Posted: 2013-09-15 Categories: Programming | SHA-3 | Lisp

A new patch release 1.0.2 of the SHA-3 library has been released, which fixes an important bug in the generation of message digests, where multiple calls to sha3-update with partially filled buffers could lead to input data being lost and therefore incorrect and colliding message digests being generated.

All users of SHA-3 should upgrade to the new release to avoid this issue.

Thanks to Orivej Desh for reporting this issue.

The release is available from its PMSF page, and its GitHub home.