From 2aadc8f2c5201d7a9141d771d661c9e94bbc738ce998f1643e17919cb9dfe915 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Wed, 24 Nov 2021 20:13:49 +0000 Subject: [PATCH] - update to 2.18.2: * Avoid using short exponents when encrypting in ElGamal, as some PGP implementations generate keys with parameters that are weak when short exponents are used * Fix a low risk OAEP decryption side channel * Work around a miscompilation of SHA-3 caused by a bug in Clang 12 and XCode 13 * Remove support in OpenSSL provider for algorithms which are disabled by default in OpenSSL 3.0 * Add CI based on GitHub actions to replace Travis CI * Fix the online OCSP test, as the certificate involved had expired. * Fix some test failures induced by the expiration of the trust root "DST Root CA X3" OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=108 --- Botan-2.18.1.tar.xz | 3 --- Botan-2.18.1.tar.xz.asc | 11 ----------- Botan-2.18.2.tar.xz | 3 +++ Botan-2.18.2.tar.xz.asc | 11 +++++++++++ Botan.changes | 17 +++++++++++++++++ Botan.spec | 2 +- 6 files changed, 32 insertions(+), 15 deletions(-) delete mode 100644 Botan-2.18.1.tar.xz delete mode 100644 Botan-2.18.1.tar.xz.asc create mode 100644 Botan-2.18.2.tar.xz create mode 100644 Botan-2.18.2.tar.xz.asc diff --git a/Botan-2.18.1.tar.xz b/Botan-2.18.1.tar.xz deleted file mode 100644 index b730816..0000000 --- a/Botan-2.18.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f8c7b46222a857168a754a5cc329bb780504122b270018dda5304c98db28ae29 -size 5953936 diff --git a/Botan-2.18.1.tar.xz.asc b/Botan-2.18.1.tar.xz.asc deleted file mode 100644 index ee94608..0000000 --- a/Botan-2.18.1.tar.xz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAmCX21UACgkQYhHr8e+6 -37w/GQgAghNHcXtxhN4BKgVEdie2YW9Q0JFKIMixWhXbPh1gM8xLBVq23WmWaXcf -ThcI/Vby9ATAduMTsrnQEw6gz2DSrQDMcPFPU3cOnTW145CATKL3ZFSmISItkC0B -ZZ4s8f6dgxSvPFve87V5Zj9TOrlmLOA5iwjmBbzZaTTWDH7R5XrfybXETOIeorqr -5ZJ3HccwrN53UuQ4GdLXCHyMKt4KJXFrxFajuscT0iVcZ03OO1aL7YF8s20eOqrO -UCvYn8Zq4kw7tphLNN5J3beMj8Gjy4bbAxMEAVItYftZbu4Eg/Me/ePuRRNmtWfg -RCOgMK/LI6Xse+I3bBSYfsnlzY8hvw== -=6QR4 ------END PGP SIGNATURE----- diff --git a/Botan-2.18.2.tar.xz b/Botan-2.18.2.tar.xz new file mode 100644 index 0000000..a5196c3 --- /dev/null +++ b/Botan-2.18.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:541a3b13f1b9d30f977c6c1ae4c7bfdfda763cda6e44de807369dce79f42307e +size 5996928 diff --git a/Botan-2.18.2.tar.xz.asc b/Botan-2.18.2.tar.xz.asc new file mode 100644 index 0000000..4625bb6 --- /dev/null +++ b/Botan-2.18.2.tar.xz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAmF2qtoACgkQYhHr8e+6 +37ydswgAvLxU21J5j4xdOjC+XLfKIgpoZy5hxRZFQlQrEU3nhAxH2pYuCmBAwe5+ +yv8MlzBEZoipDAU8zwnkGAUQqXDhhp1g9jjOFW8BoWzDGqZhnz3+Tyae82QjY3gq +ne1tdb+pNgOlTwVHYizF8rKqeCICnPrXgDD7IyrGV/FJK93xOWS8nvjFw9MInAPn +mJRVBefnuiiwpDEH4HMbvrVb/qZb7/2R99FqQj9+Wgqu+xnPvLXLypbNQyEpXb9k +FxLRT6zCyv1Rx1faHg5CQkSTolY/GIKVD+xbbc3TQg0/bZQ349kGdeJ5Uxtvnof0 +bvL6AWi8Gv0S7Mj/clUdud2/Twc3Fg== +=nzWt +-----END PGP SIGNATURE----- diff --git a/Botan.changes b/Botan.changes index d810390..3735031 100644 --- a/Botan.changes +++ b/Botan.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Wed Nov 24 20:02:41 UTC 2021 - Dirk Müller + +- update to 2.18.2: + * Avoid using short exponents when encrypting in ElGamal, as some PGP + implementations generate keys with parameters that are weak when + short exponents are used + * Fix a low risk OAEP decryption side channel + * Work around a miscompilation of SHA-3 caused by a bug in Clang 12 + and XCode 13 + * Remove support in OpenSSL provider for algorithms which are + disabled by default in OpenSSL 3.0 + * Add CI based on GitHub actions to replace Travis CI + * Fix the online OCSP test, as the certificate involved had expired. + * Fix some test failures induced by the expiration of the trust root + "DST Root CA X3" + ------------------------------------------------------------------- Mon May 10 11:05:35 UTC 2021 - Andreas Stieger diff --git a/Botan.spec b/Botan.spec index 5964a5d..4e513ec 100644 --- a/Botan.spec +++ b/Botan.spec @@ -20,7 +20,7 @@ %define version_suffix 2-18 %define short_version 2 Name: Botan -Version: 2.18.1 +Version: 2.18.2 Release: 0 Summary: A C++ Crypto Library License: BSD-2-Clause