Merge branch '1.0' into 2.0

CHANGELOG.md

@@ -1,5 +1,16 @@
 # Changelog
 
+## 2.0.15 - 2019-03-10
+
+- SFTP: make it so get() can correctly handle out of order responses (#1343)
+- Crypt: avoid bogus IV errors in ECB mode with OpenSSL (#1087)
+- RSA: protect against possible timing attack during OAEP decryption
+- RSA: fix possible memory leak with XML keys (#1346)
+- Hash: fix issue with undefined constants (#1347)
+- Hash: fix issues with the mode
+- SCP: issue error if remote_file is empty in put() call (#1335)
+- X509: whitelist OID 1.3.6.1.4.1.11129.2.4.2 (#1341)
+
 ## 2.0.14 - 2019-01-27
 
 - SSH2: ssh-rsa is sometimes incorrectly used instead of rsa-sha2-256 (#1331)
@@ -139,6 +150,16 @@
 - Classes were renamed and namespaced ([#243](https://github.com/phpseclib/phpseclib/issues/243))
 - The use of an autoloader is now required (e.g. Composer)
 
+## 1.0.15 - 2019-03-10
+
+- SFTP: make it so get() can correctly handle out of order responses (#1343)
+- Crypt: avoid bogus IV errors in ECB mode with OpenSSL (#1087)
+- RSA: protect against possible timing attack during OAEP decryption
+- RSA: fix possible memory leak with XML keys (#1346)
+- Hash: fix issues with the mode
+- SCP: issue error if remote_file is empty in put() call (#1335)
+- X509: whitelist OID 1.3.6.1.4.1.11129.2.4.2 (#1341)
+
 ## 1.0.14 - 2019-01-27
 
 - SSH2: ssh-rsa is sometimes incorrectly used instead of rsa-sha2-256 (#1331)

README.md

@@ -37,7 +37,7 @@ AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509
 * Composer compatible (PSR-0 autoloading)
 * Install using Composer: `composer require phpseclib/phpseclib ~1.0`
 * Install using PEAR: See [phpseclib PEAR Channel Documentation](http://phpseclib.sourceforge.net/pear.htm)
-* [Download 1.0.14 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.14.zip/download)
+* [Download 1.0.15 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.15.zip/download)
 
 ## Support