Accepting request 576327 from devel:libraries:c_c++

OBS-URL: https://build.opensuse.org/request/show/576327
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mbedtls?expand=0&rev=14

baselibs.conf

@@ -1,3 +1,3 @@
 libmbedtls10
 libmbedx509-0
-libmbedcrypto0
+libmbedcrypto1

mbedtls-2.6.0-apache.tgz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:99bc9d4212d3d885eeb96273bcde8ecc649a481404b8d7ea7bb26397c9909687
-size 1973397

mbedtls-2.7.0-apache.tgz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:aeb66d6cd43aa1c79c145d15845c655627a7fc30d624148aaafbb6c36d7f55ef
+size 2108442

mbedtls.changes

@@ -1,3 +1,105 @@
+-------------------------------------------------------------------
+Tue Feb 13 15:55:27 UTC 2018 - kbabioch@suse.com
+
+- Update to version 2.7.0:
+  - Security
+    * Fix a heap corruption issue in the implementation of the truncated HMAC
+      extension. When the truncated HMAC extension is enabled and CBC is used,
+      sending a malicious application packet could be used to selectively corrupt
+      6 bytes on the peer's heap, which could potentially lead to crash or remote
+      code execution. The issue could be triggered remotely from either side in
+      both TLS and DTLS. (CVE-2018-0488 boo#1080828)
+    * Fix a buffer overflow in RSA-PSS verification when the hash was too large
+      for the key size, which could potentially lead to crash or remote code
+      execution. Found by Seth Terashima, Qualcomm Product Security Initiative,
+      Qualcomm Technologies Inc. (CVE-2018-0487 boo#1080826)
+    * Fix buffer overflow in RSA-PSS verification when the unmasked data is all
+      zeros.
+    * Fix an unsafe bounds check in ssl_parse_client_psk_identity() when adding
+      64 KiB to the address of the SSL buffer and causing a wrap around.
+    * Fix a potential heap buffer overflow in mbedtls_ssl_write(). When the (by
+      default enabled) maximum fragment length extension is disabled in the
+      config and the application data buffer passed to mbedtls_ssl_write
+      is larger than the internal message buffer (16384 bytes by default), the
+      latter overflows.
+    * Add a provision to prevent compiler optimizations breaking the time
+      constancy of mbedtls_ssl_safer_memcmp().
+    * Ensure that buffers are cleared after use if they contain sensitive data.
+      Changes were introduced in multiple places in the library.
+    * Set PEM buffer to zero before freeing it, to avoid decoded private keys
+      being leaked to memory after release.
+    * Fix dhm_check_range() failing to detect trivial subgroups and potentially
+      leaking 1 bit of the private key. Reported by prashantkspatil.
+    * Make mbedtls_mpi_read_binary() constant-time with respect to the input
+      data. Previously, trailing zero bytes were detected and omitted for the
+      sake of saving memory, but potentially leading to slight timing
+      differences. Reported by Marco Macchetti, Kudelski Group.
+    * Wipe stack buffer temporarily holding EC private exponent
+      after keypair generation.
+    * Fix a potential heap buffer over-read in ALPN extension parsing
+      (server-side). Could result in application crash, but only if an ALPN
+      name larger than 16 bytes had been configured on the server.
+    * Change default choice of DHE parameters from untrustworthy RFC 5114
+      to RFC 3526 containing parameters generated in a nothing-up-my-sleeve
+      manner. 
+  - Features
+    * Add alternative implementation support for CCM and CMAC (MBEDTLS_CCM_ALT,
+      MBEDTLS_CMAC_ALT). Submitted by Steven Cooreman, Silicon Labs.
+    * Add support for alternative implementations of GCM, selected by the
+      configuration flag MBEDTLS_GCM_ALT.
+    * Add support for alternative implementations for ECDSA, controlled by new
+      configuration flags MBEDTLS_ECDSA_SIGN_ALT, MBEDTLS_ECDSA_VERIFY_ALT and
+      MBEDTLS_ECDSDA_GENKEY_AT in config.h.
+      The following functions from the ECDSA module can be replaced
+      with alternative implementation:
+      mbedtls_ecdsa_sign(), mbedtls_ecdsa_verify() and mbedtls_ecdsa_genkey().
+    * Add support for alternative implementation of ECDH, controlled by the
+      new configuration flags MBEDTLS_ECDH_COMPUTE_SHARED_ALT and
+      MBEDTLS_ECDH_GEN_PUBLIC_ALT in config.h.
+      The following functions from the ECDH module can be replaced
+      with an alternative implementation:
+      mbedtls_ecdh_gen_public() and mbedtls_ecdh_compute_shared().
+    * Add support for alternative implementation of ECJPAKE, controlled by
+      the new configuration flag MBEDTLS_ECJPAKE_ALT.
+    * Add mechanism to provide alternative implementation of the DHM module.
+  - API changes
+    * Extend RSA interface by multiple functions allowing structure-
+      independent setup and export of RSA contexts. Most notably,
+      mbedtls_rsa_import() and mbedtls_rsa_complete() are introduced for setting
+      up RSA contexts from partial key material and having them completed to the
+      needs of the implementation automatically. This allows to setup private RSA
+      contexts from keys consisting of N,D,E only, even if P,Q are needed for the
+      purpose or CRT and/or blinding.
+    * The configuration option MBEDTLS_RSA_ALT can be used to define alternative
+      implementations of the RSA interface declared in rsa.h.
+    * The following functions in the message digest modules (MD2, MD4, MD5,
+      SHA1, SHA256, SHA512) have been deprecated and replaced as shown below.
+      The new functions change the return type from void to int to allow
+      returning error codes when using MBEDTLS_<MODULE>_ALT.
+      mbedtls_<MODULE>_starts() -> mbedtls_<MODULE>_starts_ret()
+      mbedtls_<MODULE>_update() -> mbedtls_<MODULE>_update_ret()
+      mbedtls_<MODULE>_finish() -> mbedtls_<MODULE>_finish_ret()
+      mbedtls_<MODULE>_process() -> mbedtls_internal_<MODULE>_process()
+  - Deprecations
+    * Deprecate usage of RSA primitives with non-matching key-type
+      (e.g. signing with a public key).
+    * Direct manipulation of structure fields of RSA contexts is deprecated.
+      Users are advised to use the extended RSA API instead.
+    * Deprecate usage of message digest functions that return void
+      (mbedtls_<MODULE>_starts, mbedtls_<MODULE>_update,
+      mbedtls_<MODULE>_finish and mbedtls_<MODULE>_process where <MODULE> is
+      any of MD2, MD4, MD5, SHA1, SHA256, SHA512) in favor of functions
+      that can return an error code.
+    * Deprecate untrustworthy DHE parameters from RFC 5114. Superseded by
+      parameters from RFC 3526 or the newly added parameters from RFC 7919.
+    * Deprecate hex string DHE constants MBEDTLS_DHM_RFC3526_MODP_2048_P etc.
+      Supserseded by binary encoded constants MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN
+      etc.
+    * Deprecate mbedtls_ssl_conf_dh_param() for setting default DHE parameters
+      from hex strings. Superseded by mbedtls_ssl_conf_dh_param_bin()
+      accepting DHM parameters in binary form, matching the new constants.
+  - Several bug fixes
+
 -------------------------------------------------------------------
 Mon Sep 11 21:03:15 UTC 2017 - fisiu@opensuse.org
 

mbedtls.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package mbedtls
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,10 +17,10 @@
 
 
 %define lib_tls    libmbedtls10
-%define lib_crypto libmbedcrypto0
+%define lib_crypto libmbedcrypto1
 %define lib_x509   libmbedx509-0
 Name:           mbedtls
-Version:        2.6.0
+Version:        2.7.0
 Release:        0
 Summary:        Libraries for crypto and SSL/TLS protocols
 License:        Apache-2.0