From 56d5a37e9ea7045819b6f8da187d176d18e12a03064dccf08af3993d0872ed88 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Tue, 16 May 2023 07:46:32 +0000 Subject: [PATCH] Accepting request 1087283 from home:AndreasStieger:branches:security:tls libnettle 3.9 OBS-URL: https://build.opensuse.org/request/show/1087283 OBS-URL: https://build.opensuse.org/package/show/security:tls/libnettle?expand=0&rev=33 --- libnettle.changes | 26 ++++++++++++++++++++++++++ libnettle.spec | 2 +- nettle-3.8.1.tar.gz | 3 --- nettle-3.8.1.tar.gz.sig | Bin 374 -> 0 bytes nettle-3.9.tar.gz | 3 +++ nettle-3.9.tar.gz.sig | Bin 0 -> 374 bytes 6 files changed, 30 insertions(+), 4 deletions(-) delete mode 100644 nettle-3.8.1.tar.gz delete mode 100644 nettle-3.8.1.tar.gz.sig create mode 100644 nettle-3.9.tar.gz create mode 100644 nettle-3.9.tar.gz.sig diff --git a/libnettle.changes b/libnettle.changes index 2ad43d1..b0b1094 100644 --- a/libnettle.changes +++ b/libnettle.changes @@ -1,3 +1,29 @@ +------------------------------------------------------------------- +Mon May 15 19:20:37 UTC 2023 - Andreas Stieger + +- update to 3.9 + * rewrite of the C and plain x86_64 assembly implementations of + GHASH to use precomputed tables in a different way, with tables + always accessed in the same sequential manner. This should make + Nettle's GHASH implementation side-channel silent on all + platforms, but considerably slower on platforms without carry- + less mul instructions. E.g., benchmarks of the C implementation + on x86_64 showed a slowdown of 3 times. + * Fix bug in ecdsa and gostdsa signature verify operation, for + the unlikely corner case that point addition really is point + duplication. + * Fix for chacha on Power7, nettle's assembly used an instruction + only available on later processors + * Add support for the SM4 block cipher + * Add support for the Balloon password hash + * Add support for SIV-GCM authenticated encryption mode + * Add support for OCB authenticated encryption mode. + * New exported functions md5_compress, sha1_compress, + sha256_compress, sha512_compress + * multiple performance optimizations + * Delete all arcfour assembly code. Affects 32-bit x86, 32-bit + and 64-bit sparc + ------------------------------------------------------------------- Wed Mar 8 10:32:20 UTC 2023 - Martin Pluskal diff --git a/libnettle.spec b/libnettle.spec index b64787f..7a57a7c 100644 --- a/libnettle.spec +++ b/libnettle.spec @@ -19,7 +19,7 @@ %define soname 8 %define hogweed_soname 6 Name: libnettle -Version: 3.8.1 +Version: 3.9 Release: 0 Summary: Cryptographic Library License: GPL-2.0-or-later AND LGPL-2.1-or-later diff --git a/nettle-3.8.1.tar.gz b/nettle-3.8.1.tar.gz deleted file mode 100644 index caf4ea1..0000000 --- a/nettle-3.8.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:364f3e2b77cd7dcde83fd7c45219c834e54b0c75e428b6f894a23d12dd41cbfe -size 2406251 diff --git a/nettle-3.8.1.tar.gz.sig b/nettle-3.8.1.tar.gz.sig deleted file mode 100644 index 5c5e41ada93e3d41ff3df373c23e5ec83e914379273f4e6d8bfc9818f8cc9190..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 374 zcmV-+0g3*J0doWZ0SW*e79j*QJTLJ3?q0&}zVn&$S)ceQ#&Vbi0%GBjUjPaT5c64| z_$bD5n3R4B0GChNGekXl9;%lwai}G@x~IOq^w4i0Qzr5J933`o?zewqE$z|Kn`gyS z3zFXo4Ds!BY&-t(F?VC{Z>>d&3@#dytVnFDqgSM=zh(YTt?B?ME?7Z+)aUUG+>eO| zxO(U=Sxf#^Kia)M!bB|c{oMe$Ev{nuI|{sXzS!g+U1g6)zi%uq^#xh*!Az)@kYrzW zXA<+Jc*dcTQ8$eShtF2QibfYY`1-AjN0AG*^Ws=Rz2IE@f75|u*q-B*tFwm|UXZC> zu5NvSQ@NjRYk4an)>7TFrE26EdRUoa-Y277`A>~5upH=HPB@Gj0Aqi1@bZ^dWl-dj zk6ucjwYA!CJxiWfZpx9LGby8UidUJGBM8-_w`}xFsQ2#63?MPKdSur}o{SZc}GW|g%|8%}Aqfx<88ymxEB;Ea%=87TtJ#-Rr6GGk2i)$GV4{236 zKs8U5UMcUGn!Z^YXD>n*lUV>xwMD!)`MA`qcqB@~Z3*V86vdx1bcUAw)+#fVomjVM zZq+jTIVs*^E&6=k=3qaVueU0>&+Ml?o|#TiLIi~eDYwm^PJxjA2I3IWj$1GgSZWxg zjHj~?Z9yj;h;sN3(XuQ~P;W^5I|N=ipsJ#zHm)RHZPr8MxF~UhiJu+h)mh2DWbA6}M>%7h Usf7v3d^vzP9MB<@?^^KDQ2