1
0
forked from pool/Botan

Accepting request 206606 from devel:libraries:c_c++

Update Botan to 1.10.6 (forwarded request 206590 from netsroth)

OBS-URL: https://build.opensuse.org/request/show/206606
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/Botan?expand=0&rev=30
This commit is contained in:
Stephan Kulow 2013-11-12 14:03:29 +00:00 committed by Git OBS Bridge
commit 84b1674458
4 changed files with 48 additions and 4 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2934c00533847dc93c485081d3ce6aae4a110151a69b587b895241159da77cf3
size 2214817

3
Botan-1.10.6.tbz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:72a9be97350523ee1b06c8722032faa566fcb98456b0b7ac06b45a1dc4446fa7
size 2240595

View File

@ -1,3 +1,47 @@
-------------------------------------------------------------------
Mon Nov 11 20:11:43 UTC 2013 - tbehrens@suse.com
- Update to 1.10.6
* The device reading entropy source now attempts to read from all
available devices. Previously it would break out early if a
partial read from a blocking source occured, not continuing to
read from a non-blocking device. This would cause the library to
fall back on slower and less reliable techniques for collecting
PRNG seed material. Reported by Rickard Bellgrim.
* HMAC_RNG (the default PRNG implementation) now automatically
reseeds itself periodically. Previously reseeds only occured on
explicit application request.
* Fix an encoding error in EC_Group when encoding using
EC_DOMPAR_ENC_OID. Reported by fxdupont on github.
* In EMSA2 and Randpool, avoid calling name() on objects after
deleting them if the provided algorithm objects are not suitable
for use. Found by Clang analyzer, reported by Jeffrey Walton.
* If X509_Store was copied, the u32bit containing how long to cache
validation results was not initialized, potentially causing
results to be cached for significant amounts of time. This could
allow a certificate to be considered valid after its issuing CAs
cert expired. Expiration of the end-entity cert is always checked,
and reading a CRL always causes the status to be reset, so this
issue does not affect revocation. Found by Coverity scanner.
* Avoid off by one causing a potentially unterminated string to be
passed to the connect system call if the library was configured to
use a very long path name for the EGD socket. Found by Coverity
Scanner.
* In PK_Encryptor_EME, PK_Decryptor_EME, PK_Verifier, and
PK_Key_Agreement, avoid dereferencing an unitialized pointer if no
engine supported operations on the key object given. Found by
Coverity scanner.
* Avoid leaking a file descriptor in the /dev/random and EGD entropy
sources if stdin (file descriptor 0) was closed. Found by Coverity
scanner.
* Avoid a potentially undefined operation in the bit rotation
operations. Not known to have caused problems under any existing
compiler, but might have caused problems in the future. Caught by
Clang sanitizer, reported by Jeffrey Walton.
* Increase default hash iterations from 10000 to 50000 in PBES1 and
PBES2
* Add a fix for mips64el builds from Brad Smith.
-------------------------------------------------------------------
Sat Mar 16 13:44:43 UTC 2013 - cgiboudeaux@gmx.com

View File

@ -20,7 +20,7 @@
%define short_version 1.10
Name: Botan
Version: 1.10.5
Version: 1.10.6
Release: 0
Url: http://botan.randombit.net
Summary: A C++ Crypto Library