Accepting request 531210 from devel:libraries:c_c++

1 OBS-URL: https://build.opensuse.org/request/show/531210 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/Botan?expand=0&rev=44
2017-10-10 09:34:03 +00:00 · 2017-10-10 09:34:03 +00:00 · 68fd4afc3b
commit 68fd4afc3b
parent 2d4a54782e 8b274fb891
8 changed files with 65 additions and 47 deletions
--- a/Botan-1.10.16.tgz
+++ b/Botan-1.10.16.tgz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:6c5472401d06527e87adcb53dd270f3c9b1fb688703b04dd7a7cfb86289efe52
 size 2711177
--- a/Botan-1.10.16.tgz.asc
+++ b/Botan-1.10.16.tgz.asc
@ -1,11 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAljkQzcACgkQYhHr8e+6
 37zwOAf9G0+rAaNoq5K9m4LZq4A1jP1B4HBsrddLu0PFCCDD8usYNTJkSUhoVTTt
 BZqFa9NK8+NV/cELnRiiVw1mvMCN981tzl2rBiE6yw3CrfvuLYGX21Vc3RNIIjYs
 rdH5oIvRP7C7zmRP3uuybFefsI6XXUVppjFcP6N14zDNXQxl2eoW9LZbxl0m28Dp
 tMum3qSIaQemcJzOpfoXYW1A/Q3Rz8Wh3Xh1Jfjm8kUY9GOGtf9vQwO8Jb4jn9kJ
 ftyoDlBWMQAgPd3DXKx/tfn7YcshbgmCW6lrqrwMIz84ESqkqZt8h/olPrJK/8tO
 cdPl7ovtfSfQXWRJzAL3ehF1HeKZVg==
 =EDPN
 -----END PGP SIGNATURE-----
--- a/Botan-1.10.17.tgz
+++ b/Botan-1.10.17.tgz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:6847ffb64b8d2f939dccfecc17bd2c80385d08f7621e2c56d3a335118e823613
 size 2706678
--- a/Botan-1.10.17.tgz.asc
+++ b/Botan-1.10.17.tgz.asc
@ -0,0 +1,11 @@
 -----BEGIN PGP SIGNATURE-----
 iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAlnSZaQACgkQYhHr8e+6
 37xtgwf+KcmgrrfzAF6HLJJwOvMom+SnpHShvoMPqfmXwhvKELCQ8TypARF7Zbjw
 e6M6Nvb/u2PhEoEX4p2vYPLxxtz+la5xXBa+UDbSO9nppFe0z6qIyR793gYWaUUT
 vBonBeComOtn5vYEQ6Xj+X8JjH3xK1oKX+jNWHLKHcMUoNdRdu3dYS9Tkbvyy9DY
 yjUrOE9/N8ATjSN9dEC0Xa29CMhgYxquIz6FuMspPxJHHD5/GrP+h5LfnR76vkaK
 CBilE9VEYoLSTDQyHb6g0/Fz1l+YM159oe2SmFdOGBzI02EkYGBXxYc9fSpw92oH
 rokKA1Q23WpaK0bzduvduBreYtIpsw==
 =1D+U
 -----END PGP SIGNATURE-----
--- a/Botan.changes
+++ b/Botan.changes
@ -1,3 +1,41 @@
 -------------------------------------------------------------------
 Wed Oct  4 07:49:54 UTC 2017 - daniel.molkentin@suse.com
 - Update to 1.10.17
  - Address a side channel affecting modular exponentiation. An attacker
    capable of a local or cross-VM cache analysis attack may be able to recover
    bits of secret exponents as used in RSA, DH, etc. CVE-2017-14737 Workaround
    a miscompilation bug in GCC 7 on x86-32 affecting GOST-34.11 hash function.
    (GH #1192 #1148 #882, bsc#1060433)
  - Add SecureVector::data() function which returns the start of the buffer.
    This makes it slightly simpler to support both 1.10 and 2.x APIs in the
    same codebase.  When compiled by a C++11 (or later) compiler, a template
    typedef of SecureVector, secure_vector, is added. In 2.x this class is a
    std::vector with a custom allocator, so has a somewhat different interface
    than SecureVector in 1.10. But this makes it slightly simpler to support
    both 1.10 and 2.x APIs in the same codebase.
  - Fix a bug that prevented configure.py from running under Python3
  - Botan 1.10.x does not support the OpenSSL 1.1 API. Now the build will
    #error if OpenSSL 1.1 is detected. Avoid –with-openssl if compiling against
    1.1 or later. (GH #753)
  - Import patches from Debian adding basic support for
    building on aarch64, ppc64le, or1k, and mipsn32 platforms.
  * obsoletes CVE-2017-14737.patch
  * refreshes aarch64-support.patch
  * drop ppc64le-support.patch for upstream version
    (disables altivec support as per concerns by upstream)
 -------------------------------------------------------------------
 Tue Sep 26 13:03:46 UTC 2017 - daniel.molkentin@suse.com
 - Fix for CVE-2017-14737: A cryptographic cache-based side channel in the RSA
  implementation allows local attacker to recover information about RSA secret
  keys.
  * add CVE-2017-14737.patch
 -------------------------------------------------------------------
 Thu Sep 21 09:48:17 UTC 2017 - vcizek@suse.com
--- a/Botan.spec
+++ b/Botan.spec
@ -19,7 +19,7 @@
 %define version_suffix 1_10-1
 %define short_version 1.10
 Name:           Botan
-Version:        1.10.16
+Version:        1.10.17
 Release:        0
 Summary:        A C++ Crypto Library
 License:        BSD-2-Clause
@ -36,7 +36,6 @@ Patch4:         Botan-no-buildtime.patch
 Patch6:         Botan-fix_pkgconfig.patch
 Patch7:         dont-set-mach-value.diff
 Patch8:         aarch64-support.patch
 Patch9:         ppc64le-support.patch
 Patch10:        no-cpuid-header.patch
 BuildRequires:  bzip2 >= 1.0.2
 BuildRequires:  gcc-c++
@ -94,8 +93,7 @@ programs that use the Botan library.
 %patch4
 %patch6
 %patch7 -p1
-%patch8
+%patch8 -p1
 %patch9
 %if 0%{?suse_version} == 1110
 %patch10 -p1
 %endif
--- a/aarch64-support.patch
+++ b/aarch64-support.patch
@ -1,11 +1,11 @@
-Index: src/build-data/arch/aarch64.txt
+diff --git a/src/build-data/arch/aarch64.txt b/src/build-data/arch/aarch64.txt
-===================================================================
+index 863b000c5..9ea51c936 100644
--- /dev/null
+--- a/src/build-data/arch/aarch64.txt
-+++ src/build-data/arch/aarch64.txt
+++ b/src/build-data/arch/aarch64.txt
-@@ -0,0 +1,6 @@
+@@ -2,5 +2,6 @@ endian little
-+endian little
+ 
-+
+ <aliases>
-+<aliases>
+ arm64 # For Debian
-+arm64
+armv8 # For SUSE
-+armv8
+ </aliases>
-+</aliases>
+
--- a/ppc64le-support.patch
+++ b/ppc64le-support.patch
@ -1,18 +0,0 @@
 --- /dev/null	2013-11-30 20:09:56.080000808 +0100
 +++ src/build-data/arch/ppc64le.txt	2013-12-08 23:56:25.465510000 +0100
@@ -0,0 +1,15 @@
 +endian little 
 +
 +family ppc
 +
 +<aliases>
 +powerpc64le
 +</aliases>
 +
 +<submodels>
 +power7
 +</submodels>
 +
 +<isa_extn>
 +altivec:power7
 +</isa_extn>