From e1bd72b46c5c1b0809560db9e7c5c13946698892 Mon Sep 17 00:00:00 2001 From: Jay Berkenbilt Date: Fri, 18 Oct 2013 09:53:07 -0400 Subject: Prepare for 5.0.1 release --- manual/qpdf-manual.xml | 43 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 41 insertions(+), 2 deletions(-) (limited to 'manual/qpdf-manual.xml') diff --git a/manual/qpdf-manual.xml b/manual/qpdf-manual.xml index 631f759d..8d68db9d 100644 --- a/manual/qpdf-manual.xml +++ b/manual/qpdf-manual.xml @@ -5,8 +5,8 @@ - - + + ]> @@ -2640,6 +2640,45 @@ print "\n"; ChangeLog in the source distribution. + + 5.0.1: October 18, 2013 + + + + + Thanks to a detailed review by Florian Weimer and the Red Hat + Product Security Team, this release includes a number of + non-user-visible security hardening changes. Please see the + ChangeLog file in the source distribution for the complete + list. + + + + + When available, operating system-specific secure random number + generation is used for generating initialization vectors and + other random values used during encryption or file creation. + For the Windows build, this results in an added dependency on + Microsoft's cryptography API. To disable the OS-specific + cryptography and use the old version, pass the + option to + ./configure. + + + + + The qpdf command-line tool now issues a + warning when is specified + for newer encryption versions stating that the option is + ignored. qpdf, per the spec, has always ignored this flag, + but it previously did so silently. This warning is issued + only by the command-line tool, not by the library. The + library's handling of this flag is unchanged. + + + + + 5.0.0: July 10, 2013 -- cgit v1.2.3-54-g00ecf