From cb392e42e00dce04de9dd1b5404e09b96037c2fcdda6e11c90a25b0acb2b5dde Mon Sep 17 00:00:00 2001 From: Daniel Molkentin Date: Wed, 11 Apr 2018 08:07:34 +0000 Subject: [PATCH] Accepting request 595519 from home:dmolkentin:branches:devel:libraries:c_c++ - Update to Botan 2.6 * CVE-2018-9860 Fix a bug decrypting TLS CBC ciphertexts which could for a malformed ciphertext cause the decryptor to read and HMAC an additional 64K bytes of data which is not part of the record. This could cause a crash if the read went into unmapped memory. No information leak or out of bounds write occurs. * Add support for OAEP labels (GH #1508) * RSA signing is about 15% faster (GH #1523) and RSA verification is about 50% faster. * Add exponent blinding to RSA (GH #1523) * Add Cipher_Mode::create and AEAD_Mode::create (GH #1527) * Fix bug in TLS server introduced in 2.5 which caused connection to fail if the client offered any signature algorithm not known to the server (for example RSA/SHA-224). * Fix a bug in inline asm that would with GCC 7.3 cause incorrect computations and an infinite loop during the tests. (GH #1524 #1529) OBS-URL: https://build.opensuse.org/request/show/595519 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=82 --- Botan-2.5.0.tgz | 3 --- Botan-2.5.0.tgz.asc | 11 ----------- Botan-2.6.0.tgz | 3 +++ Botan-2.6.0.tgz.asc | 11 +++++++++++ Botan.changes | 26 ++++++++++++++++++++++++++ Botan.spec | 2 +- 6 files changed, 41 insertions(+), 15 deletions(-) delete mode 100644 Botan-2.5.0.tgz delete mode 100644 Botan-2.5.0.tgz.asc create mode 100644 Botan-2.6.0.tgz create mode 100644 Botan-2.6.0.tgz.asc diff --git a/Botan-2.5.0.tgz b/Botan-2.5.0.tgz deleted file mode 100644 index 48053b8..0000000 --- a/Botan-2.5.0.tgz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b8a31fe03e7f048a5bd3967ecd04b6a48966215e78792df06e333b0eede4fb1b -size 6596225 diff --git a/Botan-2.5.0.tgz.asc b/Botan-2.5.0.tgz.asc deleted file mode 100644 index 6629625..0000000 --- a/Botan-2.5.0.tgz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAlrCMRMACgkQYhHr8e+6 -37yzrAf/aiXeISEKVstL7x5thRR9iz9L1KqzQXDBQOxTYeilEGcvuddqYfJ8f6hY -zaFSigYLDjX1i8lDprtCV0JwluW9HCgF9JfZnzLPgn6JdGmvHGc/c0OPHV0iUlhX -cUfRwVF/lburg3HD139KvaKJycJOa6KWhaQImpTA8l+Xh819Q8Zd51w8PbnBKAOn -7xVlOqdj5Pe10qn5LOsaHEzsbTGpqbvYlr1vfZwQym0lilpjabMZvX6nZKE9a6gf -rYrv+m9uriDBqlmn+RlwgZwBlrjnEse1b9pXMZpkbzcQlH6KEWYxdvSmITTrCPG3 -61LP5ZIjp0U0bwgHHGlZjY3oMjA6kw== -=Wj1M ------END PGP SIGNATURE----- diff --git a/Botan-2.6.0.tgz b/Botan-2.6.0.tgz new file mode 100644 index 0000000..111dce7 --- /dev/null +++ b/Botan-2.6.0.tgz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c1f261555bba702c73608dde7bd743ef2d6377a41a1c295915b25c5babaf5cc5 +size 6599127 diff --git a/Botan-2.6.0.tgz.asc b/Botan-2.6.0.tgz.asc new file mode 100644 index 0000000..3a8854a --- /dev/null +++ b/Botan-2.6.0.tgz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAlrMubEACgkQYhHr8e+6 +37ycHgf/R0IMmiQLI+ycU3GaTV/GsjJxcBE44NCwJPUBxqgvjNpY7sUv5ROkaKy5 +wSKVneOjZf8KJSEZlb3FqYuGLEsph6e0qO0C8wjKGJs4Le1kVp6oJaKI6AXaDUHf +EbKYRXDiSGnAbA57ncFOICNHXKjvj9E7NdxbYVLLak9ILzGAKH7gouCYLEIil0mx +pfpb4FEoWYIJoKCGyBFZrdRYtBAEUG15QASJ5UDbCF2io4BL1T07cCeD3TnoHmwd +3PXCaD6cE9c2p3cDuXsYStpPK8yCPr4F6gBQrJeP3x/wndK6j8JhuqsVQzXaTJm6 +vYCQEzULrRqVkfTDl1j8FtaWi0s5UA== +=MSIv +-----END PGP SIGNATURE----- diff --git a/Botan.changes b/Botan.changes index 99c41b1..0313873 100644 --- a/Botan.changes +++ b/Botan.changes @@ -1,3 +1,29 @@ +------------------------------------------------------------------- +Tue Apr 10 15:07:00 UTC 2018 - daniel.molkentin@suse.com + +- Update to Botan 2.6 + + * CVE-2018-9860 Fix a bug decrypting TLS CBC ciphertexts which could for a + malformed ciphertext cause the decryptor to read and HMAC an additional 64K + bytes of data which is not part of the record. This could cause a crash if + the read went into unmapped memory. No information leak or out of bounds + write occurs. + + * Add support for OAEP labels (GH #1508) + + * RSA signing is about 15% faster (GH #1523) and RSA verification is about 50% faster. + + * Add exponent blinding to RSA (GH #1523) + + * Add Cipher_Mode::create and AEAD_Mode::create (GH #1527) + + * Fix bug in TLS server introduced in 2.5 which caused connection to fail if + the client offered any signature algorithm not known to the server (for + example RSA/SHA-224). + + * Fix a bug in inline asm that would with GCC 7.3 cause incorrect + computations and an infinite loop during the tests. (GH #1524 #1529) + ------------------------------------------------------------------- Tue Apr 3 08:06:46 UTC 2018 - daniel.molkentin@suse.com diff --git a/Botan.spec b/Botan.spec index 7b095de..6f850cd 100644 --- a/Botan.spec +++ b/Botan.spec @@ -19,7 +19,7 @@ %define version_suffix 2-5 %define short_version 2 Name: Botan -Version: 2.5.0 +Version: 2.6.0 Release: 0 Summary: A C++ Crypto Library License: BSD-2-Clause