Accepting request 51084 from security

Accepted submit request 51084 from user coolo

OBS-URL: https://build.opensuse.org/request/show/51084
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/john?expand=0&rev=10

john-1.7.4.2.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:15f209a17f1a8a097828db4c75ae29644ea678292e8430752bb1b240d338e35b
-size 663819

john-1.7.6.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4fdfebebdc1523869f3c64a2993ff7041c8af47e9c58309575d1fdef54636c0f
+size 669568

john.changes

@@ -1,3 +1,51 @@
+-------------------------------------------------------------------
+Thu Sep  9 16:39:40 UTC 2010 - lars@linux-schulserver.de
+
+- update to 1.7.6:
+  + Generic crypt(3) support (enabled with "--format=crypt") has been 
+    added for auditing password hash types supported by the system but 
+    not yet supported by John's own optimized cryptographic routines 
+    (such as "SHA-crypt" and SunMD5).
+  + Optional parallelization of the above has been implemented by 
+    means of OpenMP along with glibc's crypt_r(3)
+  + Optional parallelization of John's own optimized code for the 
+    OpenBSD-style Blowfish-based crypt(3) (bcrypt) hashes with OpenMP 
+    has been added
+  + A more suitable version of 32-bit x86 assembly code for Blowfish 
+    is now chosen on Core i7 and similar CPUs (in 32 bit mode)
+  + More optimal DES S-box expressions for PowerPC with AltiVec
+  + The bitslice DES C source code has been reworked to allow for 
+    the use of arbitrary SIMD intrinsics, which was previously only 
+    implemented for AltiVec as a special case
+  + Support for SSE2 and MMX intrinsics with bitslice DES (as an 
+    alternative to the supplied assembly code) has been added 
+    (currently only enabled for SSE2 on x86-64)
+  + Support for mixed-type longer virtual vectors (such as SSE2+MMX, 
+    SSE2+ALU, AltiVec+ALU, and other combinations) with bitslice 
+    DES has been added
+  + The loader will now detect password hashes specified on a line
+    on their own, not only as part of an /etc/passwd or PWDUMP 
+    format file
+  + When run in "--stdin" mode and reading candidate passwords from 
+    a terminal (to be typed by the user), John will no longer mess 
+    with the terminal settings
+  + John will now restore terminal settings not only on normal 
+    termination or interrupt, but also when forcibly interrupted 
+    with two Ctrl-C keypresses 
+  + A new numeric variable has been added to the word mangling rules 
+    engine: "p" for position of the character last found with the 
+    "/" or "%" commands 
+  + Support for the use of "--format" along with "--show" or 
+    "--make-charset" has been added
+  + The choice of .rec and .log filenames for custom session names 
+    has been made more intuitive
+  + Support for "\r" (character lists with repeats) and "\p0" 
+    (reference to the immediately preceding character list/range) 
+    has been added to the word mangling rules preprocessor
+  + The undefined and undocumented behavior of some subtle word 
+    mangling rules preprocessor constructs has been changed to 
+    arguably be more sensible
+
 -------------------------------------------------------------------
 Thu Feb 11 21:53:39 CET 2010 - lrupp@suse.de
 

john.spec

@@ -1,5 +1,5 @@
 #
-# spec file for package john (Version 1.7.4.2)
+# spec file for package john (Version 1.7.6)
 #
 # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -22,7 +22,7 @@ Name:           john
 Url:            http://www.openwall.com/john/
 License:        GPLv2+
 Group:          Productivity/Security
-Version:        1.7.4.2
+Version:        1.7.6
 Release:        1
 Summary:        Detects Weak Passwords
 Source:         %{name}-%{version}.tar.bz2