Release Notes: Support for the "$2y$" prefix (denoting correctly computed hashes) has been added. A countermeasure to avoid one-correct to many-buggy collisions with the "$2a$" prefix has been added (which is desirable when upgrading systems with existing "$2a$" hashes computed using pre-1.1 versions of crypt_blowfish). The "make check" tests and the runtime quick self-test have been improved. A patch for glibc 2.13 and 2.14 has been added. The documentation has been updated.
Release Notes: The 8-bit character handling vulnerability (CVE-2011-2483) has been fixed. 8-bit test vectors and a quick self-test on every use of the password hashing function have been added.
Release Notes: The check for unsupported iteration counts has been corrected to reject certain iteration counts that would previously be misinterpreted. Section .note.GNU-stack has been added to the x86 assembly file to avoid the stack area unnecessarily being made executable on Linux systems that use this convention.
Release Notes: The glibc integration wrapper and patches have been revised for builds by recent versions of gcc.
Release Notes: An optimization specific to x86-64 has been applied.
Release Notes: The source code for the self-test has been modified to use sysconf(_SC_CLK_TCK) instead of CLK_TCK when _SC_CLK_TCK is known to be available or CLK_TCK is not (needed for glibc 2.3.90+).
Release Notes: This version corrects a bug in the way salts for extended DES-based and for MD5-based password hashes are generated with the crypt_gensalt*() family of functions. The bug would result in a higher than expected number of matching salts with large numbers of password hashes of the affected types. crypt_gensalt*()'s functionality for Blowfish-based (bcrypt) hashes that crypt_blowfish itself implements and for traditional DES-based crypt(3) hashes was not affected.
Release Notes: The crypt(3) man page has been enhanced to include Solaris 10 and NetBSD compatibility notes.
Release Notes: This version adds a patch for easy integration of crypt_blowfish into glibc versions 2.2 through 2.3.2 (as well as 2.1 through 2.1.3, which were supported previously). Other minor updates are included as well.