Accepting request 1327180 from devel:libraries:c_c++

OBS-URL: https://build.opensuse.org/request/show/1327180
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libcryptopp?expand=0&rev=44

libcryptopp-CVE-2024-28285.patch

@@ -4,23 +4,23 @@ Date:   Wed May 28 16:17:10 2025 +0300
 
     Fix ElGamal side channel issue
 
-diff --git a/pubkey.h b/pubkey.h
+Index: cryptopp-CRYPTOPP_8_9_0/pubkey.h
-index 31e00a33..b12ef458 100644
+===================================================================
---- a/pubkey.h
+--- cryptopp-CRYPTOPP_8_9_0.orig/pubkey.h
-+++ b/pubkey.h
++++ cryptopp-CRYPTOPP_8_9_0/pubkey.h
-@@ -1854,8 +1854,13 @@ public:
+@@ -1855,7 +1855,14 @@ public:
- 
  			SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
  			derivAlg.Derive(params, derivedKey, derivedKey.size(), z, q, parameters);
--
+ 
 -			return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
-+			DecodingResult res =  encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
++                        DecodingResult res =  encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
-+			Element z2 = agreeAlg.AgreeWithStaticPrivateKey(params, q, true, key.GetPrivateExponent());
++                        Element z2 = agreeAlg.AgreeWithStaticPrivateKey(params, q, true, key.GetPrivateExponent());
-+			if (z == z2) {
++                        if (z == z2) {
-+			} else {
++                        } else {
-+				return DecodingResult();
++                                return DecodingResult();
-+			}
++                        }
-+			return res;
++                        return res;
++
  		}
  		catch (DL_BadElement &)
  		{

libcryptopp.changes

@@ -1,13 +1,18 @@
 -------------------------------------------------------------------
-Fri Jan  9 14:49:05 UTC 2026 - Angel Yankov <angel.yankov@suse.com>
+Wed Jan 14 09:08:04 UTC 2026 - Angel Yankov <angel.yankov@suse.com>
 
-Security fix [bsc#1218217, CVE-2023-50979]
+- Security fix [bsc#1218217, CVE-2023-50979]
   * Fix  side-channel leakage during decryption with PKCS#1v1.5 padding
   * Added patch libcryptopp-CVE-2023-50979.patch
-  * https://github.com/Coralesoft/cryptopp/commit/0923d82f5c3ac8cf6c99108be2ad9260f2a61f6c
+  * https://github.com/Coralesoft/cryptopp/commit/0923d82f5c3ac8cf6c99108be2ad9260f2a61f6c 
 
 -------------------------------------------------------------------
-Thu May 29 10:56:35 UTC 2025 - Angel Yankov <angel.yankov@suse.com>
+Fri Oct 24 06:59:04 UTC 2025 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Fix build on aarch64
+
+-------------------------------------------------------------------
+Tue Oct  7 07:56:39 UTC 2025 - Angel Yankov <angel.yankov@suse.com>
 
 - Security fix [bsc#1224280, CVE-2024-28285]
   * potential leak of secret key of ElGamal encryption via fault injection 

libcryptopp.spec

@@ -1,6 +1,24 @@
 #
 # spec file for package libcryptopp
 #
+# Copyright (c) 2026 SUSE LLC and contributors
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+ #
+# spec file for package libcryptopp
+#
 # Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
@@ -15,7 +33,6 @@
 # Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
-
 %define major 8
 %define minor 9
 %define patchlevel 0
@@ -40,10 +57,10 @@ Patch1:         libcryptopp-shared.patch
 Patch2:         libcryptopp-CVE-2023-50980.patch
 # CVE-2023-50981 [bsc#1218222], issue on ModularSquareRoot function leads to potential DoS
 Patch3:         libcryptopp-CVE-2023-50981.patch
-# PATCH-FIX-SUSE: [bsc#1224280] CVE-2024-28285 potential leak of secret key of ElGamal encryption via fault injection 
+# PATCH-FIX-SUSE: [bsc#1224280] CVE-2024-28285 potential leak of secret key of ElGamal encryption via fault injection
-Patch4:		libcryptopp-CVE-2024-28285.patch
+Patch4:         libcryptopp-CVE-2024-28285.patch
 # PATCH-FIX-UPSTREAM: [bsc#1218217,  CVE-2023-50979] side-channel leakage during decryption with PKCS#1v1.5 padding  (marvin )
-Patch5:		libcryptopp-CVE-2023-50979.patch
+Patch5:         libcryptopp-CVE-2023-50979.patch
 BuildRequires:  dos2unix
 BuildRequires:  gcc-c++
 BuildRequires:  pkgconfig
@@ -104,7 +121,8 @@ CXXFLAGS="$CXXFLAGS -DCRYPTOPP_DISABLE_ALTIVEC"
 %make_install \
     PREFIX="%{_prefix}" \
     LIB="%{_lib}" \
-    LIBSUFFIX="-%{version}"
+    LIBSUFFIX="-%{version}" \
+    LDFLAGS="-pthread -lgomp"
 
 rm -rf "%{buildroot}%{_bindir}" %{buildroot}%{_datadir}/cryptopp
 rm -rf %{buildroot}%{_libdir}/*.a