- update to 2.18.2:

* Avoid using short exponents when encrypting in ElGamal, as some PGP
    implementations generate keys with parameters that are weak when
    short exponents are used
  * Fix a low risk OAEP decryption side channel
  * Work around a miscompilation of SHA-3 caused by a bug in Clang 12
    and XCode 13
  * Remove support in OpenSSL provider for algorithms which are
    disabled by default in OpenSSL 3.0
  * Add CI based on GitHub actions to replace Travis CI
  * Fix the online OCSP test, as the certificate involved had expired.
  * Fix some test failures induced by the expiration of the trust root
    "DST Root CA X3"

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=108

Botan-2.18.1.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f8c7b46222a857168a754a5cc329bb780504122b270018dda5304c98db28ae29
-size 5953936

Botan-2.18.1.tar.xz.asc

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAmCX21UACgkQYhHr8e+6
-37w/GQgAghNHcXtxhN4BKgVEdie2YW9Q0JFKIMixWhXbPh1gM8xLBVq23WmWaXcf
-ThcI/Vby9ATAduMTsrnQEw6gz2DSrQDMcPFPU3cOnTW145CATKL3ZFSmISItkC0B
-ZZ4s8f6dgxSvPFve87V5Zj9TOrlmLOA5iwjmBbzZaTTWDH7R5XrfybXETOIeorqr
-5ZJ3HccwrN53UuQ4GdLXCHyMKt4KJXFrxFajuscT0iVcZ03OO1aL7YF8s20eOqrO
-UCvYn8Zq4kw7tphLNN5J3beMj8Gjy4bbAxMEAVItYftZbu4Eg/Me/ePuRRNmtWfg
-RCOgMK/LI6Xse+I3bBSYfsnlzY8hvw==
-=6QR4
------END PGP SIGNATURE-----

Botan-2.18.2.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:541a3b13f1b9d30f977c6c1ae4c7bfdfda763cda6e44de807369dce79f42307e
+size 5996928

Botan-2.18.2.tar.xz.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAmF2qtoACgkQYhHr8e+6
+37ydswgAvLxU21J5j4xdOjC+XLfKIgpoZy5hxRZFQlQrEU3nhAxH2pYuCmBAwe5+
+yv8MlzBEZoipDAU8zwnkGAUQqXDhhp1g9jjOFW8BoWzDGqZhnz3+Tyae82QjY3gq
+ne1tdb+pNgOlTwVHYizF8rKqeCICnPrXgDD7IyrGV/FJK93xOWS8nvjFw9MInAPn
+mJRVBefnuiiwpDEH4HMbvrVb/qZb7/2R99FqQj9+Wgqu+xnPvLXLypbNQyEpXb9k
+FxLRT6zCyv1Rx1faHg5CQkSTolY/GIKVD+xbbc3TQg0/bZQ349kGdeJ5Uxtvnof0
+bvL6AWi8Gv0S7Mj/clUdud2/Twc3Fg==
+=nzWt
+-----END PGP SIGNATURE-----

Botan.changes

@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Wed Nov 24 20:02:41 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 2.18.2:
+  * Avoid using short exponents when encrypting in ElGamal, as some PGP
+    implementations generate keys with parameters that are weak when
+    short exponents are used
+  * Fix a low risk OAEP decryption side channel
+  * Work around a miscompilation of SHA-3 caused by a bug in Clang 12
+    and XCode 13
+  * Remove support in OpenSSL provider for algorithms which are
+    disabled by default in OpenSSL 3.0
+  * Add CI based on GitHub actions to replace Travis CI
+  * Fix the online OCSP test, as the certificate involved had expired.
+  * Fix some test failures induced by the expiration of the trust root
+    "DST Root CA X3"
+
 -------------------------------------------------------------------
 Mon May 10 11:05:35 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
 

Botan.spec

@@ -20,7 +20,7 @@
 %define version_suffix 2-18
 %define short_version 2
 Name:           Botan
-Version:        2.18.1
+Version:        2.18.2
 Release:        0
 Summary:        A C++ Crypto Library
 License:        BSD-2-Clause