cpanmirror/perl-Crypt-CBC
SHA256
1
0
Fork 0
forked from perl/perl-Crypt-CBC
Code Pull Requests Activity
Files
autoupdate
perl-Crypt-CBC/perl-Crypt-CBC.changes

260 lines
9.6 KiB
Plaintext
Raw Permalink Blame History

-------------------------------------------------------------------
Fri Aug 22 20:44:06 UTC 2025 - Tina Müller <timueller+perl@suse.de>
- updated to 3.70.0 (3.07)
see /usr/share/doc/packages/perl-Crypt-CBC/Changes
3.07 -- Sun Jul 27 11:49:54 ADT 2025
[Changes Since 3.04]
- New maintainer
- Fix CVE-2025-2814 by using Crypt::URandom
- 3.05 Fixed bug involving manually-specified key not being used in some circumstances
- Fix decryption of ciphertext created with 'header' => 'randomiv'
- Fixed bug in which manually-specified key and -pkdf=>"none" was not having effect
- Converted build process to Dist::Zilla
- Miscellaneous minor Dist::Zilla relates changes
[Detailed Change Log]
- 74e3a10 Increment repo version
- feb4b31 Rename vulnerabilities file add CVE-2025-2814
- 236c363 Update .gitignore
- 4a39da8 Fix spelling error
- 99d336a Automate version with Dist::Zilla
- 89ac06d Convert build process to Dist::Zilla
- 784d599 Fix CVE-2025-2814 by using Crypt::URandom to read random bytes
- 81a8f77 Add test for github issue #7
- 40d0e13 Increment version
- 160af60 Fix decryption of ciphertext created with 'header' => 'randomiv'
- 524db90 Fixed bug in which manually-specified key and -pkdf=>"none" was not having effect
3.05 Thu 20 May 2021 12:00:18 PM EDT
- Fixed bug involving manually-specified key not being used in some circumstances.
-------------------------------------------------------------------
Wed May 19 03:06:13 UTC 2021 - Tina Müller <timueller+perl@suse.de>
- updated to 3.04
see /usr/share/doc/packages/perl-Crypt-CBC/Changes
3.04 Mon 17 May 2021 10:58:37 AM EDT
- Fixed bug involving manually-specified IV not being used in some circumstances.
-------------------------------------------------------------------
Fri Apr 23 19:47:42 UTC 2021 - Tina Müller <tina.mueller@suse.com>
- Add manual license
-------------------------------------------------------------------
Tue Apr 20 03:06:48 UTC 2021 - Tina Müller <timueller+perl@suse.de>
- updated to 3.03
see /usr/share/doc/packages/perl-Crypt-CBC/Changes
3.03 Sun 18 Apr 2021 10:54:19 PM EDT
- Fixed bug which caused an extraneous block of garbage data to be appended to encrypted
string when "nopadding" specified and plaintext is even multiple of blocksize.
3.02
- CTR mode now requires the Math::Int128 module, which gives a ~5x performance
boost over Math::BigInt.
3.01
- Warn when the deprecated opensslv1 PBKDF (key derivation function) is used
for encryption. Turn off with -nodeprecate=>1 or by choosing a different
PBKDF, such as -pbkdf=>'pbkdf2'.
- Fix a regression when passing the legacy -salt=>1 argument.
3.00 Sun Feb 7 10:28:08 EST 2021
- Released version 3.00 in recognition of multiple new features
and cleanups.
2.37 Sun Feb 7 10:20:17 EST 2021
- Added better argument checking.
- Fixed long-standing standard padding bug: plaintext ending with
bytes between 0x00 and 0x0A would be truncated in some conditions.
- Fixed Rijndael_compat padding.
2.36 Wed 03 Feb 2021 09:19:06 AM EST
- Add support for OFB, CFB and CTR chain modes.
- New dependency: Math::BigInt
2.35 Sun Jan 31 22:02:42 EST 2021
- Add support for PBKDF2 key derivation algorithm
- New dependencies: Digest::SHA, Crypt::PBKDF2, Crypt::Cipher::AES
2.34 Fri Jan 29 18:08:12 EST 2021
- Support for openssl SHA-256 key derivation algorithm
-------------------------------------------------------------------
Tue Aug 6 17:49:08 UTC 2013 - coolo@suse.com
- updated to 2.33
- Fix minor RT bugs 83175 and 86455.
-------------------------------------------------------------------
Mon Jun 3 15:59:58 UTC 2013 - coolo@suse.com
- updated to 2.32
- Fixes "Taint checks are turned on and your key is tainted" error when autogenerating salt and IV.
- Fixes to regular expressions to avoid rare failures to
correctly strip padding in decoded messages.
- Add padding type = "none".
- Both fixes contributed by Bas van Sisseren.
-------------------------------------------------------------------
Fri Nov 18 11:08:00 UTC 2011 - coolo@suse.com
- use original .tar.gz
-------------------------------------------------------------------
Fri Aug 26 23:14:51 UTC 2011 - chris@computersalat.de
- remove Author from desc
- added bcond_with opt
o test optional pkgs via local build (osc build --with opt)
- fix deps for CentOS
- some spec cleanup
-------------------------------------------------------------------
Wed Dec 8 14:08:46 UTC 2010 - coolo@novell.com
- avoid even more requires to avoid even more cycles
-------------------------------------------------------------------
Tue Nov 30 20:54:59 UTC 2010 - coolo@novell.com
- remove extra requires to avoid cycle
-------------------------------------------------------------------
Wed Nov 24 20:33:31 UTC 2010 - chris@computersalat.de
- recreated by cpanspec 1.78
o fix deps
- noarch pkg
-------------------------------------------------------------------
Sun Jan 10 15:43:32 CET 2010 - jengelh@medozas.de
- enable parallel build
-------------------------------------------------------------------
Fri Feb 27 10:47:24 CET 2009 - anicka@suse.cz
- update to 2.30
* setting $cipher correctly
-------------------------------------------------------------------
Thu Jun 19 16:36:38 CEST 2008 - anicka@suse.cz
- update to 2.29
* Fixed errors that occurred when encrypting/decrypting utf8
strings in Perl's more recent than 5.8.8.
-------------------------------------------------------------------
Wed Apr 2 13:49:11 CEST 2008 - anicka@suse.cz
- update to 2.28
- Fixed bug in onesandzeroes test that causes it to fail
with Rijndael module is not installed.
- When taint mode is turned on and user is using a tainted key,
explicitly check tainting of key in order to avoid "cryptic"
failure messages from some crypt modules.
- Fixed onezeropadding test, which was not reporting
its test count properly.
- Fixed failure of oneandzeroes padding when plaintext size is
an even multiple of blocksize.
- Added new "rijndael_compat" padding method, which is compatible
with the oneandzeroes padding method used by Crypt::Rijndael in
CBC mode.
-------------------------------------------------------------------
Mon Oct 8 09:26:27 CEST 2007 - anicka@suse.cz
- update to 2.24
* Fixed failure to run under taint checks with Crypt::Rijndael
or Crypt::OpenSSL::AES (and maybe other Crypt modules).
* Added checks for other implementations of CBC which add no
standard padding at all when cipher text is an even multiple
of the block size.
-------------------------------------------------------------------
Tue Dec 12 13:07:03 CET 2006 - anicka@suse.cz
- update to 2.22
* Fixed bug in which plaintext encrypted with the
-literal_key option could not be decrypted using a new
object created with the same -literal_key.
* Added documentation confirming that -literal_key must be
accompanied by a -header of 'none' and a manually specificied IV.
-------------------------------------------------------------------
Thu Oct 19 16:58:09 CEST 2006 - anicka@suse.cz
- update to 2.21
* Fixed bug in which new() failed to work when first option is
-literal_key.
* Added ability to pass a preinitialized Crypt::* block cipher
object instead of the class name.
-------------------------------------------------------------------
Thu Sep 14 12:18:51 CEST 2006 - anicka@suse.cz
- update to 2.19
* Renamed Crypt::CBC-2.16-vulnerability.txt so that
package installs correctly under Cygwin
-------------------------------------------------------------------
Fri Jul 14 08:50:45 CEST 2006 - anicka@suse.cz
- update to 2.18
* added lots of documentation
* fixed using 8 byte IVs when generating the old-style RandomIV
style header for the Rijndael algorithm.
* versions 2.17 and higher will not decrypt messages
encrypted with versions 2.16 and lower unless you pass
an optional value 'randomiv' to the new() call
-------------------------------------------------------------------
Wed Apr 5 16:18:58 CEST 2006 - schubi@suse.de
- Bug 153627 - VUL-0: perl-Crypt-CBC: ciphertext weakness when using certain block algorithms
-------------------------------------------------------------------
Wed Jan 25 21:39:34 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Mon Jul 11 15:59:03 CEST 2005 - schubi@suse.de
- update to 2.14
-------------------------------------------------------------------
Fri Apr 15 11:06:17 CEST 2005 - schubi@suse.de
- update to 2.12
-------------------------------------------------------------------
Sun Jan 11 11:32:08 CET 2004 - adrian@suse.de
- build as user
-------------------------------------------------------------------
Fri Aug 22 14:18:13 CEST 2003 - mjancar@suse.cz
- require the perl version we build with
-------------------------------------------------------------------
Fri Jul 18 12:24:30 CEST 2003 - choeger@suse.de
- use install_vendor and new %perl_process_packlist macro
-------------------------------------------------------------------
Tue Jun 17 11:04:55 CEST 2003 - choeger@suse.de
- updated filelist
- update to version 2.08
-------------------------------------------------------------------
Mon May 19 13:53:36 CEST 2003 - choeger#@suse.de
- remove installed (but unpackaged) file perllocal.pod
-------------------------------------------------------------------
Wed Aug 14 11:12:58 CEST 2002 - choeger@suse.de
- new package, version 2.07
View Git Blame Copy Permalink