Lines Matching full:on
24 private key. This can be exploited on some Arm-v9 CPUs by an unprivileged
25 attacker running code on the same core (SSBleed), or when Trustzone-M is
37 lifetime on platforms where mbedtls_time_t
63 * On x86/amd64 platforms, with some compilers, when the library is
76 mbedtls_asn1_free_named_data_list() on its head argument, while the
78 on the documented behaviour to still hold pointers to memory blocks after
119 * On entry to PSA driver entry points that set up a multipart operation
130 keys with a different LMS or LM-OTS types on some platforms. Specifically,
131 this could happen on platforms where enum types are smaller than 32 bits
134 * Fix a race condition on x86/amd64 platforms in AESNI support detection
138 * Fix mbedtls_base64_decode() on inputs that did not have the correct
141 rejected. Furthermore, before, on inputs with too few equal signs, the
152 to point to NULL on entry. This makes it likely that existing risky uses of
180 * implements `psa_can_do_hash()` on the client interface
213 * Fix compilation on MS-DOS DJGPP. Fixes #9813.
214 * Fix missing constraints on the AES-NI inline assembly which is used on
216 may have resulted in incorrect code with some compilers, depending on
225 occurred whenever SSL debugging was enabled on a copy of Mbed TLS built
230 implementatios if placed on the include path, eg. when building Mbed TLS
243 called on an opaque key, MBEDTLS_USE_PSA_CRYPTO is enabled,
246 when called on an opaque RSA key, MBEDTLS_USE_PSA_CRYPTO is enabled
310 For guidance on migrating application code to the PSA API, please consult
356 * Fix rare concurrent access bug where attempting to operate on a
383 MBEDTLS_SSL_CLI_C is disabled. Reported by M-Bab on GitHub in #9186.
409 * Fixed a regression introduced in 3.6.0 where clients that relied on
495 * Fewer modules depend on MBEDTLS_CIPHER_C, making it possible to save code
497 GCM modules no longer depend on MBEDTLS_CIPHER_C. Also,
502 decryption still unconditionally depend on MBEDTLS_CIPHER_C.
508 hardware accelerated AES is not present (around 13-23% on 64-bit Arm).
537 performance by around 30% on 64-bit Intel; 125% on Armv7-M.
596 * When negotiating TLS version on server side, do not fall back to the
604 Reported by alluettiv on GitHub.
632 * On Linux on ARMv8, fix a build error with SHA-256 and SHA-512
641 * mbedtls_pem_read_buffer() now performs a check on the padding data of
644 mbedtls_pk_encrypt() on non-opaque RSA keys to honor the padding mode in
699 attacker or a remote attacker who is close to the victim on the network
772 key exchanges based on ECDH(E) to work, this requires
785 TLS 1.3 depending on the capabilities and preferences of TLS clients.
796 on MBEDTLS_BIGNUM_C, and a driver dispatch layer enabling alternative
815 On Aarch64, uplift is typically around 20 - 110%.
816 When compiling with gcc -Os on Aarch64, AES-XTS improves
947 proposes an handshake based on PSK only key exchange mode or at least
953 * Fix a compilation error on some platforms when including mbedtls/ssl.h
981 error code on failure. Before, they returned 1 to indicate failure in
1010 * Fix builds on Windows with clang
1026 direct dependency of X509 on BIGNUM_C.
1051 size and improving performance (depending on compiler and target
1086 * Add support for AES with the Armv8-A Cryptographic Extension on
1113 * Add support for AES with the Armv8-A Cryptographic Extension on 64-bit
1115 attacks. This is configured by MBEDTLS_AESCE_C, which is on by default.
1117 * MBEDTLS_AESNI_C, which is enabled by default, was silently ignored on
1131 calculation on the client side. It prevents a server with more accurate
1141 used on a shared secret from a key agreement since its input must be
1155 certificate parsing, but only on subsequent calls to
1190 modules, which would then fail if run on a CPU without the SHA3
1220 to best results when tested on Cortex-M4 and Intel i7.
1223 compiler target flags on the command line; the library now sets target
1238 same build of Mbed TLS, please let us know about your situation on the
1276 properly negotiate/accept hashes based on their availability in PSA.
1279 provided by PSA drivers. (See previous entry for limitation on RSA-PSS
1367 * Fix mbedtls_ctr_drbg_free() on an initialized but unseeded context. When
1368 MBEDTLS_AES_ALT is enabled, it could call mbedtls_aes_free() on an
1370 * Fix a build issue on Windows using CMake where the source and build
1371 directories could not be on different drives. Fixes #5751.
1380 Change mbedtls_x509_get_name() to clean up allocated objects on error.
1404 consequence on cryptography code, but might affect applications that call
1443 * The library will no longer compile out of the box on a platform without
1560 disabled on stdio files, to stop secrets loaded from said files being
1572 when MBEDTLS_SSL_IN_CONTENT_LEN is less than a threshold that depends on
1607 * Fix unit tests that used 0 as the file UID. This failed on some
1617 on Windows.
1633 * Fix compilation error when using C++ Builder on Windows. Reported by
1655 Finished message on the network cannot be satisfied. Fixes #5499.
1659 on DTLS 1.2 session resumption. After DTLS 1.2 session resumption with
1662 * Fix a null pointer dereference when performing some operations on zero
1676 make to break on a clean checkout. Fixes #5340.
1691 temporary variable on the heap. Suggested by Sergey Kanatov in #5304.
1716 X.509 parsing, and finally the field fd of mbedtls_net_context on
1728 * Remove the partial support for running unit tests via Greentea on Mbed OS,
1739 supported on GCC-like compilers and on MSVC and can be configured through
1787 * The GNU makefiles invoke python3 in preference to python except on Windows.
1789 on Linux. Fix this. Fixes #4774.
1796 * Fix missing constraints on x86_64 and aarch64 assembly code
1833 * Fix issue in Makefile on Linux with SHARED=1, that caused shared libraries
1862 * Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on and increasing the
1863 code size by about 80B on an M0 build. This option only gated an ability
1881 generated by the CMake build system on Unix-like systems. This is not
1921 API version 1.0 spec. This version of the spec parameterizes them on the
1940 * The interface of the GCM module has changed to remove restrictions on
1975 was unclear on this point, and this function happened to never do
2075 More details on PCKS#11 wrapper removal can be found in the mailing list
2084 primes based on RFC 5114 and RFC 3526 from library code and tests:
2138 now determined automatically based on supported curves.
2171 modules had undocumented constraints on their context types. These
2226 mbedtls_mpi_read_string() was called on "-0", or when
2247 * Fix test suite code on platforms where int32_t is not int, such as
2262 timing module on Mbed OS. Fixes #4633.
2266 MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465.
2269 * Fix a crash in mbedtls_mpi_debug_mpi on a bignum having 0 limbs. This
2273 * psa_verify_hash() was relying on implementation-specific behavior of
2286 effect on Mbed TLS's internal use of mbedtls_mpi_gcd(), but may affect
2296 applicable RFC: on an invalid Finished message value, an
2314 * fix build failure on MinGW toolchain when __USE_MING_ANSI_STDIO is on.
2315 When that flag is on, standard GNU C printf format specifiers
2428 * Fix memory leak that occured when calling psa_close_key() on a
2433 is enabled, on platforms where initializing a mutex allocates resources.
2439 enabled on platforms where freeing a mutex twice is not safe.
2441 when MBEDTLS_THREADING_C is enabled on platforms where initializing
2449 used to validate digital signatures on certificates and MUST mark the
2458 * On recent enough versions of FreeBSD and DragonFlyBSD, the entropy module
2478 warning on CMake 3.19.0. #3801
2524 execution depending on the location of the output buffer.
2535 * Fix a compliance issue whereby we were not checking the tag on the
2563 * Use socklen_t on Android and other POSIX-compliant system
2566 * Consistently return PSA_ERROR_INVALID_ARGUMENT on invalid cipher input
2574 an ECC key pair on Curve25519 or secp244k1.
2578 * Fix handling of EOF against 0xff bytes and on platforms with unsigned
2579 chars. Fixes a build failure on platforms where char is unsigned. Fixes
2586 * Make arc4random_buf available on NetBSD and OpenBSD when _POSIX_C_SOURCE is
2596 * Fix build failures on GCC 11. Fixes #3782.
2610 option on. In this configuration key management methods that are required
2619 must be erased, or manually upgraded based on the key storage format
2647 * Support building on e2k (Elbrus) architecture: correctly enable
2665 available. In particular, on builds without MBEDTLS_HAVE_TIME_DATE,
2666 certificates were never considered as revoked. On builds with
2712 * Use arc4random_buf on NetBSD instead of rand implementation with cyclical
2716 * Fix bug in redirection of unit test outputs on platforms where stdout is
2723 previously could lead to stack overflow on constrained devices.
2747 instead of the keys' lifetime. If the library is upgraded on an existing
2767 * Added support to entropy_poll for the kern.arandom syscall supported on
2804 * Fix potential linker errors on dual world platforms by inlining
2819 * Fix building library/net_sockets.c and the ssl_mail_client program on
2832 * Fix minor performance issue in operations on Curve25519 caused by using a
2849 * The unit tests now rely on header files in framework/tests/include/test and source
2853 * The ECP module, enabled by `MBEDTLS_ECP_C`, now depends on
2972 default configuration, on a platform with a single entropy source, the
2990 timings on the comparison in the key generation enabled the attacker to
3002 initial seeding. The default nonce length is chosen based on the key size
3075 about 1 bit of information on average and could cause the value to be
3096 verified and significantly faster, but is only supported on x86 platforms
3112 mbedtls_ecdh_can_do() on each result to check whether each algorithm is
3134 * Fix build failure when building with mingw on Windows by including
3148 * Fix the build on ARMv5TE in ARM mode to not use assembly instructions
3157 uninitialized variable warnings on some recent toolchains (GCC8, etc).
3160 functionally incorrect code on bigendian systems which don't have
3169 docker-env.sh) to simplify running test suites on a Linux host. Contributed
3184 * Fix build failure when building with mingw on Windows by including
3253 sequence on failure. Found and fix suggested by Philippe Antoine.
3278 at the cost of additional lifetime constraints on the input
3311 previously lead to a stack overflow on constrained targets.
3335 instead of relying on other header files that they include.
3341 for platforms that don't provide it. Based on contributions by Joris Aerts
3353 been disabled for lack of a sufficiently recent version of GnuTLS on the CI.
3354 * Ciphersuites based on 3DES now have the lowest priority by default when
3363 changed, but requirements on parameters have been made more explicit in
3408 on some toolchains. Reported by phoenixmcallister. Fixes #2170.
3437 attack. In TLS, this affects servers that accept ciphersuites based on
3451 * Wipe sensitive buffers on the stack in the CTR_DRBG and HMAC_DRBG
3478 primes with high probability. This does not have an impact on the
3499 operations. On CPUs where the extensions are available, they can accelerate
3562 test the handling of large packets and small packets on the client side
3563 in the same way as on the server side.
3594 * Fix build failures on platforms where only gmtime() is available but
3667 * Fix a vulnerability in TLS ciphersuites based on CBC and using SHA-384,
3680 * Fix a vulnerability in TLS ciphersuites based on CBC, in (D)TLS 1.0 to
3681 1.2, that allowed a local attacker, able to execute code on the local
3691 on CBC, in (D)TLS 1.0 to 1.2, that allowed a local attacker, able to
3692 execute code on the local machine as well as manipulate network packets,
3711 * Add support for key wrapping modes based on AES as defined by
3717 * Fix compilation error on C++, because of a variable named new.
3719 * Fix "no symbols" warning issued by ranlib when building on Mac OS X. Fix
3742 TLS 1.0. Reported by @kFYatek and by Conor Murphy on the forum. Fix
3759 * Allow overriding the time on Windows via the platform-time abstraction.
3782 * Fix compilation warnings with IAR toolchain, on 32 bit platform.
3856 This function is necessary to determine when it is safe to idle on the
3870 * Fix the Makefile build process for building shared libraries on Mac OS X.
3875 * Return the plaintext data more quickly on unpadded CBC decryption, as
3926 * Optimize unnecessary zeroing in mbedtls_mpi_copy. Based on a contribution
3957 implementation allowed an offline 2^80 brute force attack on the
3963 a crash on invalid input.
3965 crash on invalid input.
3984 * Fix test_suite_pk to work on 64-bit ILP32 systems. #849
3994 * Fix compilation error on Mingw32 when _TRUNCATE is defined. Use _TRUNCATE
3996 Nick Wilson on issue #355
4005 that could cause a key exchange to fail on valid data.
4007 could cause a key exchange to fail on valid data.
4019 a migration path for those depending on the library's ABI.
4030 6 bytes on the peer's heap, which could potentially lead to crash or remote
4045 latter overflows. The exploitability of this issue depends on whether the
4048 and sjorsdewit on GitHub. Fix proposed by Florin Petriuc in #1022.
4066 name larger than 16 bytes had been configured on the server.
4073 * The selftest program can execute a subset of the tests based on command
4076 when run on a heavily-loaded machine.
4145 dates on leap years with 100 and 400 intervals are handled correctly. Found
4174 * Fix word size check in in pk.c to not depend on MBEDTLS_HAVE_INT64.
4180 * Fix mbedtls_timing_alarm(0) on Unix and MinGW.
4198 mbedtls_sha512_init() is called before operating on the relevant context
4200 reset it. Found independently by ccli8 on Github.
4212 on GitHub.
4215 undeclared dependency of the RSA module on the ASN.1 module.
4268 * Fix a resource leak on Windows platforms in mbedtls_x509_crt_parse_path(),
4292 64-bit division. This is useful on embedded platforms where 64-bit division
4293 created a dependency on external libraries. #708
4312 certificate verification. SHA-1 can be turned back on with a compile-time
4386 * Add checks in the PK module for the RSA functions on 64-bit systems.
4407 * Fixed a bug that caused freeing a buffer that was allocated on the stack,
4408 when verifying the validity of a key on secp224k1. This could be
4410 and potentially could lead to remote code execution on some platforms.
4471 sessions. "Nonce-Disrespecting Adversaries Practical Forgery Attacks on GCM in
4502 * Fix for key exchanges based on ECDH-RSA or ECDH-ECDSA which weren't
4504 * Fix for out-of-tree builds using CMake. Found by jwurzer, and fix based on
4538 * Added optimization for code space for X.509/OID based on configured
4588 * On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5,
4604 SLOTH attack on TLS 1.2 server authentication (other attacks from the
4627 * Fix potential heap corruption on Windows when
4632 on untrusted input or write keys of untrusted origin. Found by Guido
4634 * The X509 max_pathlen constraint was not enforced on intermediate
4658 * Fix failures in MPI on Sparc(64) due to use of bad assembly code.
4684 of TLS, but might be in other uses. On 32 bit machines, requires reading a
4685 string of close to or larger than 1GB to exploit; on 64 bit machines, would
4688 on crafted PEM input data. Found and fix provided by Guido Vranken,
4692 buffer is 512MB or larger on 32-bit platforms. Found by Guido Vranken,
4694 * Fix potential double-free if mbedtls_conf_psk() is called repeatedly on
4768 result trying to unlock an unlocked mutex on invalid input (found by
4771 * Fix memory corruption on client with overlong PSK identity, around
4781 end of the default config.h by defining MBEDTLS_USER_CONFIG_FILE on the
4821 should generally be the first function called on this context after init:
4845 * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in
4905 * Configuration options POLARSSL_HAVE_LONGLONG was removed (now always on).
4941 * Negotiation of truncated HMAC is now disabled by default on server too.
4951 * The NET layer now unconditionnaly relies on getaddrinfo() and select().
4961 * DTLS no longer hard-depends on TIMING_C, but uses a callback interface
4978 extendedKeyUsage on the leaf certificate was lost (results not accessible
4991 * Add support for overriding snprintf() (except on Windows) and exit() in
4999 * New script ecc-heap.sh helps measuring the impact of ECC parameters on
5004 warnings on use of deprecated functions (with GCC and Clang only).
5006 errors on use of deprecated functions.
5014 once on the same context.
5019 * mpi_size() and mpi_msb() would segfault when called on an mpi that is
5021 * Fix detection of support for getrandom() on Linux (reported by syzzer) by
5034 * Fix potential unintended sign extension in asn1_get_len() on 64-bit
5041 * Add missing dependency on SHA-256 in some x509 programs (reported by
5064 * Remove dependency on sscanf() in X.509 parsing modules.
5095 * Certificate selection based on signature hash, preferring SHA-1 over SHA-2
5097 * Add support for getrandom() syscall on recent Linux kernels with Glibc or
5115 * Fix unchecked return code in x509_crt_parse_path() on Windows (found by
5124 * On a 0-length input, base64_encode() did not correctly set output length
5131 * ssl_set_own_cert() now returns an error on key-certificate mismatch.
5163 * ssl_read() could return non-application data records on server while
5164 renegotation was pending, and on client when a HelloRequest was received.
5169 * Fix compiler warnings on iOS (found by Sander Niemeijer).
5170 * x509_crt_parse() did not increase total_failed on PEM error
5179 ambiguous on how to encode some packets with SSL 3.0).
5183 POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE on harmless alerts.
5213 required on some platforms (e.g. OpenBSD)
5225 * Remove less-than-zero checks on unsigned numbers
5226 * Stricter check on SSL ClientHello internal sizes compared to actual packet
5259 = PolarSSL 1.3.7 released on 2014-05-02
5272 * Ciphersuites based on RC4 now have the lowest priority by default
5285 * On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings
5286 * mpi_fill_random() was creating numbers larger than requested on
5291 * Fix detection of Clang on some Apple platforms with CMake
5294 = PolarSSL 1.3.6 released on 2014-04-11
5336 * Calling pk_debug() on an RSA-alt key would segfault.
5343 = PolarSSL 1.3.5 released on 2014-03-26
5384 * Fixed CMake symlinking on out-of-source builds
5387 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
5390 * m_sleep() was sleeping twice too long on most Unix platforms.
5404 = PolarSSL 1.3.4 released on 2014-01-27
5415 * net module handles timeouts on blocking sockets better (found by Tilman
5423 = PolarSSL 1.3.3 released on 2013-12-31
5446 * Fixed bug in mpi_set_bit() on platforms where t_uint is wider than int
5453 * Fixed x509_crt_parse_path() bug on Windows platforms
5463 = PolarSSL 1.3.2 released on 2013-11-04
5478 * Prevent possible alignment warnings on casting from char * to 'aligned *'
5486 = PolarSSL 1.3.1 released on 2013-10-15
5508 = PolarSSL 1.3.0 released on 2013-10-01
5516 * Ability to specify allowed ciphersuites based on the protocol version.
5540 * Introduced separate SSL Ciphersuites module that is based on
5547 * Client and server now filter sent and accepted ciphersuites on minimum
5562 * zlib compression/decompression skipped on empty blocks
5567 * RSA blinding on CRT operations to counter timing attacks
5587 * Fix potential unintended sign extension in asn1_get_len() on 64-bit
5612 * Fix bug in MPI/bignum on s390/s390x (reported by Dan Horák) (introduced
5614 * Fix unchecked return code in x509_crt_parse_path() on Windows (found by
5623 * On a 0-length input, base64_encode() did not correctly set output length
5643 * x509_crt_parse() did not increase total_failed on PEM error
5644 * Fix compiler warnings on iOS (found by Sander Niemeijer).
5647 * ssl_read() could return non-application data records on server while
5648 renegotation was pending, and on client when a HelloRequest was received.
5655 POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE on harmless alerts.
5689 * Fixed x509_crt_parse_path() bug on Windows platforms
5701 * Fixed CMake symlinking on out-of-source builds
5702 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
5715 * On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings
5716 * mpi_fill_random() was creating numbers larger than requested on
5719 * Stricter check on SSL ClientHello internal sizes compared to actual packet
5747 * Fixed potential heap buffer overflow on large hostname setting
5749 * RSA blinding on CRT operations to counter timing attacks
5774 * Fixed const correctness issues that have no impact on the ABI
5790 * Ability to specify allowed ciphersuites based on the protocol version.
5806 * Fixed net_bind() for specified IP addresses on little endian systems
5833 interoperability can be switched on/off with the flag
5864 * Fixed dependency on POLARSSL_SHA4_C in SSL modules
5929 * Fixed handling error in mpi_cmp_mpi() on longer B values (found by
5932 * Fixed single RSA test that failed on Big Endian systems (Closes ticket #54)
5938 * Prevent reading over buffer boundaries on X509 certificate parsing
5945 * Fixed potential memory zeroization on miscrafted RSA key (found by Eloi
5948 = Version 1.1.8 released on 2013-10-01
5957 * Potential heap buffer overflow on large hostname setting
5959 = Version 1.1.7 released on 2013-06-19
5975 = Version 1.1.6 released on 2013-03-11
5977 * Fixed net_bind() for specified IP addresses on little endian systems
5991 = Version 1.1.5 released on 2013-01-16
5998 * Prevent reading over buffer boundaries on X509 certificate parsing
6012 * Fixed potential memory zeroization on miscrafted RSA key (found by Eloi
6015 = Version 1.1.4 released on 2012-05-31
6019 * Fixed single RSA test that failed on Big Endian systems (Closes ticket #54)
6021 = Version 1.1.3 released on 2012-04-29
6025 = Version 1.1.2 released on 2012-04-26
6027 * Fixed handling error in mpi_cmp_mpi() on longer B values (found by
6031 * Fixed potential memory corruption on miscrafted client messages (found by
6036 = Version 1.1.1 released on 2012-01-23
6040 * Fixed issues with Intel compiler on 64-bit systems (Closes ticket #50)
6044 = Version 1.1.0 released on 2011-12-22
6054 * Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator
6081 x509parse_crtfile(). With permissive parsing the parsing does not stop on
6084 * All error codes are now negative. Even on mermory failures and IO errors.
6102 = Version 1.0.0 released on 2011-07-27
6115 = Version 0.99-pre5 released on 2011-05-26
6139 net_recv() now returns 0 on EOF instead of
6141 POLARSSL_ERR_SSL_CONN_EOF on an EOF from its f_recv() function.
6148 = Version 0.99-pre4 released on 2011-04-01
6173 = Version 0.99-pre3 released on 2011-02-28
6199 * Fixed a possible Man-in-the-Middle attack on the
6203 = Version 0.99-pre1 released on 2011-01-30
6218 + Added verification callback on certificate chain
6233 = Version 0.14.0 released on 2010-08-16
6243 * Removed dependency on rand() in rsa_pkcs1_encrypt().
6254 * Fixed deadlock in rsa_pkcs1_encrypt() on failing random
6257 = Version 0.13.1 released on 2010-03-24
6262 = Version 0.13.0 released on 2010-03-21
6285 * Added small fixes for compiler warnings on a Mac
6290 = Version 0.12.1 released on 2009-10-04
6301 = Version 0.12.0 released on 2009-07-28
6318 * Fixed include location of endian.h on FreeBSD (found by
6320 * Fixed include location of endian.h and name clash on
6330 * Fixed segfault on handling empty rsa_context in
6345 = Version 0.11.1 released on 2009-05-17
6349 = Version 0.11.0 released on 2009-05-03
6372 * Fixed compatibility of XTEA and Camellia on a 64-bit system
6375 = Version 0.10.0 released on 2009-01-12
6387 = Version 0.9 released on 2008-03-16
6399 not swapped on PadLock; also fixed compilation on older versions
6409 * Added support on the client side for the TLS "hostname" extension
6426 Daniel Bleichenbacher attack on PKCS#1 v1.5 padding, as well
6429 * Fixed assembly PPC compilation errors on Mac OS X, thanks to
6432 = Version 0.8 released on 2007-10-20
6450 * Fixed a bug in mpi_read_binary() on 64-bit platforms
6457 = Version 0.7 released on 2007-07-07
6473 = Version 0.6 released on 2007-04-01
6476 time, to reduce the memory footprint on embedded systems
6483 * Fixed "long long" compilation issues on IA-64 and PPC64
6485 was not being correctly defined on ARM and MIPS
6487 = Version 0.5 released on 2007-03-01
6492 * Fixed some portability issues on WinCE, MINIX 3, Plan9
6498 = Version 0.4 released on 2007-02-01
6511 = Version 0.3 released on 2007-01-01
6517 the bignum code is no longer dependent on long long
6522 = Version 0.2 released on 2006-12-01
6525 * Updated the MPI code to support 8086 on MSVC 1.5
6539 = Version 0.1 released on 2006-11-01