In Math/BinaryField.php in phpseclib before 3.0.34, excessively large degrees in binary fields can lead to a denial of service.
Release Notes
phpseclib/phpseclib (phpseclib/phpseclib)
### [`v3.0.34`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3034---2023-11-27)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.33...3.0.34)
- SSH2: add support for RFC8308 ([#1960](https://togithub.com/phpseclib/phpseclib/issues/1960))
- SSH2: don't use AES GCM for TurboFTP Server ([#1957](https://togithub.com/phpseclib/phpseclib/issues/1957))
- SSH2: reset more internal variables when connection is reset ([#1961](https://togithub.com/phpseclib/phpseclib/issues/1961))
- PKCS8: PBES1 / RC2 and PBES2 / DES keys didn't work ([#1958](https://togithub.com/phpseclib/phpseclib/issues/1958))
- EC/Signature/Format: add new IEEE format ([#1956](https://togithub.com/phpseclib/phpseclib/issues/1956))
- Math/BigInteger/Engines/PHP: PHP 8.2.13+ fixes Windows JIT issue
- Math/BinaryField: fix for excessively large degrees (CVE-2023-49316)
- Math/PrimeField: fix occasional error with squareRoot method
### [`v3.0.33`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3033---2023-10-21)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.23...3.0.33)
- SSH2: fix for PHP 7.3 ([#1953](https://togithub.com/phpseclib/phpseclib/issues/1953))
- Crypt: improve ARM detection code ([#1949](https://togithub.com/phpseclib/phpseclib/issues/1949))
- Rijndael: fix for PHP 8.3+ compatability ([#1944](https://togithub.com/phpseclib/phpseclib/issues/1944))
- X509: fix for weird characters in subjaltname ([#1943](https://togithub.com/phpseclib/phpseclib/issues/1943))
- move JIT check to BigInteger ([#1942](https://togithub.com/phpseclib/phpseclib/issues/1942))
### [`v3.0.23`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3023---2023-09-18)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.22...3.0.23)
- fix "Undefined index: jit" error on Windows ([#1940](https://togithub.com/phpseclib/phpseclib/issues/1940))
### [`v3.0.22`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3022---2023-09-15)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.21...3.0.22)
- SFTP: make it so SFTP::RESUME also sets offset of local file ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921))
- SFTP: RESUME_START didn't work as described ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921))
- SFTP: fix SFTPv2 errors when logging errors ([#1933](https://togithub.com/phpseclib/phpseclib/issues/1933))
- SFTP: fix issue with get() downloading to files / streams ([#1934](https://togithub.com/phpseclib/phpseclib/issues/1934))
- BigInteger: use GMP if available ([#1928](https://togithub.com/phpseclib/phpseclib/issues/1928))
- Rijndael: fix E_DEPRECATED ([#1935](https://togithub.com/phpseclib/phpseclib/issues/1935))
- improve PHP32 compatibility ([#1931](https://togithub.com/phpseclib/phpseclib/issues/1931))
### [`v3.0.21`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3021---2023-07-09)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.20...3.0.21)
- BigInteger: speed up powMod() method ([#1919](https://togithub.com/phpseclib/phpseclib/issues/1919))
- SSH2: fix stream_select(): Unable to select \[4]: Interrupted system call (max_fd=29) error ([#1851](https://togithub.com/phpseclib/phpseclib/issues/1851))
- SSH2: add EOF test isConnected() ([#1926](https://togithub.com/phpseclib/phpseclib/issues/1926))
- SFTP: make it so SFTP::RESUME also sets offset of local file ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921))
- SFTP: SFTP::RESUME_START didn't work as described ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921))
### [`v3.0.20`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3020---2023-06-13)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.19...3.0.20)
- SSH2: better support for multiple interactive channels & expose shell functions ([#1888](https://togithub.com/phpseclib/phpseclib/issues/1888))
- SFTP: add optional $recursive parameter to filesize() ([#1782](https://togithub.com/phpseclib/phpseclib/issues/1782))
- SFTP: fix NET_SFTP_ATTR_EXTENDED ([#1907](https://togithub.com/phpseclib/phpseclib/issues/1907))
- ASN1: speed up decodeBER ([#1894](https://togithub.com/phpseclib/phpseclib/issues/1894))
- X509: add support for EV DN's ([#1916](https://togithub.com/phpseclib/phpseclib/issues/1916))
- X509: getChain() should always return array of X509 objects ([#1914](https://togithub.com/phpseclib/phpseclib/issues/1914))
- RSA: setting sig padding broke enc padding and vice versa
### [`v3.0.19`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3019---2023-03-05)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.18...3.0.19)
- AsymmetricKey: error out on unsupported operations ([#1879](https://togithub.com/phpseclib/phpseclib/issues/1879))
- Blowfish: fix issues on 32-bit PHP installs
- BigInteger: fix for hex numbers with new lines in them
- SFTP: fix "Creating default object from empty value" error ([#1876](https://togithub.com/phpseclib/phpseclib/issues/1876))
- SSH2: add getTimeout() method ([#1889](https://togithub.com/phpseclib/phpseclib/issues/1889))
- PrimeField: prevent infinite loop with composite primefields (CVE-2023-27560)
### [`v3.0.18`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3018---2022-12-17)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.17...3.0.18)
- fix for PHP 8.2 deprecations ([#1869](https://togithub.com/phpseclib/phpseclib/issues/1869), [#1873](https://togithub.com/phpseclib/phpseclib/issues/1873))
- SSH2: if logging in with rsa-sha2-256/512 fails, try ssh-rsa ([#1865](https://togithub.com/phpseclib/phpseclib/issues/1865))
- SSH/Agent: add support for named pipes on windows (for pageant) ([#1866](https://togithub.com/phpseclib/phpseclib/issues/1866))
- Crypt/Base: add a function to check continuous buffer status ([#1870](https://togithub.com/phpseclib/phpseclib/issues/1870))
- OpenSSL 3.0.1+ deprecated some algorithms (RC2, RC4, DES, Blowfish)
### [`v3.0.17`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3017---2022-10-24)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.16...3.0.17)
- X509: make it so CRLs, CSRs and SPKACs can support PSS keys ([#1837](https://togithub.com/phpseclib/phpseclib/issues/1837))
- X509: make it so PKCS1 X509 certs can create PSS sigs ([#1837](https://togithub.com/phpseclib/phpseclib/issues/1837))
- SFTP: fix deprecated implicit float to int on 32-bit PHP 8.1 ([#1841](https://togithub.com/phpseclib/phpseclib/issues/1841))
- SFTP: restore orig behavior when deleting non-existant folder ([#1847](https://togithub.com/phpseclib/phpseclib/issues/1847))
- Random: fix fallback on PHP 8.1+
### [`v3.0.16`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3016---2022-09-05)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.15...3.0.16)
- SSH2: fix type hinting for keyboard_interactive_process ([#1836](https://togithub.com/phpseclib/phpseclib/issues/1836))
### [`v3.0.15`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3015---2022-09-02)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.14...3.0.15)
- PublicKeyLoader: add support for OpenSSH encrypted keys ([#1737](https://togithub.com/phpseclib/phpseclib/issues/1737), [#1733](https://togithub.com/phpseclib/phpseclib/issues/1733), [#1531](https://togithub.com/phpseclib/phpseclib/issues/1531), [#1490](https://togithub.com/phpseclib/phpseclib/issues/1490))
- PublicKeyLoader: add support for JSON Web Keys ([#1817](https://togithub.com/phpseclib/phpseclib/issues/1817))
- SSH2: make login method return false under rare situation ([#1790](https://togithub.com/phpseclib/phpseclib/issues/1790))
- SSH2: fix possibly undefined variable error ([#1802](https://togithub.com/phpseclib/phpseclib/issues/1802))
- SFTP: fix enableDatePreservation bug w.r.t. mtime ([#1670](https://togithub.com/phpseclib/phpseclib/issues/1670))
- SFTP: try to delete dir even if it can't be opened ([#1791](https://togithub.com/phpseclib/phpseclib/issues/1791))
- SFTP: try without path canonicalization if initial realpath() fails ([#1796](https://togithub.com/phpseclib/phpseclib/issues/1796))
- SFTP: detect if stream metadata has wrapper_type set for put() method ([#1792](https://togithub.com/phpseclib/phpseclib/issues/1792))
- BigInteger: tweak to the phpinfo checks ([#1726](https://togithub.com/phpseclib/phpseclib/issues/1726))
- BigInteger: fix behavior on 32-bit PHP installs ([#1820](https://togithub.com/phpseclib/phpseclib/issues/1820))
- EC/PKCS8: OpenSSL didn't like phpseclib formed [`Ed25519`](https://togithub.com/phpseclib/phpseclib/commit/Ed25519) public keys ([#1819](https://togithub.com/phpseclib/phpseclib/issues/1819))
- don't use dynamic properties, which are deprecated in PHP 8.2 ([#1808](https://togithub.com/phpseclib/phpseclib/issues/1808), [#1822](https://togithub.com/phpseclib/phpseclib/issues/1822))
- fix deprecated implicit float to int on 32-bit PHP 8.1
### [`v3.0.14`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3014---2022-04-04)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.13...3.0.14)
- RSA: add support for loading PuTTY v3 keys
- Crypt/Base: fix CTR mode with continuous buffer with non-eval PHP
- Crypt/Base: use sodium_increment in \_increment_str
- Crypt/Base: fix deprecation notice ([#1770](https://togithub.com/phpseclib/phpseclib/issues/1770))
- SSH2/Agent: rm unused parameter ([#1757](https://togithub.com/phpseclib/phpseclib/issues/1757))
- BigInteger: add precision to \__debugInfo
- BigInteger: fix random engine issues
- call useBestEngine() when getEngine() is called
### [`v3.0.13`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3013---2022-01-30)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.12...3.0.13)
- SSH2: make login() return false if no valid auth methods are found ([#1744](https://togithub.com/phpseclib/phpseclib/issues/1744))
- SSH2: show a more helpful error message when logging in with pubkey ([#1718](https://togithub.com/phpseclib/phpseclib/issues/1718))
- SSH2: rsa-sha2-256 and rsa-sha2-512 sigs weren't verifying ([#1743](https://togithub.com/phpseclib/phpseclib/issues/1743))
- SFTP: fix chgrp() for version < 4 ([#1730](https://togithub.com/phpseclib/phpseclib/issues/1730))
- Crypt/Base: add OFB8 as a new mode ([phpseclib/mcrypt_compat#33](https://togithub.com/phpseclib/mcrypt_compat/issues/33))
- Crypt/Salsa20: fix PHP 5.6 error ([#1717](https://togithub.com/phpseclib/phpseclib/issues/1717))
- RSA & BigInteger: check phpinfo() available before using it ([#1726](https://togithub.com/phpseclib/phpseclib/issues/1726))
- Fixed psalm level 6 errors in phpseclib/Net/ ([#1746](https://togithub.com/phpseclib/phpseclib/issues/1746))
### [`v3.0.12`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3012---2021-11-28)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.11...3.0.12)
- SSH2: add "smart multi factor" login mode (enabled by default) ([#1648](https://togithub.com/phpseclib/phpseclib/issues/1648))
- SSH2: error out when no data is received from the server ([#1647](https://togithub.com/phpseclib/phpseclib/issues/1647))
- SFTP: don't attempt to parse unsupported attributes ([#1708](https://togithub.com/phpseclib/phpseclib/issues/1708))
- SFTP: getSupportedVersions() call didn't work
- EC: error out when scalar is out of range ([#1712](https://togithub.com/phpseclib/phpseclib/issues/1712))
- RSA: add support for raw private keys ([#1711](https://togithub.com/phpseclib/phpseclib/issues/1711))
- SymmetricKey: add getMode()
### [`v3.0.11`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3011---2021-10-26)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.10...3.0.11)
- SSH2: add support for zlib and zlib@openssh.com compression
- SFTP: add support for SFTPv4/5/6
- SFTP: add option to allow arbitrary length packets ([#1691](https://togithub.com/phpseclib/phpseclib/issues/1691))
- SFTP: errors weren't being logged ([#1702](https://togithub.com/phpseclib/phpseclib/issues/1702))
- RSA: ssh-keygen -yf private.key fails if \r is present ([#1698](https://togithub.com/phpseclib/phpseclib/issues/1698))
### [`v3.0.10`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3010---2021-08-15)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.9...3.0.10)
- SFTP: don't check SFTP packet size after SFTP initialization ([#1606](https://togithub.com/phpseclib/phpseclib/issues/1606))
- SFTP: timeout during SFTP init should return false ([#1684](https://togithub.com/phpseclib/phpseclib/issues/1684))
- SFTP: return false if get_channel_packet returns false ([#1678](https://togithub.com/phpseclib/phpseclib/issues/1678))
- ASN1: return false when not enough bytes are available ([#1676](https://togithub.com/phpseclib/phpseclib/issues/1676))
- BigInteger: Serializable is being deprecated in PHP 8.1 ([#1680](https://togithub.com/phpseclib/phpseclib/issues/1680))
- explicitly define methods as being static ([#1689](https://togithub.com/phpseclib/phpseclib/issues/1689))
- plug memory leaks ([#1672](https://togithub.com/phpseclib/phpseclib/issues/1672))
### [`v3.0.9`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#309---2021-06-13)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.8...3.0.9)
- SSH2: add getAuthMethodsToContinue() method ([#1648](https://togithub.com/phpseclib/phpseclib/issues/1648))
- SSH2: timeout would occasionally infinitely loop
- SSH2: fix PHP7.4 errors about accessing bool as string ([#1656](https://togithub.com/phpseclib/phpseclib/issues/1656))
- SSH2: fix issue with key re-exchange ([#1644](https://togithub.com/phpseclib/phpseclib/issues/1644))
- SFTP: reopen channel on channel closure ([#1654](https://togithub.com/phpseclib/phpseclib/issues/1654))
- X509: extra characters before cert weren't being removed ([#1659](https://togithub.com/phpseclib/phpseclib/issues/1659))
- X509: signing with pw protected PSS keys yielded errors ([#1657](https://togithub.com/phpseclib/phpseclib/issues/1657))
- ASN1: fix timezone issue when non-utc time is given ([#1562](https://togithub.com/phpseclib/phpseclib/issues/1562))
- ASN1: change how default values are processed for ints and enums ([#1665](https://togithub.com/phpseclib/phpseclib/issues/1665))
- RSA: OAEP decryption didn't check labels correctly ([#1669](https://togithub.com/phpseclib/phpseclib/issues/1669))
### [`v3.0.8`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#308---2021-04-20)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.7...3.0.8)
- AsymetrticKey: add getComment() method ([#1638](https://togithub.com/phpseclib/phpseclib/issues/1638))
- SymmetricKey: cipher_name_openssl_ecb shouldn't be static because of AES ([#1636](https://togithub.com/phpseclib/phpseclib/issues/1636))
- X509: don't filter basicConstraints on unique values ([#1639](https://togithub.com/phpseclib/phpseclib/issues/1639))
- X509: make it so extensions can be set as critical ([#1640](https://togithub.com/phpseclib/phpseclib/issues/1640))
### [`v3.0.7`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#307---2021-04-06)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.6...3.0.7)
- X509: always parse the first cert of a bundle ([#1568](https://togithub.com/phpseclib/phpseclib/issues/1568))
- SSH2: behave like putty with broken publickey auth ([#1572](https://togithub.com/phpseclib/phpseclib/issues/1572))
- SSH2: don't close channel on unexpected response to channel request ([#1631](https://togithub.com/phpseclib/phpseclib/issues/1631))
- RSA: cleanup RSA [PKCS#1](https://togithub.com/PKCS/phpseclib/issues/1) v1.5 signature verification (CVE-2021-30130)
- Crypt: use a custom error handler for mcrypt to avoid deprecation errors
### [`v3.0.6`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#306---2021-03-13)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.5...3.0.6)
- SFTP/Stream: make it so you can write past the end of a file ([#1618](https://togithub.com/phpseclib/phpseclib/issues/1618))
- SFTP/Stream: fix undefined index notice in stream touch() ([#1615](https://togithub.com/phpseclib/phpseclib/issues/1615))
- SFTP/Stream: mkdir didn't work ([#1617](https://togithub.com/phpseclib/phpseclib/issues/1617))
- BigInteger: fix issue with toBits on 32-bit PHP 8 installs
- SFTP: digit only filenames were converted to integers by php ([#1623](https://togithub.com/phpseclib/phpseclib/issues/1623))
### [`v3.0.5`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#305---2021-02-12)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.4...3.0.5)
- X509: add getCurrentCert method (since $currentCert is now private) ([#1602](https://togithub.com/phpseclib/phpseclib/issues/1602))
- PublicKeyLoader: add loadPrivateKey() and loadPublicKey() methods ([#1603](https://togithub.com/phpseclib/phpseclib/issues/1603))
- Rijndael: calling setIV() after setBlockLength() can result in err ([#1599](https://togithub.com/phpseclib/phpseclib/issues/1599))
- RSA: use OpenSSL for generating private keys ([#1596](https://togithub.com/phpseclib/phpseclib/issues/1596))
- BigInteger: big speedups for when OpenSSL is used ([#1596](https://togithub.com/phpseclib/phpseclib/issues/1596))
### [`v3.0.4`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#304---2021-01-25)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.3...3.0.4)
- Random: use v9.99.99 of random_compat if appropriate ([#1585](https://togithub.com/phpseclib/phpseclib/issues/1585), [#1571](https://togithub.com/phpseclib/phpseclib/issues/1571))
- SSH/Agent: EC keys didn't work with agent ([#1593](https://togithub.com/phpseclib/phpseclib/issues/1593))
- X509: fix niche issue with computeKeyIdentifier ([#1586](https://togithub.com/phpseclib/phpseclib/issues/1586))
### [`v3.0.3`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3034---2023-11-27)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.2...3.0.3)
- SSH2: add support for RFC8308 ([#1960](https://togithub.com/phpseclib/phpseclib/issues/1960))
- SSH2: don't use AES GCM for TurboFTP Server ([#1957](https://togithub.com/phpseclib/phpseclib/issues/1957))
- SSH2: reset more internal variables when connection is reset ([#1961](https://togithub.com/phpseclib/phpseclib/issues/1961))
- PKCS8: PBES1 / RC2 and PBES2 / DES keys didn't work ([#1958](https://togithub.com/phpseclib/phpseclib/issues/1958))
- EC/Signature/Format: add new IEEE format ([#1956](https://togithub.com/phpseclib/phpseclib/issues/1956))
- Math/BigInteger/Engines/PHP: PHP 8.2.13+ fixes Windows JIT issue
- Math/BinaryField: fix for excessively large degrees (CVE-2023-49316)
- Math/PrimeField: fix occasional error with squareRoot method
### [`v3.0.2`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3023---2023-09-18)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.1...3.0.2)
- fix "Undefined index: jit" error on Windows ([#1940](https://togithub.com/phpseclib/phpseclib/issues/1940))
### [`v3.0.1`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3019---2023-03-05)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.0...3.0.1)
- AsymmetricKey: error out on unsupported operations ([#1879](https://togithub.com/phpseclib/phpseclib/issues/1879))
- Blowfish: fix issues on 32-bit PHP installs
- BigInteger: fix for hex numbers with new lines in them
- SFTP: fix "Creating default object from empty value" error ([#1876](https://togithub.com/phpseclib/phpseclib/issues/1876))
- SSH2: add getTimeout() method ([#1889](https://togithub.com/phpseclib/phpseclib/issues/1889))
- PrimeField: prevent infinite loop with composite primefields (CVE-2023-27560)
### [`v3.0.0`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#300---2020-12-16)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/2.0.45...3.0.0)
- drop SSH1 and SCP support
- add support for the following crypto algorithms:
- [`Ed25519`](https://togithub.com/phpseclib/phpseclib/commit/Ed25519) / Ed449 / Curve25519 / Curve449
- ECDSA / ECDH (66 curves)
- DSA / DH
- GCM / Poly1305
- Salsa20 / ChaCha20
- namespace changed from `phpseclib\` to `\phpseclib3` to facilitate phpseclib 2 shim (phpseclib2\_compat)
### [`v2.0.45`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#2045---2023-09-15)
[Compare Source](https://togithub.com/phpseclib/phpseclib/compare/2.0.44...2.0.45)
- SFTP: make it so SFTP::RESUME also sets offset of local file ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921))
- SFTP: RESUME_START didn't work as described ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921))
- SFTP: fix SFTPv2 errors when logging errors ([#1933](https://togithub.com/phpseclib/phpseclib/issues/1933))
- SFTP: fix issue with get() downloading to files / streams ([#1934](https://togithub.com/phpseclib/phpseclib/issues/1934))
- Rijndael: fix E_DEPRECATED ([#1935](https://togithub.com/phpseclib/phpseclib/issues/1935))
- improve PHP32 compatibility ([#1931](https://togithub.com/phpseclib/phpseclib/issues/1931))
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
^2.0
->^3.0
GitHub Vulnerability Alerts
CVE-2023-49316
In Math/BinaryField.php in phpseclib before 3.0.34, excessively large degrees in binary fields can lead to a denial of service.
Release Notes
phpseclib/phpseclib (phpseclib/phpseclib)
### [`v3.0.34`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3034---2023-11-27) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.33...3.0.34) - SSH2: add support for RFC8308 ([#1960](https://togithub.com/phpseclib/phpseclib/issues/1960)) - SSH2: don't use AES GCM for TurboFTP Server ([#1957](https://togithub.com/phpseclib/phpseclib/issues/1957)) - SSH2: reset more internal variables when connection is reset ([#1961](https://togithub.com/phpseclib/phpseclib/issues/1961)) - PKCS8: PBES1 / RC2 and PBES2 / DES keys didn't work ([#1958](https://togithub.com/phpseclib/phpseclib/issues/1958)) - EC/Signature/Format: add new IEEE format ([#1956](https://togithub.com/phpseclib/phpseclib/issues/1956)) - Math/BigInteger/Engines/PHP: PHP 8.2.13+ fixes Windows JIT issue - Math/BinaryField: fix for excessively large degrees (CVE-2023-49316) - Math/PrimeField: fix occasional error with squareRoot method ### [`v3.0.33`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3033---2023-10-21) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.23...3.0.33) - SSH2: fix for PHP 7.3 ([#1953](https://togithub.com/phpseclib/phpseclib/issues/1953)) - Crypt: improve ARM detection code ([#1949](https://togithub.com/phpseclib/phpseclib/issues/1949)) - Rijndael: fix for PHP 8.3+ compatability ([#1944](https://togithub.com/phpseclib/phpseclib/issues/1944)) - X509: fix for weird characters in subjaltname ([#1943](https://togithub.com/phpseclib/phpseclib/issues/1943)) - move JIT check to BigInteger ([#1942](https://togithub.com/phpseclib/phpseclib/issues/1942)) ### [`v3.0.23`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3023---2023-09-18) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.22...3.0.23) - fix "Undefined index: jit" error on Windows ([#1940](https://togithub.com/phpseclib/phpseclib/issues/1940)) ### [`v3.0.22`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3022---2023-09-15) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.21...3.0.22) - SFTP: make it so SFTP::RESUME also sets offset of local file ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921)) - SFTP: RESUME_START didn't work as described ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921)) - SFTP: fix SFTPv2 errors when logging errors ([#1933](https://togithub.com/phpseclib/phpseclib/issues/1933)) - SFTP: fix issue with get() downloading to files / streams ([#1934](https://togithub.com/phpseclib/phpseclib/issues/1934)) - BigInteger: use GMP if available ([#1928](https://togithub.com/phpseclib/phpseclib/issues/1928)) - Rijndael: fix E_DEPRECATED ([#1935](https://togithub.com/phpseclib/phpseclib/issues/1935)) - improve PHP32 compatibility ([#1931](https://togithub.com/phpseclib/phpseclib/issues/1931)) ### [`v3.0.21`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3021---2023-07-09) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.20...3.0.21) - BigInteger: speed up powMod() method ([#1919](https://togithub.com/phpseclib/phpseclib/issues/1919)) - SSH2: fix stream_select(): Unable to select \[4]: Interrupted system call (max_fd=29) error ([#1851](https://togithub.com/phpseclib/phpseclib/issues/1851)) - SSH2: add EOF test isConnected() ([#1926](https://togithub.com/phpseclib/phpseclib/issues/1926)) - SFTP: make it so SFTP::RESUME also sets offset of local file ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921)) - SFTP: SFTP::RESUME_START didn't work as described ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921)) ### [`v3.0.20`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3020---2023-06-13) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.19...3.0.20) - SSH2: better support for multiple interactive channels & expose shell functions ([#1888](https://togithub.com/phpseclib/phpseclib/issues/1888)) - SFTP: add optional $recursive parameter to filesize() ([#1782](https://togithub.com/phpseclib/phpseclib/issues/1782)) - SFTP: fix NET_SFTP_ATTR_EXTENDED ([#1907](https://togithub.com/phpseclib/phpseclib/issues/1907)) - ASN1: speed up decodeBER ([#1894](https://togithub.com/phpseclib/phpseclib/issues/1894)) - X509: add support for EV DN's ([#1916](https://togithub.com/phpseclib/phpseclib/issues/1916)) - X509: getChain() should always return array of X509 objects ([#1914](https://togithub.com/phpseclib/phpseclib/issues/1914)) - RSA: setting sig padding broke enc padding and vice versa ### [`v3.0.19`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3019---2023-03-05) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.18...3.0.19) - AsymmetricKey: error out on unsupported operations ([#1879](https://togithub.com/phpseclib/phpseclib/issues/1879)) - Blowfish: fix issues on 32-bit PHP installs - BigInteger: fix for hex numbers with new lines in them - SFTP: fix "Creating default object from empty value" error ([#1876](https://togithub.com/phpseclib/phpseclib/issues/1876)) - SSH2: add getTimeout() method ([#1889](https://togithub.com/phpseclib/phpseclib/issues/1889)) - PrimeField: prevent infinite loop with composite primefields (CVE-2023-27560) ### [`v3.0.18`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3018---2022-12-17) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.17...3.0.18) - fix for PHP 8.2 deprecations ([#1869](https://togithub.com/phpseclib/phpseclib/issues/1869), [#1873](https://togithub.com/phpseclib/phpseclib/issues/1873)) - SSH2: if logging in with rsa-sha2-256/512 fails, try ssh-rsa ([#1865](https://togithub.com/phpseclib/phpseclib/issues/1865)) - SSH/Agent: add support for named pipes on windows (for pageant) ([#1866](https://togithub.com/phpseclib/phpseclib/issues/1866)) - Crypt/Base: add a function to check continuous buffer status ([#1870](https://togithub.com/phpseclib/phpseclib/issues/1870)) - OpenSSL 3.0.1+ deprecated some algorithms (RC2, RC4, DES, Blowfish) ### [`v3.0.17`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3017---2022-10-24) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.16...3.0.17) - X509: make it so CRLs, CSRs and SPKACs can support PSS keys ([#1837](https://togithub.com/phpseclib/phpseclib/issues/1837)) - X509: make it so PKCS1 X509 certs can create PSS sigs ([#1837](https://togithub.com/phpseclib/phpseclib/issues/1837)) - SFTP: fix deprecated implicit float to int on 32-bit PHP 8.1 ([#1841](https://togithub.com/phpseclib/phpseclib/issues/1841)) - SFTP: restore orig behavior when deleting non-existant folder ([#1847](https://togithub.com/phpseclib/phpseclib/issues/1847)) - Random: fix fallback on PHP 8.1+ ### [`v3.0.16`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3016---2022-09-05) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.15...3.0.16) - SSH2: fix type hinting for keyboard_interactive_process ([#1836](https://togithub.com/phpseclib/phpseclib/issues/1836)) ### [`v3.0.15`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3015---2022-09-02) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.14...3.0.15) - PublicKeyLoader: add support for OpenSSH encrypted keys ([#1737](https://togithub.com/phpseclib/phpseclib/issues/1737), [#1733](https://togithub.com/phpseclib/phpseclib/issues/1733), [#1531](https://togithub.com/phpseclib/phpseclib/issues/1531), [#1490](https://togithub.com/phpseclib/phpseclib/issues/1490)) - PublicKeyLoader: add support for JSON Web Keys ([#1817](https://togithub.com/phpseclib/phpseclib/issues/1817)) - SSH2: make login method return false under rare situation ([#1790](https://togithub.com/phpseclib/phpseclib/issues/1790)) - SSH2: fix possibly undefined variable error ([#1802](https://togithub.com/phpseclib/phpseclib/issues/1802)) - SFTP: fix enableDatePreservation bug w.r.t. mtime ([#1670](https://togithub.com/phpseclib/phpseclib/issues/1670)) - SFTP: try to delete dir even if it can't be opened ([#1791](https://togithub.com/phpseclib/phpseclib/issues/1791)) - SFTP: try without path canonicalization if initial realpath() fails ([#1796](https://togithub.com/phpseclib/phpseclib/issues/1796)) - SFTP: detect if stream metadata has wrapper_type set for put() method ([#1792](https://togithub.com/phpseclib/phpseclib/issues/1792)) - BigInteger: tweak to the phpinfo checks ([#1726](https://togithub.com/phpseclib/phpseclib/issues/1726)) - BigInteger: fix behavior on 32-bit PHP installs ([#1820](https://togithub.com/phpseclib/phpseclib/issues/1820)) - EC/PKCS8: OpenSSL didn't like phpseclib formed [`Ed25519`](https://togithub.com/phpseclib/phpseclib/commit/Ed25519) public keys ([#1819](https://togithub.com/phpseclib/phpseclib/issues/1819)) - don't use dynamic properties, which are deprecated in PHP 8.2 ([#1808](https://togithub.com/phpseclib/phpseclib/issues/1808), [#1822](https://togithub.com/phpseclib/phpseclib/issues/1822)) - fix deprecated implicit float to int on 32-bit PHP 8.1 ### [`v3.0.14`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3014---2022-04-04) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.13...3.0.14) - RSA: add support for loading PuTTY v3 keys - Crypt/Base: fix CTR mode with continuous buffer with non-eval PHP - Crypt/Base: use sodium_increment in \_increment_str - Crypt/Base: fix deprecation notice ([#1770](https://togithub.com/phpseclib/phpseclib/issues/1770)) - SSH2/Agent: rm unused parameter ([#1757](https://togithub.com/phpseclib/phpseclib/issues/1757)) - BigInteger: add precision to \__debugInfo - BigInteger: fix random engine issues - call useBestEngine() when getEngine() is called ### [`v3.0.13`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3013---2022-01-30) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.12...3.0.13) - SSH2: make login() return false if no valid auth methods are found ([#1744](https://togithub.com/phpseclib/phpseclib/issues/1744)) - SSH2: show a more helpful error message when logging in with pubkey ([#1718](https://togithub.com/phpseclib/phpseclib/issues/1718)) - SSH2: rsa-sha2-256 and rsa-sha2-512 sigs weren't verifying ([#1743](https://togithub.com/phpseclib/phpseclib/issues/1743)) - SFTP: fix chgrp() for version < 4 ([#1730](https://togithub.com/phpseclib/phpseclib/issues/1730)) - Crypt/Base: add OFB8 as a new mode ([phpseclib/mcrypt_compat#33](https://togithub.com/phpseclib/mcrypt_compat/issues/33)) - Crypt/Salsa20: fix PHP 5.6 error ([#1717](https://togithub.com/phpseclib/phpseclib/issues/1717)) - RSA & BigInteger: check phpinfo() available before using it ([#1726](https://togithub.com/phpseclib/phpseclib/issues/1726)) - Fixed psalm level 6 errors in phpseclib/Net/ ([#1746](https://togithub.com/phpseclib/phpseclib/issues/1746)) ### [`v3.0.12`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3012---2021-11-28) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.11...3.0.12) - SSH2: add "smart multi factor" login mode (enabled by default) ([#1648](https://togithub.com/phpseclib/phpseclib/issues/1648)) - SSH2: error out when no data is received from the server ([#1647](https://togithub.com/phpseclib/phpseclib/issues/1647)) - SFTP: don't attempt to parse unsupported attributes ([#1708](https://togithub.com/phpseclib/phpseclib/issues/1708)) - SFTP: getSupportedVersions() call didn't work - EC: error out when scalar is out of range ([#1712](https://togithub.com/phpseclib/phpseclib/issues/1712)) - RSA: add support for raw private keys ([#1711](https://togithub.com/phpseclib/phpseclib/issues/1711)) - SymmetricKey: add getMode() ### [`v3.0.11`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3011---2021-10-26) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.10...3.0.11) - SSH2: add support for zlib and zlib@openssh.com compression - SFTP: add support for SFTPv4/5/6 - SFTP: add option to allow arbitrary length packets ([#1691](https://togithub.com/phpseclib/phpseclib/issues/1691)) - SFTP: errors weren't being logged ([#1702](https://togithub.com/phpseclib/phpseclib/issues/1702)) - RSA: ssh-keygen -yf private.key fails if \r is present ([#1698](https://togithub.com/phpseclib/phpseclib/issues/1698)) ### [`v3.0.10`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3010---2021-08-15) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.9...3.0.10) - SFTP: don't check SFTP packet size after SFTP initialization ([#1606](https://togithub.com/phpseclib/phpseclib/issues/1606)) - SFTP: timeout during SFTP init should return false ([#1684](https://togithub.com/phpseclib/phpseclib/issues/1684)) - SFTP: return false if get_channel_packet returns false ([#1678](https://togithub.com/phpseclib/phpseclib/issues/1678)) - ASN1: return false when not enough bytes are available ([#1676](https://togithub.com/phpseclib/phpseclib/issues/1676)) - BigInteger: Serializable is being deprecated in PHP 8.1 ([#1680](https://togithub.com/phpseclib/phpseclib/issues/1680)) - explicitly define methods as being static ([#1689](https://togithub.com/phpseclib/phpseclib/issues/1689)) - plug memory leaks ([#1672](https://togithub.com/phpseclib/phpseclib/issues/1672)) ### [`v3.0.9`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#309---2021-06-13) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.8...3.0.9) - SSH2: add getAuthMethodsToContinue() method ([#1648](https://togithub.com/phpseclib/phpseclib/issues/1648)) - SSH2: timeout would occasionally infinitely loop - SSH2: fix PHP7.4 errors about accessing bool as string ([#1656](https://togithub.com/phpseclib/phpseclib/issues/1656)) - SSH2: fix issue with key re-exchange ([#1644](https://togithub.com/phpseclib/phpseclib/issues/1644)) - SFTP: reopen channel on channel closure ([#1654](https://togithub.com/phpseclib/phpseclib/issues/1654)) - X509: extra characters before cert weren't being removed ([#1659](https://togithub.com/phpseclib/phpseclib/issues/1659)) - X509: signing with pw protected PSS keys yielded errors ([#1657](https://togithub.com/phpseclib/phpseclib/issues/1657)) - ASN1: fix timezone issue when non-utc time is given ([#1562](https://togithub.com/phpseclib/phpseclib/issues/1562)) - ASN1: change how default values are processed for ints and enums ([#1665](https://togithub.com/phpseclib/phpseclib/issues/1665)) - RSA: OAEP decryption didn't check labels correctly ([#1669](https://togithub.com/phpseclib/phpseclib/issues/1669)) ### [`v3.0.8`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#308---2021-04-20) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.7...3.0.8) - AsymetrticKey: add getComment() method ([#1638](https://togithub.com/phpseclib/phpseclib/issues/1638)) - SymmetricKey: cipher_name_openssl_ecb shouldn't be static because of AES ([#1636](https://togithub.com/phpseclib/phpseclib/issues/1636)) - X509: don't filter basicConstraints on unique values ([#1639](https://togithub.com/phpseclib/phpseclib/issues/1639)) - X509: make it so extensions can be set as critical ([#1640](https://togithub.com/phpseclib/phpseclib/issues/1640)) ### [`v3.0.7`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#307---2021-04-06) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.6...3.0.7) - X509: always parse the first cert of a bundle ([#1568](https://togithub.com/phpseclib/phpseclib/issues/1568)) - SSH2: behave like putty with broken publickey auth ([#1572](https://togithub.com/phpseclib/phpseclib/issues/1572)) - SSH2: don't close channel on unexpected response to channel request ([#1631](https://togithub.com/phpseclib/phpseclib/issues/1631)) - RSA: cleanup RSA [PKCS#1](https://togithub.com/PKCS/phpseclib/issues/1) v1.5 signature verification (CVE-2021-30130) - Crypt: use a custom error handler for mcrypt to avoid deprecation errors ### [`v3.0.6`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#306---2021-03-13) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.5...3.0.6) - SFTP/Stream: make it so you can write past the end of a file ([#1618](https://togithub.com/phpseclib/phpseclib/issues/1618)) - SFTP/Stream: fix undefined index notice in stream touch() ([#1615](https://togithub.com/phpseclib/phpseclib/issues/1615)) - SFTP/Stream: mkdir didn't work ([#1617](https://togithub.com/phpseclib/phpseclib/issues/1617)) - BigInteger: fix issue with toBits on 32-bit PHP 8 installs - SFTP: digit only filenames were converted to integers by php ([#1623](https://togithub.com/phpseclib/phpseclib/issues/1623)) ### [`v3.0.5`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#305---2021-02-12) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.4...3.0.5) - X509: add getCurrentCert method (since $currentCert is now private) ([#1602](https://togithub.com/phpseclib/phpseclib/issues/1602)) - PublicKeyLoader: add loadPrivateKey() and loadPublicKey() methods ([#1603](https://togithub.com/phpseclib/phpseclib/issues/1603)) - Rijndael: calling setIV() after setBlockLength() can result in err ([#1599](https://togithub.com/phpseclib/phpseclib/issues/1599)) - RSA: use OpenSSL for generating private keys ([#1596](https://togithub.com/phpseclib/phpseclib/issues/1596)) - BigInteger: big speedups for when OpenSSL is used ([#1596](https://togithub.com/phpseclib/phpseclib/issues/1596)) ### [`v3.0.4`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#304---2021-01-25) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.3...3.0.4) - Random: use v9.99.99 of random_compat if appropriate ([#1585](https://togithub.com/phpseclib/phpseclib/issues/1585), [#1571](https://togithub.com/phpseclib/phpseclib/issues/1571)) - SSH/Agent: EC keys didn't work with agent ([#1593](https://togithub.com/phpseclib/phpseclib/issues/1593)) - X509: fix niche issue with computeKeyIdentifier ([#1586](https://togithub.com/phpseclib/phpseclib/issues/1586)) ### [`v3.0.3`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3034---2023-11-27) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.2...3.0.3) - SSH2: add support for RFC8308 ([#1960](https://togithub.com/phpseclib/phpseclib/issues/1960)) - SSH2: don't use AES GCM for TurboFTP Server ([#1957](https://togithub.com/phpseclib/phpseclib/issues/1957)) - SSH2: reset more internal variables when connection is reset ([#1961](https://togithub.com/phpseclib/phpseclib/issues/1961)) - PKCS8: PBES1 / RC2 and PBES2 / DES keys didn't work ([#1958](https://togithub.com/phpseclib/phpseclib/issues/1958)) - EC/Signature/Format: add new IEEE format ([#1956](https://togithub.com/phpseclib/phpseclib/issues/1956)) - Math/BigInteger/Engines/PHP: PHP 8.2.13+ fixes Windows JIT issue - Math/BinaryField: fix for excessively large degrees (CVE-2023-49316) - Math/PrimeField: fix occasional error with squareRoot method ### [`v3.0.2`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3023---2023-09-18) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.1...3.0.2) - fix "Undefined index: jit" error on Windows ([#1940](https://togithub.com/phpseclib/phpseclib/issues/1940)) ### [`v3.0.1`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#3019---2023-03-05) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/3.0.0...3.0.1) - AsymmetricKey: error out on unsupported operations ([#1879](https://togithub.com/phpseclib/phpseclib/issues/1879)) - Blowfish: fix issues on 32-bit PHP installs - BigInteger: fix for hex numbers with new lines in them - SFTP: fix "Creating default object from empty value" error ([#1876](https://togithub.com/phpseclib/phpseclib/issues/1876)) - SSH2: add getTimeout() method ([#1889](https://togithub.com/phpseclib/phpseclib/issues/1889)) - PrimeField: prevent infinite loop with composite primefields (CVE-2023-27560) ### [`v3.0.0`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#300---2020-12-16) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/2.0.45...3.0.0) - drop SSH1 and SCP support - add support for the following crypto algorithms: - [`Ed25519`](https://togithub.com/phpseclib/phpseclib/commit/Ed25519) / Ed449 / Curve25519 / Curve449 - ECDSA / ECDH (66 curves) - DSA / DH - GCM / Poly1305 - Salsa20 / ChaCha20 - namespace changed from `phpseclib\` to `\phpseclib3` to facilitate phpseclib 2 shim (phpseclib2\_compat) ### [`v2.0.45`](https://togithub.com/phpseclib/phpseclib/blob/HEAD/CHANGELOG.md#2045---2023-09-15) [Compare Source](https://togithub.com/phpseclib/phpseclib/compare/2.0.44...2.0.45) - SFTP: make it so SFTP::RESUME also sets offset of local file ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921)) - SFTP: RESUME_START didn't work as described ([#1921](https://togithub.com/phpseclib/phpseclib/issues/1921)) - SFTP: fix SFTPv2 errors when logging errors ([#1933](https://togithub.com/phpseclib/phpseclib/issues/1933)) - SFTP: fix issue with get() downloading to files / streams ([#1934](https://togithub.com/phpseclib/phpseclib/issues/1934)) - Rijndael: fix E_DEPRECATED ([#1935](https://togithub.com/phpseclib/phpseclib/issues/1935)) - improve PHP32 compatibility ([#1931](https://togithub.com/phpseclib/phpseclib/issues/1931))Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.