- Update to 1.10.17
- Address a side channel affecting modular exponentiation. An attacker
capable of a local or cross-VM cache analysis attack may be able to recover
bits of secret exponents as used in RSA, DH, etc. CVE-2017-14737 Workaround
a miscompilation bug in GCC 7 on x86-32 affecting GOST-34.11 hash function.
(GH #1192#1148#882, bsc#1060433)
- Add SecureVector::data() function which returns the start of the buffer.
This makes it slightly simpler to support both 1.10 and 2.x APIs in the
same codebase. When compiled by a C++11 (or later) compiler, a template
typedef of SecureVector, secure_vector, is added. In 2.x this class is a
std::vector with a custom allocator, so has a somewhat different interface
than SecureVector in 1.10. But this makes it slightly simpler to support
both 1.10 and 2.x APIs in the same codebase.
- Fix a bug that prevented configure.py from running under Python3
- Botan 1.10.x does not support the OpenSSL 1.1 API. Now the build will
#error if OpenSSL 1.1 is detected. Avoid –with-openssl if compiling against
1.1 or later. (GH #753)
- Import patches from Debian adding basic support for
building on aarch64, ppc64le, or1k, and mipsn32 platforms.
* obsoletes CVE-2017-14737.patch
* refreshes aarch64-support.patch
* drop ppc64le-support.patch for upstream version
(disables altivec support as per concerns by upstream)
- Fix for CVE-2017-14737: A cryptographic cache-based side channel in the RSA
implementation allows local attacker to recover information about RSA secret
keys.
* add CVE-2017-14737.patch
OBS-URL: https://build.opensuse.org/request/show/531133
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=71
- Update to 1.10.16
* Fix a bug in X509 DN string comparisons that could result in out of bound
reads. This could result in information leakage, denial of service, or
potentially incorrect certificate validation results. (CVE-2017-2801)
* Avoid use of C++11 std::to_string in some code added in 1.10.14 (GH #747#834)
- Changes from 1.10.15:
* Change an unintended behavior of 2.0.0, which named the include directory
botan-2.0. Since future release of Botan-2 should be compatible with code
written against old versions, there does not seem to be any reason to
* version the include directory with the minor number. (GH #830#833)
* Fix a bug which caused an error when building on Cygwin or other platforms
where shared libraries are not supported. (GH #821)
* Enable use of readdir on Cygwin, which allows the tests to run (GH #824)
* Switch to readthedocs Sphinx theme by default (GH #822#823)
OBS-URL: https://build.opensuse.org/request/show/487344
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=64
* Fix integer overflow during BER decoding, found by Falko Strenzke.
This bug is not thought to be directly exploitable but upgrading ASAP
is advised. (CVE-2016-9132)
* Fix two cases where (in error situations) an exception would be
thrown from a destructor, causing a call to std::terminate.
* When RC4 is disabled in the build, also prevent it from being
included in the OpenSSL provider. (GH #638)
* Use constant time modular inverse algorithm to avoid possible side
channel attack against ECDSA (CVE-2016-2849)
* Use constant time PKCS #1 unpadding to avoid possible side channel
attack against RSA decryption (CVE-2015-7827)
* Avoid a compilation problem in OpenSSL engine when ECDSA was
disabled. Gentoo bug 542010
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=62
- bump SONAME to libbotan-1_10-1
- Update to 1.10.10
* SECURITY: The BER decoder would crash due to reading from offset 0
of an empty vector if it encountered a BIT STRING which did not
contain any data at all. As the type requires a 1 byte field this
is not valid BER but could occur in malformed data. Found with
afl. CVE-2015-5726
* SECURITY: The BER decoder would allocate a fairly arbitrary amount
of memory in a length field, even if there was no chance the read
request would succeed. This might cause the process to run out of
memory or invoke the OOM killer. Found with afl. CVE-2015-5727
* Due to an ABI incompatible (though not API incompatible) change in
this release, the version number of the shared object has been
increased.
* The default TLS policy no longer allows RC4.
* Fix a signed integer overflow in Blue Midnight Wish that may cause
incorrect computations or undefined behavior.
- Update to 1.10.9
* Fixed EAX tag verification to run in constant time
* The default TLS policy now disables SSLv3.
* A crash could occur when reading from a blocking random device if
the device initially indicated that entropy was available but a
concurrent process drained the entropy pool before the read was
initiated.
* Fix decoding indefinite length BER constructs that contain a
context sensitive tag of zero. Github pull 26 from Janusz Chorko.
* The botan-config script previously tried to guess its prefix from
the location of the binary. However this was error prone, and now
the script assumes the final installation prefix matches the value
set during the build. Github issue 29.
OBS-URL: https://build.opensuse.org/request/show/322627
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=51
- Update to 1.10.8
* Fix a bug in primality testing introduced in 1.8.3 which caused
only a single random base, rather than a sequence of random bases,
to be used in the Miller-Rabin test. This increased the
probability that a non-prime would be accepted, for instance a
1024 bit number would be incorrectly classed as prime with
probability around 2^-40. Reported by Jeff Marrison.
* The key length limit on HMAC has been raised to 512 bytes,
allowing the use of very long passphrases with PBKDF2.
- Update to 1.10.7
* OAEP had two bugs, one of which allowed it to be used even if the
key was too small, and the other of which would cause a crash
during decryption if the EME data was too large for the associated
key.
OBS-URL: https://build.opensuse.org/request/show/233310
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=47
be installed in parallel.
- Devel package renamed back to Botan-devel to keep rpmlint from
thinking it is a library package ...
- Update to 1.10.0:
New Features:
* SSL (SSLv3, TLS 1.0, and TLS 1.1 are currently supported)
* GOST 34.10-2001 signature scheme (a Russian ECC signature standard
analogous to ECDSA)
* The SHA-3 candidates Keccak and Blue Midnight Wish
* Bcrypt password hashing
* XSalsa20
* AES key wrapping
* Comb4P hash combinator.
Other Changes:
* The block cipher interface now exposes any possible parallelism
available to the implementation, and XTS, CTR, and CBC modes have been
changed to use them.
* SIMD implementations of Serpent, XTEA, Noekeon, and IDEA have been
added, as has an implementation of AES using SSSE3 which runs both in
constant time and, on recent processors, significantly faster than the
usual table based implementation. There have also been numerous
optimizations to elliptic curves.
* The documentation, previously written in LaTeX, is now in
reStructuredText, which is converted into HTML with Sphinx. This new
format is significantly easier to write, encouraging more documentation
to be written and updated. And, indeed, a number of features never
before documented are now described in the manual.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=18
- Enable building of the qt_mutex module. This means that from now
on libbotan requires libQtCore.
- Fix test for thread/mutex support to also work for Qt4.
- Update to 1.8.10:
* This release changes a number of aspects of how private keys are
encrypted. The default encryption algorithm has changed from 3DES
to AES-256
* The default iteration count for PBES1 and PBES2 encryption schemes
(which are used primarily to encrypt asymmetric keys like RSA or
DSA) has increased from 2048 to 10000, which should make brute
force key cracking substantially harder.
* The first round of AES now uses a smaller set of lookup tables;
this only reduces performance slightly but some timing and cache
analysis attacks against AES are substantially harder when AES is
implemented this way.
* The class known as S2K was renamed PBKDF in 1.9, with a typedef
for backwards compatibility. For providing an equivalent forward
compatibility path, 1.8.10 includes a typedef for PBKDF and a new
accessor function get_pbkdf. It also includes a new interface for
deriving keys with a passphrase which takes both the passphrase
and desired output length as well as the salt and iteration
count; in many cases this call is actually significantly more
convenient than the older API.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=16