Make WordPress Core

Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#48371 closed enhancement (fixed)

Update sodium_compat to v1.12.1

Reported by: paragoninitiativeenterprises's profile paragoninitiativeenterprises Owned by: sergeybiryukov's profile SergeyBiryukov
Milestone: 5.3.1 Priority: normal
Severity: normal Version: 5.3
Component: External Libraries Keywords: has-patch commit
Focuses: Cc:

Description

https://github.com/paragonie/sodium_compat/releases/tag/v1.12.0

paragonie/sodium_compat 1.12.0 includes a speedup for signature verification on most platforms (and bugfixes for PHP 5.2 and 32-bit platforms), so it might be worth including in the next minor release of WordPress.

I can supply a patch against trunk if that will be helpful.

Attachments (2)

47381-update-sodium-compat.patch (140.3 KB) - added by paragoninitiativeenterprises 5 years ago.
sodium_compat v1.12.0
47381-update-sodium-compat-1-12-1.patch (140.3 KB) - added by paragoninitiativeenterprises 5 years ago.
Update to version 1.12.1

Download all attachments as: .zip

Change History (13)

#1 @SergeyBiryukov
5 years ago

  • Keywords needs-patch added
  • Milestone changed from Awaiting Review to 5.3.1

#2 @pierlo
5 years ago

Hi @paragoninitiativeenterprises, a patch would be great to get this ticket moving.

#3 @paragoninitiativeenterprises
5 years ago

  • Keywords has-patch added; needs-patch removed

Patch supplied

#4 @lukaswaudentio
5 years ago

It appears there is an incompatibility between the version currently deployed by WordPress 5.2.4 and the latest version of the library, causing WordPress to crash if another source attempts to load the latest version. An update of the library would be strongly appreciated.

Not sure if I'm encouraged to change properties here, but I would love to classify this as bug with a severity of at least major.

#5 @paragoninitiativeenterprises
5 years ago

  • Summary changed from Update sodium_compat to v1.12.0 to Update sodium_compat to v1.12.1

This should be ready to be tested/reviewed for the next WordPress release.

#6 @pierlo
5 years ago

Hey @dd32 or @tellyworth could I get a quick review on this? Tagging you all since you are more familiar with the library.

This ticket was mentioned in Slack in #core by audrasjb. View the logs.


5 years ago

#8 @SergeyBiryukov
5 years ago

  • Keywords commit added

This ticket was mentioned in Slack in #core by audrasjb. View the logs.


5 years ago

#10 @SergeyBiryukov
5 years ago

  • Owner set to SergeyBiryukov
  • Resolution set to fixed
  • Status changed from new to closed

In 46858:

Upgrade/Install: Update sodium_compat to v1.12.1.

This includes a speedup for signature verification on most platforms and bugfixes for 32-bit platforms.

Props paragoninitiativeenterprises, lukaswaudentio.
Fixes #48371.

#11 @SergeyBiryukov
5 years ago

In 46859:

Upgrade/Install: Update sodium_compat to v1.12.1.

This includes a speedup for signature verification on most platforms and bugfixes for 32-bit platforms.

Props paragoninitiativeenterprises, lukaswaudentio.
Merges [46858] to the 5.3 branch.
Fixes #48371.

Note: See TracTickets for help on using tickets.