Accepting request 1142919 from security:tls

- Update to version 3.5.2: * Update BRANCHES.md * Bump version * Assemble Changelog * Update Marvin fix Changelog entry * Add warning for PKCS 1.5 decryption * Fix typo * RSA: improve readability * RSA: remove unneeded temporaries * RSA: document Montgomery trick in unblind * Fix style * Make local function static * Add Changelog for the Marvin attack fix * Extend blinding to RSA result check * Make RSA unblinding constant flow * Add Changelog for #8687 * Add required dependency to the testcase * Remove unneeded testcase * Update test-data to use SIZE_MAX * Add missing newline at the end of test_suite_x509write.data * Update fix to be more platform-independent * Fix Issue #8687 * Add tests for Issue #8687 - Resolves CVE-2024-23170 boo#1219336 OBS-URL: https://build.opensuse.org/request/show/1142919 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mbedtls?expand=0&rev=44
2024-01-31 22:54:49 +00:00 · 2024-01-31 22:54:49 +00:00 · 493c087ef4
commit 493c087ef4
parent 40732d801c e73d121589
7 changed files with 41 additions and 13 deletions
--- a/4
+++ b/4
@ -1,11 +1,11 @@
 <services>
  <service name="obs_scm" mode="manual">
-    <param name="versionformat">3.5.1</param>
+    <param name="versionformat">3.5.2</param>
    <param name="url">https://github.com/Mbed-TLS/mbedtls.git</param>
    <param name="scm">git</param>
    <param name="changesgenerate">enable</param>
    <param name="exclude">.*</param>
-    <param name="revision">refs/tags/v3.5.1</param>
+    <param name="revision">refs/tags/v3.5.2</param>
  </service>
  <service name="tar" mode="buildtime"/>
  <service name="recompress" mode="buildtime">
--- a/2
+++ b/2
@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                <param name="url">https://github.com/Mbed-TLS/mbedtls.git</param>
-              <param name="changesrevision">edb8fec9882084344a314368ac7fd957a187519c</param></service></servicedata>
+              <param name="changesrevision">daca7a3979c22da155ec9dce49ab1abf3b65d3a9</param></service></servicedata>
--- a/mbedtls-3.5.1.obscpio
+++ b/mbedtls-3.5.1.obscpio
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:18a7cdaba3c7433fef4ef37b25c5f2fd73cf5c69123ed5fc3452cc46f7e9f8b8
-size 43188749
--- a/mbedtls-3.5.2.obscpio
+++ b/mbedtls-3.5.2.obscpio
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:347e7c72f46473a8e990a4439d9309feb7dac429b9f6d4acf4782dae3ff65d8d
+size 43192333
--- a/mbedtls.changes
+++ b/mbedtls.changes
@ -1,3 +1,31 @@
+-------------------------------------------------------------------
+Wed Jan 31 08:11:12 UTC 2024 - Martin Pluskal <mpluskal@suse.com>
+
+- Update to version 3.5.2:
+  * Update BRANCHES.md
+  * Bump version
+  * Assemble Changelog
+  * Update Marvin fix Changelog entry
+  * Add warning for PKCS 1.5 decryption
+  * Fix typo
+  * RSA: improve readability
+  * RSA: remove unneeded temporaries
+  * RSA: document Montgomery trick in unblind
+  * Fix style
+  * Make local function static
+  * Add Changelog for the Marvin attack fix
+  * Extend blinding to RSA result check
+  * Make RSA unblinding constant flow
+  * Add Changelog for #8687
+  * Add required dependency to the testcase
+  * Remove unneeded testcase
+  * Update test-data to use SIZE_MAX
+  * Add missing newline at the end of test_suite_x509write.data
+  * Update fix to be more platform-independent
+  * Fix Issue #8687
+  * Add tests for Issue #8687
+- Resolves CVE-2024-23170 boo#1219336
+
 -------------------------------------------------------------------
 Tue Jan 23 11:12:58 UTC 2024 - Lubos Kocman <lubos.kocman@suse.com>

--- a/mbedtls.obsinfo
+++ b/mbedtls.obsinfo
@ -1,4 +1,4 @@
 name: mbedtls
-version: 3.5.1
-mtime: 1699443360
-commit: edb8fec9882084344a314368ac7fd957a187519c
+version: 3.5.2
+mtime: 1706089751
+commit: daca7a3979c22da155ec9dce49ab1abf3b65d3a9
--- a/mbedtls.spec
+++ b/mbedtls.spec
@ -1,7 +1,7 @@
 #
 # spec file for package mbedtls
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -22,7 +22,7 @@
 %define lib_everest libeverest
 %define lib_p256m   libp256m
 Name:           mbedtls
-Version:        3.5.1
+Version:        3.5.2
 Release:        0
 Summary:        Libraries for crypto and SSL/TLS protocols
 License:        Apache-2.0 OR GPL-2.0-or-later
@ -87,10 +87,10 @@ This subpackage of mbedtls contains libp256m
 %package devel
 Summary:        Development files for mbedtls, a SSL/TLS library
 Requires:       %{lib_crypto} = %{version}
-Requires:       %{lib_tls} = %{version}
-Requires:       %{lib_x509} = %{version}
 Requires:       %{lib_everest} = %{version}
 Requires:       %{lib_p256m} = %{version}
+Requires:       %{lib_tls} = %{version}
+Requires:       %{lib_x509} = %{version}

 %description devel
 This subpackage contains the development files for mbedtls,