platforms.

Props paragoninitiativeenterprises, lukaswaudentio.
Merges [46858] to the 5.3 branch.
Fixes #48371.

Note: See TracTickets for help on using tickets.