From f9c1c6b4990ea9a103a464934d0b78e781cb395845b3bf4201638616905df394 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=ADt=C4=9Bzslav=20=C4=8C=C3=AD=C5=BEek?=
 <vcizek@suse.com>
Date: Wed, 13 Jun 2018 11:32:30 +0000
Subject: [PATCH] Accepting request 616502 from
 home:kbabioch:branches:devel:libraries:c_c++

- Update to version 1.8.3:
  - Use blinding for ECDSA signing to mitigate a novel side-channel
    attack. (CVE-2018-0495 bsc#1097410)
  - Fix incorrect counter overflow handling for GCM when using an IV
    size other than 96 bit.
  - Fix incorrect output of AES-keywrap mode for in-place encryption
    on some platforms.
  - Fix the gcry_mpi_ec_curve_point point validation function.
  - Fix rare assertion failure in gcry_prime_check.
- Applied spec-cleaner

OBS-URL: https://build.opensuse.org/request/show/616502
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=113
---
 libgcrypt-1.8.2.tar.bz2     |   3 ---
 libgcrypt-1.8.2.tar.bz2.sig | Bin 310 -> 0 bytes
 libgcrypt-1.8.3.tar.bz2     |   3 +++
 libgcrypt-1.8.3.tar.bz2.sig | Bin 0 -> 310 bytes
 libgcrypt.changes           |  14 ++++++++++++++
 libgcrypt.spec              |  18 +++++++++---------
 6 files changed, 26 insertions(+), 12 deletions(-)
 delete mode 100644 libgcrypt-1.8.2.tar.bz2
 delete mode 100644 libgcrypt-1.8.2.tar.bz2.sig
 create mode 100644 libgcrypt-1.8.3.tar.bz2
 create mode 100644 libgcrypt-1.8.3.tar.bz2.sig

diff --git a/libgcrypt-1.8.2.tar.bz2 b/libgcrypt-1.8.2.tar.bz2
deleted file mode 100644
index e63b978..0000000
--- a/libgcrypt-1.8.2.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c8064cae7558144b13ef0eb87093412380efa16c4ee30ad12ecb54886a524c07
-size 2966534
diff --git a/libgcrypt-1.8.2.tar.bz2.sig b/libgcrypt-1.8.2.tar.bz2.sig
deleted file mode 100644
index 306831ed80bf02cf366709710dd09999ae5b3013d2477e0cb5dcfc8ef3e4446f..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 310
zcmV-60m=S}0W$;u0SEvc79j-KX(1!T23_i24?49Zn>o@?CF8aQ0$MRK!~hBj5G0#9
z(oZGhwvvno{TsF;BZdKWpd6vL#Bu0ibgpmZY%PF}01CStMlrxqKI^Zpdzg)H^#0{m
z`J3do=t`Vt2H-Oj{lhtVj^K~tw3mm4@<chYNwU~<&Xyp!(VUqhH2-N1@CCM;L7$+G
z!_JaBc9H?^fSfyG6T*tJc^Hj06R#-oEBEPNI^;P=^lOR5X3;&aR6kCO!Qgv$AwCp{
zdis@9q5LLXNtxmTkq9+XNJ8$$kZ5MC6&(@Ai3;v`meJSeBey3tr$sJCa?DDb|NWy@
zJE@0|ytFBKkF>-2ipXy6Dpd&n`vaJ|#!`}~J{dEpz)3N3**j-68VGhHL1R;|L;TZz
I`n|{%mw?-nr2qf`

diff --git a/libgcrypt-1.8.3.tar.bz2 b/libgcrypt-1.8.3.tar.bz2
new file mode 100644
index 0000000..b64a2b1
--- /dev/null
+++ b/libgcrypt-1.8.3.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:66ec90be036747602f2b48f98312361a9180c97c68a690a5f376fa0f67d0af7c
+size 2989166
diff --git a/libgcrypt-1.8.3.tar.bz2.sig b/libgcrypt-1.8.3.tar.bz2.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..ee621316ae20bd244c4658d1a0833aa157fb18693ca83c4f070e9803a05f6e9b
GIT binary patch
literal 310
zcmV-60m=S}0W$;u0SEvc79j-KX(1!T23_i24?49Zn>o@?CF8aQ0$U)?BmfEt5G0#9
z(oZGhwtc+^|4&slvD|Dbc}lORNnTROni6p(8=Tmz6rWv8GR`yvxFErCZ_g-UFts~;
z{Hw1qnID4a=oVmHP0cm-{hN1jsWtYxa^R$*$LIH&`k15APlOTk;tdrL{<8T?sU&np
z3CrU`$|cJTriQE)fgtTLHWSQp5<MOFtkM*8k^?TFHqQ)bxe|}hLLJ~9xd|=}zm|Sg
zwwW0IB?aD6yX3wA^GQrrNh7L7{2MQe7Qs=#$y4<`3v{-umvS>_t{AGE@D708<I|?}
z^7AKv`1mY95;+d`8*_*!&D4I<PDr}R>?)woBo*Rv4~}8~L+v6+=OnU-UZ(TI++=I9
IBVTE}&69VKRsaA1

literal 0
HcmV?d00001

diff --git a/libgcrypt.changes b/libgcrypt.changes
index 8564052..db05fdd 100644
--- a/libgcrypt.changes
+++ b/libgcrypt.changes
@@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Wed Jun 13 10:46:33 UTC 2018 - kbabioch@suse.com
+
+- Update to version 1.8.3:
+  - Use blinding for ECDSA signing to mitigate a novel side-channel
+    attack. (CVE-2018-0495 bsc#1097410)
+  - Fix incorrect counter overflow handling for GCM when using an IV
+    size other than 96 bit.
+  - Fix incorrect output of AES-keywrap mode for in-place encryption
+    on some platforms.
+  - Fix the gcry_mpi_ec_curve_point point validation function.
+  - Fix rare assertion failure in gcry_prime_check. 
+- Applied spec-cleaner
+
 -------------------------------------------------------------------
 Wed May  2 14:31:07 UTC 2018 - pmonrealgonzalez@suse.com
 
diff --git a/libgcrypt.spec b/libgcrypt.spec
index da518a6..1a9377c 100644
--- a/libgcrypt.spec
+++ b/libgcrypt.spec
@@ -21,12 +21,12 @@
 %define libsoname %{name}20
 %define cavs_dir %{_libexecdir}/%{name}/cavs
 Name:           libgcrypt
-Version:        1.8.2
+Version:        1.8.3
 Release:        0
 Summary:        The GNU Crypto Library
-License:        GPL-2.0+ AND LGPL-2.1+ AND GPL-3.0+
+License:        GPL-2.0-or-later AND LGPL-2.1-or-later AND GPL-3.0-or-later
 Group:          Development/Libraries/C and C++
-Url:            http://directory.fsf.org/wiki/Libgcrypt
+URL:            http://directory.fsf.org/wiki/Libgcrypt
 Source:         ftp://ftp.gnupg.org/gcrypt/libgcrypt/%{name}-%{version}.tar.bz2
 Source1:        ftp://ftp.gnupg.org/gcrypt/libgcrypt/%{name}-%{version}.tar.bz2.sig
 Source2:        baselibs.conf
@@ -73,7 +73,7 @@ understanding of applied cryptography is required to use Libgcrypt.
 
 %package -n %{libsoname}
 Summary:        The GNU Crypto Library
-License:        GPL-2.0+ AND LGPL-2.1+
+License:        GPL-2.0-or-later AND LGPL-2.1-or-later
 Group:          System/Libraries
 Suggests:       %{libsoname}-hmac = %{version}-%{release}
 
@@ -83,7 +83,7 @@ GnuPG (alpha version).
 
 %package -n %{libsoname}-hmac
 Summary:        HMAC checksums for the GNU Crypto Library
-License:        GPL-2.0+ AND LGPL-2.1+
+License:        GPL-2.0-or-later AND LGPL-2.1-or-later
 Group:          System/Libraries
 Requires:       %{libsoname} = %{version}-%{release}
 
@@ -94,7 +94,7 @@ for integrity checking the library, as required by FIPS 140-2.
 
 %package devel
 Summary:        The GNU Crypto Library
-License:        GFDL-1.1 AND GPL-2.0+ AND LGPL-2.1+ AND MIT
+License:        GFDL-1.1-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT
 Group:          Development/Libraries/C and C++
 Requires:       %{libsoname} = %{version}
 Requires:       glibc-devel
@@ -112,7 +112,7 @@ library.
 
 %package cavs
 Summary:        The GNU Crypto Library
-License:        GFDL-1.1 AND GPL-2.0+ AND LGPL-2.1+ AND MIT
+License:        GFDL-1.1-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT
 Group:          Development/Libraries/C and C++
 Requires:       %{libsoname} = %{version}
 Requires:       %{libsoname}-hmac
@@ -123,7 +123,7 @@ CAVS testing framework for libgcrypt
 %if 0%{?separate_hmac256_binary}
 %package hmac256
 Summary:        The GNU Crypto Library
-License:        GPL-2.0+ AND LGPL-2.1+
+License:        GPL-2.0-or-later AND LGPL-2.1-or-later
 Group:          Development/Libraries/C and C++
 Requires:       %{libsoname} = %{version}
 Requires:       libgpg-error-devel
@@ -231,7 +231,7 @@ mv %{buildroot}%{_bindir}/drbg_test %{buildroot}%{cavs_dir}
 %files devel
 %license COPYING COPYING.LIB
 %doc AUTHORS ChangeLog NEWS README THANKS TODO
-%{_infodir}/gcrypt.info%{ext_info}
+%{_infodir}/gcrypt.info*%{ext_info}
 %{_bindir}/dumpsexp
 %{_bindir}/mpicalc
 %{_bindir}/%{name}-config