Preparing for 0.46

--HG--
extra : convert_revision : 7f9d2401cc4f49955f59327a6e8213b1911784bf

2 files changed, 23 insertions, 2 deletions

diff --git a/CHANGES b/CHANGES
index ace4cec..85e7bc5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,24 @@
+0.46
+
+- Fix long-standing bug which caused connections to be closed if an ssh-agent
+  socket was no longer available
+
+- print a warning if we seem to be blocking on /dev/random 
+  (suggested by Paul Fox)
+
+- fixed a memory leak in DSS code (thanks to Boris Berezovsky for the patch)
+
+- dbclient -L no longer segfaults, allocate correct buffer size (thanks
+  to David Cook for reporting it)
+
+- added RSA blinding (recommended by Dan Kaminsky)
+
+- rearranged bignum reading/random generation code
+
+- Reset the non-blocking status on stderr and stdout as well as stdin,
+  fixes a problem where the shell running dbclient will exit (thanks to 
+  Brent Roman for reporting it)
+
 0.45 - Mon March 7 2005
 
 - Makefile no longer appends 'static' to statically linked binaries
diff --git a/TODO b/TODO
index cfd045b..c737c51 100644
--- a/TODO
+++ b/TODO
@@ -13,9 +13,9 @@ Things which might need doing:
 
 - Binding to different interfaces
 
-- possible RSA blinding? need to check whether this is vuln to timing attacks
 - check PRNG
-- CTR mode, SSH_MSG_IGNORE sending to improve CBC security
+- CTR mode
+- SSH_MSG_IGNORE sending to improve CBC security
 - DH Group Exchange possibly, or just add group14 (whatever it's called today)
 
 - fix scp.c for IRIX