Accepting request 595522 from devel:libraries:c_c++

OBS-URL: https://build.opensuse.org/request/show/595522 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/Botan?expand=0&rev=49
2018-04-11 12:03:56 +00:00 · 2018-04-11 12:03:56 +00:00 · 0b4917e1e8
commit 0b4917e1e8
parent 507ebbccd8 cb392e42e0
6 changed files with 41 additions and 15 deletions
--- a/Botan-2.5.0.tgz
+++ b/Botan-2.5.0.tgz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b8a31fe03e7f048a5bd3967ecd04b6a48966215e78792df06e333b0eede4fb1b
-size 6596225
--- a/Botan-2.5.0.tgz.asc
+++ b/Botan-2.5.0.tgz.asc
@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAlrCMRMACgkQYhHr8e+6
-37yzrAf/aiXeISEKVstL7x5thRR9iz9L1KqzQXDBQOxTYeilEGcvuddqYfJ8f6hY
-zaFSigYLDjX1i8lDprtCV0JwluW9HCgF9JfZnzLPgn6JdGmvHGc/c0OPHV0iUlhX
-cUfRwVF/lburg3HD139KvaKJycJOa6KWhaQImpTA8l+Xh819Q8Zd51w8PbnBKAOn
-7xVlOqdj5Pe10qn5LOsaHEzsbTGpqbvYlr1vfZwQym0lilpjabMZvX6nZKE9a6gf
-rYrv+m9uriDBqlmn+RlwgZwBlrjnEse1b9pXMZpkbzcQlH6KEWYxdvSmITTrCPG3
-61LP5ZIjp0U0bwgHHGlZjY3oMjA6kw==
-=Wj1M
-----END PGP SIGNATURE-----
--- a/Botan-2.6.0.tgz
+++ b/Botan-2.6.0.tgz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c1f261555bba702c73608dde7bd743ef2d6377a41a1c295915b25c5babaf5cc5
+size 6599127
--- a/Botan-2.6.0.tgz.asc
+++ b/Botan-2.6.0.tgz.asc
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAlrMubEACgkQYhHr8e+6
+37ycHgf/R0IMmiQLI+ycU3GaTV/GsjJxcBE44NCwJPUBxqgvjNpY7sUv5ROkaKy5
+wSKVneOjZf8KJSEZlb3FqYuGLEsph6e0qO0C8wjKGJs4Le1kVp6oJaKI6AXaDUHf
+EbKYRXDiSGnAbA57ncFOICNHXKjvj9E7NdxbYVLLak9ILzGAKH7gouCYLEIil0mx
+pfpb4FEoWYIJoKCGyBFZrdRYtBAEUG15QASJ5UDbCF2io4BL1T07cCeD3TnoHmwd
+3PXCaD6cE9c2p3cDuXsYStpPK8yCPr4F6gBQrJeP3x/wndK6j8JhuqsVQzXaTJm6
+vYCQEzULrRqVkfTDl1j8FtaWi0s5UA==
+=MSIv
+-----END PGP SIGNATURE-----
--- a/Botan.changes
+++ b/Botan.changes
@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Tue Apr 10 15:07:00 UTC 2018 - daniel.molkentin@suse.com
+
+- Update to Botan 2.6
+
+  * CVE-2018-9860 Fix a bug decrypting TLS CBC ciphertexts which could for a
+    malformed ciphertext cause the decryptor to read and HMAC an additional 64K
+    bytes of data which is not part of the record. This could cause a crash if
+    the read went into unmapped memory. No information leak or out of bounds
+    write occurs.
+
+  * Add support for OAEP labels (GH #1508)
+
+  * RSA signing is about 15% faster (GH #1523) and RSA verification is about 50% faster.
+
+  * Add exponent blinding to RSA (GH #1523)
+
+  * Add Cipher_Mode::create and AEAD_Mode::create (GH #1527)
+
+  * Fix bug in TLS server introduced in 2.5 which caused connection to fail if
+    the client offered any signature algorithm not known to the server (for
+    example RSA/SHA-224).
+
+  * Fix a bug in inline asm that would with GCC 7.3 cause incorrect
+    computations and an infinite loop during the tests. (GH #1524 #1529)
+
 -------------------------------------------------------------------
 Tue Apr  3 08:06:46 UTC 2018 - daniel.molkentin@suse.com

--- a/Botan.spec
+++ b/Botan.spec
@ -19,7 +19,7 @@
 %define version_suffix 2-5
 %define short_version 2
 Name:           Botan
-Version:        2.5.0
+Version:        2.6.0
 Release:        0
 Summary:        A C++ Crypto Library
 License:        BSD-2-Clause