* Notice: Botan 3.7.0 will remove support for the currently
supported experimental Kyber r3 TLS ciphersuites, leaving only
the standardized ML-KEM suites.
* Fix a bug in x86 CPUID detection introduced in 3.6.0 which would
cause crashes on systems which have BMI1 but not BMI2.
(gh#randombit/botan#4401)
* Fix a bug in SLH-DSA signing, which did not default to the FIPS
required randomized variant. (gh#randombit/botan#4398)
* Modify how elliptic curve blinding is performed, reducing the
number of self-additions that may occur during multiplication.
* In speed command line utility, also iterate keygen several times.
- Update to 2.19.5:
* Fix multiple Denial of service attacks due to X.509 cert processing:
* CVE-2024-34702 - bsc#1227238
* CVE-2024-34703 - bsc#1227607
* CVE-2024-39312 - bsc#1227608
* Fix a crash in OCB
* Fix a test failure in compression with certain versions of zlib
* Fix some iterator debugging errors in TLS CBC decryption.
* Avoid a miscompilation in ARIA when using XCode 14
OBS-URL: https://build.opensuse.org/request/show/1187477
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=118
