libcryptopp/libcryptopp.changes

349 lines
14 KiB
Plaintext

-------------------------------------------------------------------
Thu May 16 05:53:13 UTC 2024 - pgajdos@suse.com
- security update
- added patches
fix CVE-2023-50980 [bsc#1218219], DoS via malformed DER public key file
+ libcryptopp-CVE-2023-50980.patch
fix CVE-2023-50981 [bsc#1218222], issue on ModularSquareRoot function leads to potential DoS
+ libcryptopp-CVE-2023-50981.patch
-------------------------------------------------------------------
Sun Jul 16 18:55:10 UTC 2023 - Dirk Müller <dmueller@suse.com>
- update to 8.8.0:
* minor release, recompile of programs required
* expanded community input and support
* 88 unique contributors as of this release
* fix crash in cryptest.exe when invoked with no options
* fix crash in library due to GCC removing live code
* fix RSA with key size 16 may provide an invalid key
* fix failure to build on 32-bit x86
* fix failure to build on iPhone Simulator for arm64
* fix failure to build on Windows arm64
* test for SSSE3 before using the ISA
* fix include of when using MSVC
* improve performance of CRC32C_Update_SSE42 for x86-64
* update documentation
-------------------------------------------------------------------
Wed Aug 10 04:17:28 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com>
- Enable SSE2 to fix i586 build
-------------------------------------------------------------------
Tue Aug 9 07:18:25 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com>
- Update to 8.7.0
- https://cryptopp.com/release870.html
* fix RSA key generation for small moduli (GH #1136)
* fix AES-GCM with AESNI but without CLMUL (GH #1132)
* rework CFB_CipherTemplate::ProcessData and AdditiveCipherTemplate::ProcessData (GH #1088, GH #1103)
+ restored performance and avoided performance penalty of a temp buffer
* fix undersized SecBlock buffer in Integer bit operations (GH #1072)
* work around several GCC 11 & 12 problems
-------------------------------------------------------------------
Sat Sep 25 08:00:47 UTC 2021 - Dave Plater <davejplater@gmail.com>
- Update to 8.6.0
-upstream changes:
*This release clears CVE-2021-40530 and fixes a problem with
ChaCha20 AVX2 implementation.
*The CVE was due to ElGamal encryption using a work estimate to
size encryption exponents instead subgroup order.
*The ChaCha20 issue was due to mishandling a carry in the AVX2
code path. The ChaCha20 issue was difficult to duplicate, so
most users should not experience it.
-------------------------------------------------------------------
Wed Mar 17 20:03:35 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 8.5.0:
* minor release, no recompile of programs required
* expanded community input and support
* 70 unique contributors as of this release
* port to Apple M1 hardware
-------------------------------------------------------------------
Sat Jan 2 10:34:52 UTC 2021 - Dave Plater <davejplater@gmail.com>
- Update to version 8.4.0 and remove obsolete patches:
0001-Fix-TCXXFLAGS-using-openSUSE-standard-flags-GH-865.patch,
0001-Fix-missing-if-statement.patch and cve-2019-14318.patch
- Upstream changes:
*fix use of macro CRYPTOPP_ALIGN_DATA
*fix potential out-of-bounds read in ECDSA
*fix std::bad_alloc when using ByteQueue in pipeline
*fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang
*fix potential out-of-bounds read in GCM mode
*add configure.sh when preprocessor macros fail
*fix potential out-of-bounds read in SipHash
*fix compile error on POWER9 due to vec_xl_be
*fix K233 curve on POWER8
*add Cirrus CI testing
*fix broken encryption for some 64-bit ciphers
*disable RDRAND and RDSEED for some AMD processors
*fix BLAKE2 hash calculation using Salt and Personalization
*add XTS mode
*fix circular dependency between misc.h and secblock.h
*add Certificate interface
*fix recursion in AES::Encryption without AESNI
*add missing OID for ElGamal encryption
*fix missing override in KeyDerivationFunction-derived classes
*fix RDSEED assemble under MSVC
*fix elliptic curve timing leaks (CVE-2019-14318)
*add link-library variable to Makefiles
*fix SIZE_MAX definition in misc.h
*add GetWord64 and PutWord64 to BufferedTransformation
*use HKDF in AutoSeededX917RNG::Reseed
*fix Asan finding in VMAC on i686 in inline asm
*fix undeclared identifier _mm_roti_epi64 on Gentoo
*fix ECIES and GetSymmetricKeyLength
*fix possible divide by zero in PKCS5_PBKDF2_HMAC
*refine ASN.1 encoders and decoders
*disable BMI2 code paths in Integer class
*fix use of CRYPTOPP_CLANG_VERSION
*add NEON SHA1, SHA256 and SHA512 from Cryptogams
*add ARM SHA1, SHA256 and SHA512 from Cryptogams
*fix reference binding to misaligned address in xed25519
*clear asserts in TestDataNameValuePairs
*fix SIGILL on POWER8 when compiling with GCC 10
*fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup
*revert changes for constant-time elliptic curve algorithms
-------------------------------------------------------------------
Thu Jul 2 11:40:59 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>
- Simplify the baselibs creation
- Do not BR unzip as the tarball is tar.gz
- Generate the pc file with cat not bunch of echos
-------------------------------------------------------------------
Sun Aug 11 12:48:14 UTC 2019 - Dave Plater <davejplater@gmail.com>
- Added cve-2019-14318.patch which fixes (1)leak in ECDSA nonce
length; and (2) leak in prime fields (ECP class).
- See boo#1145187
- Disabled LTO for i586 to fix build failure.
-------------------------------------------------------------------
Sat Jul 20 09:34:46 UTC 2019 - Dave Plater <davejplater@gmail.com>
- Update to major version 8.2.0
- Filter out -flto= flag for arm7 see cryptopp issue#865
- Remove 0001-disable_os_rng_test.patch which is no longer needed.
- Rebase libcryptopp-shared.patch
- Added patchs from git which is indicated in cryptopp issue#865:
0001-Fix-TCXXFLAGS-using-openSUSE-standard-flags-GH-865.patch
and 0001-Fix-missing-if-statement.patch.
Upstream changes since 7.0.0:
*use PowerPC unaligned loads and stores with Power8
*add SKIPJACK test vectors
*fix SHAKE-128 and SHAKE-256 compile
*removed IS_NEON from Makefile
*fix Aarch64 build on Fedora 29
*fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL
*add missing BLAKE2 constructors
*fix missing BlockSize() in BLAKE2 classes
*add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE
*add carryless multiplies for NIST b233 and k233 curves
*fix OpenMP build due to use of OpenMP 4 with down-level compilers
*add SignStream and VerifyStream for ed25519 and large files
*fix missing AlgorithmProvider in PanamaHash
*add SHAKE-128 and SHAKE-256
*fix AVX2 build due to _mm256_broadcastsi128_si256
*add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305
*add x25519 key exchange and ed25519 signature scheme
*add limited Asymmetric Key Package support from RFC 5958
*add Power9 DARN random number generator support
*add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck
*fix FixedSizeAllocatorWithCleanup may be unaligned on some
platforms
*cutover to GNU Make-based cpu feature tests
*rename files with dashes to underscores
*fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC
*avoid Singleton<T> when possible, avoid std::call_once completely
*fix SPARC alignment problems due to GetAlignmentOf<T>() on word64
*add ARM AES asm implementation from Cryptogams
*remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support
-------------------------------------------------------------------
Sat Nov 17 14:27:33 UTC 2018 - Adam Mizerski <adam@mizerski.pl>
- update to v7.0.0
* changelog available at https://cryptopp.com/release700.html
and in packaged Readme.txt
- Refreshed patches
* 0001-disable_os_rng_test.patch
* libcryptopp-shared.patch
- Dropped patch reproducible.patch - merged upstream
-------------------------------------------------------------------
Sat May 20 19:45:06 UTC 2017 - bwiedemann@suse.com
- Add reproducible.patch to sort input files to make build fully reproducible
-------------------------------------------------------------------
Fri Mar 3 05:58:37 UTC 2017 - davejplater@gmail.com
- Added patch field to soname due to library not following proper
API/ABI versioning to fix boo#1027192.
- Removed crypto.pc and generate it in the spec file to ensure
proper version and directories.
- Changed libcryptopp-shared.patch.
- Renamed library package and obsoleted old name.
- added precheckin_baselibs.sh and updated baselibs.conf
-------------------------------------------------------------------
Thu Feb 23 23:16:02 UTC 2017 - adam@mizerski.pl
- update to 5.6.5
* Rebase libcryptopp-shared.patch
* Rebase 0001-disable_os_rng_test.patch
- enable openmp usage
-------------------------------------------------------------------
Thu Feb 2 02:03:34 UTC 2017 - jengelh@inai.de
- Add obsoletes tag for dropped static lib
-------------------------------------------------------------------
Sat Jan 28 20:58:04 UTC 2017 - jengelh@inai.de
- Remove libcryptoo-devel-static, this seems unused in Factory.
-------------------------------------------------------------------
Sat Jan 28 09:32:22 UTC 2017 - jengelh@inai.de
- Update descriptions
-------------------------------------------------------------------
Mon Sep 12 08:50:44 UTC 2016 - bwiedemann@suse.com
- Update to 5.6.4
* Use proper openSUSE-style library naming
* Drop upstream libcryptopp-s390.patch
* Drop upstream libcryptopp-m68k.patch
* Drop upstream libcryptopp-CVE-2015-2141.patch
* Drop upstream cryptopp-gcc6.patch
* Rebase libcryptopp-shared.patch
* Rebase 0001-disable_os_rng_test.patch
-------------------------------------------------------------------
Mon Jun 20 11:09:05 UTC 2016 - i@marguerite.su
- add patch cryptopp-gcc6.patch
* fix boo#985143
* fix narrowing conversion from unsigned int to int inside {}
-------------------------------------------------------------------
Wed Jul 8 08:01:11 UTC 2015 - bwiedemann@suse.com
- prevent timing attack to get secret key (bnc#936435, CVE-2015-2141)
add libcryptopp-CVE-2015-2141.patch
-------------------------------------------------------------------
Fri Aug 15 01:39:59 UTC 2014 - sfalken@opensuse.org
- Added 0001-disable_os_rng_test.patch
Fixes buildfailure on openSUSE_Factory x86_64 within OBS environment,
due to OS supplied Random Number Generator taking too long to respond
-------------------------------------------------------------------
Thu Apr 3 13:21:06 UTC 2014 - schwab@suse.de
- libcryptopp-m68k.patch: define IS_LITTLE_ENDIAN on m68k
-------------------------------------------------------------------
Wed Dec 18 02:40:17 CET 2013 - ro@suse.de
- define as big endian on s390/s390x (libcryptopp-s390.patch)
-------------------------------------------------------------------
Wed Aug 28 08:29:36 UTC 2013 - dmueller@suse.com
- remove noninstallable 32bit -devel baselibs
-------------------------------------------------------------------
Fri Mar 1 17:02:43 UTC 2013 - adam@mizerski.pl
- update to 5.6.2
- changed license to Boost Software License 1.0
- added SHA-3 (Keccak)
- updated DSA to FIPS 186-3 (see DSA2 class)
- fixed Blowfish minimum keylength to be 4 bytes (32 bits)
- fixed Salsa validation failure when compiling with GCC 4.6
- fixed infinite recursion when on x64, assembly disabled, and
no AESNI
- ported to MSVC 2012, GCC 4.7, Clang 3.2, Solaris Studio 12.3,
Intel C++ Compiler 13.0
- removed libcryptopp-gcc47.patch - fixed upstream
- rebased libcryptopp-shared.patch
- added devel-static subpackage
- updated license tag
-------------------------------------------------------------------
Sun Oct 14 10:58:07 UTC 2012 - adam@mizerski.pl
- added baselibs.conf
- spec file improved
-------------------------------------------------------------------
Sat Mar 17 14:25:26 UTC 2012 - dimstar@opensuse.org
- Add libcryptopp-gcc47.patch: Fix build with gcc 4.7.
-------------------------------------------------------------------
Sun Feb 5 16:39:49 UTC 2012 - jengelh@medozas.de
- Proper shared library versioning
-------------------------------------------------------------------
Mon Oct 17 14:33:16 UTC 2011 - jengelh@medozas.de
- Remove bogus Conflict against libcrypto++0 (cf. shlib guidelines)
-------------------------------------------------------------------
Sat Oct 14 13:37:59 UTC 2011 - toddrme2178@gmail.com
- Added pkg-config file from fedora project
- Cleaned up spec file formatting
-------------------------------------------------------------------
Sun Jul 10 23:43:05 CEST 2011 - meissner@suse.de
- add -lpthread for tests
-------------------------------------------------------------------
Thu Dec 16 14:40:17 UTC 2010 - andreas.hanke@gmx-topmail.de
- Update to version 5.6.1:
- added support for AES-NI and CLMUL instruction sets in AES and
GMAC/GCM
- removed WAKE-CFB
- fixed several bugs in the SHA-256 x86/x64 assembly code:
* incorrect hash on non-SSE2 x86 machines on non-aligned input
* incorrect hash on x86 machines when input crosses 0x80000000
* incorrect hash on x64 when compiled with GCC with optimizations
enabled
- fixed bugs in AES x86 and x64 assembly causing crashes in some MSVC
build configurations
- switched to a public domain implementation of MARS
- ported to MSVC 2010, GCC 4.5.1, Sun Studio 12u1, C++Builder 2010,
Intel C++ Compiler 11.1
- renamed the MSVC DLL project to "cryptopp" for compatibility with
MSVC 2010
- Changes to library packaging:
- update the interface number because there were ABI changes, now
matching the Debian package
- introduce a conflict with the PackMan package
- ship License.txt and Readme.txt
- drop the static library
-------------------------------------------------------------------
Mon Aug 9 22:29:54 UTC 2010 - pascal.bleser@opensuse.org
- initial package (5.6.0)