Accepting request 519788 from home:AndreasStieger:branches:devel:libraries:c_c++

libgcrypt 1.8.1 libgcrypt 1.8.1 CVE-2017-0379 bsc#1055837 OBS-URL: https://build.opensuse.org/request/show/519788 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=102
2017-08-31 08:01:22 +00:00 · 2017-08-31 08:01:22 +00:00 · 8ea7d3a2d4
commit 8ea7d3a2d4
parent 8af5760958
6 changed files with 15 additions and 4 deletions
--- a/libgcrypt-1.8.0.tar.bz2
+++ b/libgcrypt-1.8.0.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:23e49697b87cc4173b03b4757c8df4314e3149058fa18bdc4f82098f103d891b
-size 2963266
--- a/libgcrypt-1.8.0.tar.bz2.sig
+++ b/libgcrypt-1.8.0.tar.bz2.sig
--- a/libgcrypt-1.8.1.tar.bz2
+++ b/libgcrypt-1.8.1.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7a2875f8b1ae0301732e878c0cca2c9664ff09ef71408f085c50e332656a78b3
+size 2967344
--- a/libgcrypt-1.8.1.tar.bz2.sig
+++ b/libgcrypt-1.8.1.tar.bz2.sig
--- a/libgcrypt.changes
+++ b/libgcrypt.changes
@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Mon Aug 28 17:54:24 UTC 2017 - astieger@suse.com
+
+- libgcrypt 1.8.1:
+  * Mitigate a local side-channel attack on Curve25519 dubbed "May
+    the Fourth be With You" CVE-2017-0379 bsc#1055837
+  * Add more extra bytes to the pool after reading a seed file
+  * Add the OID SHA384WithECDSA from RFC-7427 to SHA-384
+  * Fix build problems with the Jitter RNG
+  * Fix assembler code build problems on Rasbian (ARMv8/AArch32-CE)
+
 -------------------------------------------------------------------
 Mon Jul 24 23:43:40 UTC 2017 - jengelh@inai.de

--- a/libgcrypt.spec
+++ b/libgcrypt.spec
@ -21,7 +21,7 @@
 %define libsoname %{name}20
 %define cavs_dir %{_libexecdir}/%{name}/cavs
 Name:           libgcrypt
-Version:        1.8.0
+Version:        1.8.1
 Release:        0
 Summary:        The GNU Crypto Library
 License:        GPL-2.0+ AND LGPL-2.1+ AND GPL-3.0+