pool/mbedtls
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 523556 from devel:libraries:c_c++

Browse Source 
1

OBS-URL: https://build.opensuse.org/request/show/523556
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mbedtls?expand=0&rev=13
This commit is contained in:
Dominique Leuenberger 2017-09-13 19:34:45 +00:00 committed by Git OBS Bridge
parent a258e86dc4
commit 8e9dc53b27
4 changed files with 37 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mbedtls-2.5.1-apache.tgz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:559aeb8c8941262d6aad96a0286a230e7ff988ba53efbf609230ca1f81cc81f9
size 1955461

3
mbedtls-2.6.0-apache.tgz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:99bc9d4212d3d885eeb96273bcde8ecc649a481404b8d7ea7bb26397c9909687
size 1973397

33
mbedtls.changes
View File

@ -1,3 +1,36 @@
-------------------------------------------------------------------
Mon Sep 11 21:03:15 UTC 2017 - fisiu@opensuse.org
- Update to version 2.6.0:
* Add the functions mbedtls_platform_setup() and mbedtls_platform_teardown()
and the context struct mbedtls_platform_context to perform
platform-specific setup and teardown operations. The macro
MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT allows the functions to be overridden
by the user in a platform_alt.h file. These new functions are required in
some embedded environments to provide a means of initialising underlying
cryptographic acceleration hardware.
* Reverted API/ABI breaking changes introduced in mbed TLS 2.5.1, to make the
API consistent with mbed TLS 2.5.0. Specifically removed the inline
qualifier from the functions mbedtls_aes_decrypt, mbedtls_aes_encrypt,
mbedtls_ssl_ciphersuite_uses_ec and mbedtls_ssl_ciphersuite_uses_psk. Found
by James Cowgill. #978
* Certificate verification functions now set flags to -1 in case the full
chain was not verified due to an internal error (including in the verify
callback) or chain length limitations.
* With authmode set to optional, the TLS handshake is now aborted if the
verification of the peer's certificate failed due to an overlong chain or
a fatal error in the verify callback.
* Fix authentication bypass in SSL/TLS: when authmode is set to optional,
mbedtls_ssl_get_verify_result() would incorrectly return 0 when the peer's
X.509 certificate chain had more than MBEDTLS_X509_MAX_INTERMEDIATE_CA
(default: 8) intermediates, even when it was not trusted. This could be
triggered remotely from either side. (With authmode set to 'required'
(the default), the handshake was correctly aborted).
Fix for CVE-2017-14032 and boo#1056544.
* Reliably wipe sensitive data after use in the AES example applications
programs/aes/aescrypt2 and programs/aes/crypt_and_hash.
Found by Laurent Simon.
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Jul 10 14:17:59 UTC 2017 - mpluskal@suse.com Mon Jul 10 14:17:59 UTC 2017 - mpluskal@suse.com

2
mbedtls.spec
View File

@ -20,7 +20,7 @@
%define lib_crypto libmbedcrypto0 %define lib_crypto libmbedcrypto0
%define lib_x509 libmbedx509-0 %define lib_x509 libmbedx509-0
Name: mbedtls Name: mbedtls
Version: 2.5.1 Version: 2.6.0
Release: 0 Release: 0
Summary: Libraries for crypto and SSL/TLS protocols Summary: Libraries for crypto and SSL/TLS protocols
License: Apache-2.0 License: Apache-2.0