Accepting request 1187484 from devel:libraries:c_c++

OBS-URL: https://build.opensuse.org/request/show/1187484
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/Botan?expand=0&rev=65

Botan-2.19.3.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:dae047f399c5a47f087db5d3d9d9e8f11ae4985d14c928d71da1aff801802d55
-size 6105896

Botan-2.19.3.tar.xz.asc

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAmN1EHoACgkQYhHr8e+6
-37xxPggAp0uJtVxOzeAmFXMiW1jwB0Ctz3MqKkVI9bxSdOrJMb31B/ZO3dDYTO/G
-TCMzzuh8F1a+FKK9sTFI45OzMOFaoTemm+p76uuVwXl+UkcoU1huzOKtFB51Gdpy
-auzbiInsVVXPDSORy5Ic6B6WmZvxx2BEtN7dLjcxVP1WboJZLvTWlccBRxCTVDn3
-8JnU41x+W7LNc4+2M3gQoRgo0eibVpJ7G46FkapFVi5HuuIERsAUKO0zF3slRJwe
-Z7fOdQLRuq4ZA8QQikRX/B1cMhRPXP0m9qXM3g2xvu+eckCZvByzx9KibOJa++Y+
-SA9RVKtyvF1EQNZxH4SO3/1cfzTw1w==
-=SgX6
------END PGP SIGNATURE-----

Botan-2.19.5.tar.xz.asc

@@ -0,0 +1,12 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAmaL/agACgkQYhHr8e+6
+37wGJggAnreZh5SxH/FQTgeLtLD+Fb11cnyBstQeWuJq0Np/bPSsEzwgMLu9F/0/
+DWOH74eDLds8FUhh/w39bOkNgd2r6FTBLjnN1g8M86jsTg7ILlG04tbc1GF79Mx8
+GxDBdfNsKmqKEzVJBWHbwnqjvOR9oO2bdKLe2NCJ9jyrw5xyHNhfOEG7zXzpfFFN
+DM16kl2OVYnYrbDQyVGW9JNi+038qyR3fBfkWInOd8WoiimrOTk5+HuBL06RhWGN
+yiHT9P5AK/45fhCcs0yFiUpfrz85MfqqT6vIygV7v2fDElfpTX12LB1I7id8QyDN
+m9gqpB0mP0ewxaO0sIuV0UXk+ntfDg==
+=IUJq
+-----END PGP SIGNATURE-----
+

Botan.changes

@@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Mon Jul 15 05:50:55 UTC 2024 - Angel Yankov <angel.yankov@suse.com>
+
+- Update to 2.19.5:
+  * Fix multiple Denial of service attacks due to X.509 cert processing:
+  * CVE-2024-34702 - bsc#1227238
+  * CVE-2024-34703 - bsc#1227607
+  * CVE-2024-39312 - bsc#1227608
+  * Fix a crash in OCB
+  * Fix a test failure in compression with certain versions of zlib 
+  * Fix some iterator debugging errors in TLS CBC decryption. 
+  * Avoid a miscompilation in ARIA when using XCode 14
+
 -------------------------------------------------------------------
 Fri Nov 17 13:18:55 UTC 2023 - Marcus Meissner <meissner@suse.com>
 

Botan.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package Botan
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
 %define version_suffix 2-19
 %define short_version 2
 Name:           Botan
-Version:        2.19.3
+Version:        2.19.5
 Release:        0
 Summary:        A C++ Crypto Library
 License:        BSD-2-Clause