From 06320c296488622c36b1391a10f4593166d57ecf Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI
Date: Fri, 13 Dec 2019 01:35:25 +0100
Subject: Update Release Notes for 1.24-Update2-RC
---
doc/chm/VeraCrypt User Guide.chm | Bin 1971941 -> 1973753 bytes
doc/html/Release Notes.html | 66 +++++++++++++++++++++++++++++++++++++++
2 files changed, 66 insertions(+)
diff --git a/doc/chm/VeraCrypt User Guide.chm b/doc/chm/VeraCrypt User Guide.chm
index a0b2c68e..eb30f151 100644
Binary files a/doc/chm/VeraCrypt User Guide.chm and b/doc/chm/VeraCrypt User Guide.chm differ
diff --git a/doc/html/Release Notes.html b/doc/html/Release Notes.html
index 09e5d1ed..f7354e2e 100644
--- a/doc/html/Release Notes.html
+++ b/doc/html/Release Notes.html
@@ -40,6 +40,72 @@
To avoid hinting whether your volumes contain a hidden volume or not, or if you depend on plausible deniability when using hidden volumes/OS, then you must recreate both the outer and hidden volumes including system encryption and hidden OS, discarding existing volumes created prior to 1.18a version of VeraCrypt.
+1.24-Update2-RC (December 12th, 2019):
+
+- All OSes:
+
+- clear AES key from stack memory when using non-optimized implementation. Doesn't apply to VeraCrypt official build (Reported and fixed by Hanno Böck)
+- Update Jitterentropy RNG Library to version 2.2.0
+- Start following IEEE 1541 agreed naming of bytes (KiB, MiB, GiB, TiB, PiB).
+- Various documentation enhancements.
+
+
+- Windows:
+
+- Fix possible local privilege escalation vulnerability during execution of VeraCrypt Expander (CVE-2019-19501)
+- MBR bootloader:
+
+- workaround for SSD disks that don't allow write operations in BIOS mode with buffers less than 4096 bytes.
+- Don't restore MBR to VeraCrypt value if it is coming from a loader different from us or different from Microsoft one.
+
+
+- EFI bootloader:
+
+- Fix "ActionFailed" not working and add "ActionCancelled" to customize handling of user hitting ESC on password prompt
+- Fix F5 showing previous password after failed authentication attempt. Ensure that even wrong password value are cleared from memory.
+
+
+- Fix multi-OS boot compatibility by only setting VeraCrypt as first bootloader of the system if the current first bootloader is Windows one.
+- Add new registry flags for SystemFavoritesService to control updating of EFI BIOS boot menu on shutdown.
+- Allow system encrypted drive to be mounted in WindowsPE even if changing keyboard layout fails (reported and fixed by Sven Strickroth)
+- Enhancements to the mechanism preserving file timestamps, especially for keyfiles.
+- Fix RDRAND instruction not detected on AMD CPUs.
+- Detect cases where RDRAND is flawed (e.g. AMD Ryzen) to avoid using it if enabled by user
.
+- Don't write extra 0x00 byte at the end of DcsProp file when modifying it through UI
+- Reduce memory usage of IOCTL_DISK_VERIFY handler used in disk verification by Windows.
+- Add switch /FastCreateFile for VeraCrypt Format.exe to speedup creation of large file container if quick format is selected.
+- Fix the checkbox for skipping verification of Rescue Disk not reflecting the value of /noisocheck switch specified in VeraCrypt Format command line.
+- check "TrueCrypt Mode" in password dialog when mounting a file container with .tc extension
+- Update XML languages files.
+
+
+- Linux:
+
+- Fix regression causing admin password to be requested too many times in some cases
+- Fix off by one buffer overflow in function Process::Execute (Reported and fixed by Hanno Böck)
+- Make sure password gets deleted in case of internal error when mounting volume (Reported and fixed by Hanno Böck)
+- Fix passwords using Unicode characters not recognized in text mode.
+- Fix failure to run VeraCrypt binary built for console mode on headless machines.
+- Add switch to force the use of legacy maximum password length (64 UTF8 bytes)
+- Add CLI switch (--use-dummy-sudo-password) to force use of old sudo behavior of sending a dummy password
+- During uninstall, output error message to STDERR instead of STDOUT for better compatibility with package managers.
+- Make sector size mismatch error when mounting disks more verbose.
+- Speedup SHA256 in 64-bit mode by using assembly code.
+
+
+- MacOSX:
+
+- Add switch to force the use of legacy maximum password length (64 UTF8 bytes)
+- Fix off by one buffer overflow in function Process::Execute (Reported and fixed by Hanno Böck)
+- Fix passwords using Unicode characters not recognized in text mode.
+- Make sector size mismatch error when mounting disks more verbose.
+- Speedup SHA256 in 64-bit mode by using assembly code.
+- Link against latest wxWidgets version 3.1.3
+
+
+
+
+
1.24-Hotfix1 (October 27rd, 2019):