SHA256
1
0
forked from pool/libgcrypt
Commit Graph

99 Commits

Author SHA256 Message Date
00b6c7a408 Accepting request 913968 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Update to 1.9.4:
  * Bug fixes:
    - Fix Elgamal encryption for other implementations. [CVE-2021-33560]
    - Fix alignment problem on macOS.
    - Check the input length of the point in ECDH.
    - Fix an abort in gcry_pk_get_param for "Curve25519".
  * Other features:
    - Add GCM and CCM to OID mapping table for AES.
  * Upstream libgcrypt-CVE-2021-33560-fix-ElGamal-enc.patch

- Remove not needed patch libgcrypt-sparcv9.diff

- libgcrypt 1.9.3:
    - Fix for Apple iOS getentropy peculiarity.
    - Add VPMSUMD acceleration for GCM mode on PPC.
  - Fix rare assertion failure in gcry_prime_check.

OBS-URL: https://build.opensuse.org/request/show/913968
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=150
2021-08-24 10:13:55 +00:00
79c721ab6b Accepting request 899923 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Security fix: [bsc#1187212, CVE-2021-33560]
  * cipher: Fix ElGamal encryption for other implementations.
  * Exponent blinding was added in version 1.9.3. This patch
    fixes ElGamal encryption, see: https://dev.gnupg.org/T5328
- Add libgcrypt-CVE-2021-33560-fix-ElGamal-enc.patch

OBS-URL: https://build.opensuse.org/request/show/899923
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=148
2021-06-15 09:30:21 +00:00
c47eb17c1d Accepting request 886925 from home:polslinux:branches:devel:libraries:c_c++
- libgcrypt 1.9.3: 
  * Bug fixes:
    - Fix build problems on i386 using gcc-4.7.
    - Fix checksum calculation in OCB decryption for AES on s390.
    - Fix a regression in gcry_mpi_ec_add related to certain usages
      of curve 25519.
    - Fix a symbol not found problem on Apple M1.
    - Fix for Apple iOS getentropy peculiarity.  
    - Make keygrip computation work for compressed points.
  * Performance:
    - Add x86_64 VAES/AVX2 accelerated implementation of Camellia.
    - Add x86_64 VAES/AVX2 accelerated implementation of AES.
    - Add VPMSUMD acceleration for GCM mode on PPC. 
  * Internal changes.
    - Harden MPI conditional code against EM leakage.
    - Harden Elgamal by introducing exponent blinding.

OBS-URL: https://build.opensuse.org/request/show/886925
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=146
2021-04-20 14:18:49 +00:00
ed96a78f46 Accepting request 873060 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.9.2

OBS-URL: https://build.opensuse.org/request/show/873060
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=144
2021-02-17 10:20:09 +00:00
dea0435690 Accepting request 868925 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Update to 1.9.1
   * *Fix exploitable bug* in hash functions introduced with
     1.9.0. [bsc#1181632, CVE-2021-3345]
   * Return an error if a negative MPI is used with sexp scan
     functions.
   * Check for operational FIPS in the random and KDF functions.
   * Fix compile error on ARMv7 with NEON disabled.
   * Fix self-test in KDF module.
   * Improve assembler checks for better LTO support.
   * Fix 32-bit cross build on x86.
   * Fix non-NEON ARM assembly implementation for SHA512.
   * Fix build problems with the cipher_bulk_ops_t typedef.
   * Fix Ed25519 private key handling for preceding ZEROs.
   * Fix overflow in modular inverse implementation.
   * Fix register access for AVX/AVX2 implementations of Blake2.
   * Add optimized cipher and hash functions for s390x/zSeries.
   * Use hardware bit counting functionx when available.
   * Update DSA functions to match FIPS 186-3.
   * New self-tests for CMACs and KDFs.
   * Add bulk cipher functions for OFB and GCM modes.
- Update libgpg-error required version

- Use the suffix variable correctly in get_hmac_path()
- Rebase libgcrypt-fips_selftest_trigger_file.patch

- Add the global config file /etc/gcrypt/random.conf
  * This file can be used to globally change parameters of the random
    generator with the options: only-urandom and disable-jent.

- Update to 1.9.0:

OBS-URL: https://build.opensuse.org/request/show/868925
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=142
2021-02-03 12:44:42 +00:00
a15018a4a1 Accepting request 843758 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.8.7

OBS-URL: https://build.opensuse.org/request/show/843758
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=140
2020-10-24 20:30:16 +00:00
211bd2f53b Accepting request 819163 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Update to 1.8.6
  * mpi: Consider +0 and -0 the same in mpi_cmp
  * mpi: Fix flags in mpi_copy for opaque MPI
  * mpi: Fix the return value of mpi_invm_generic
  * mpi: DSA,ECDSA: Fix use of mpi_invm
    - Call mpi_invm before _gcry_dsa_modify_k
    - Call mpi_invm before _gcry_ecc_ecdsa_sign
  * mpi: Constant time mpi_inv with some conditions
    - mpi/mpi-inv.c (mpih_add_n_cond, mpih_sub_n_cond, mpih_swap_cond)
    - New: mpih_abs_cond, mpi_invm_odd
    - Rename from _gcry_mpi_invm: mpi_invm_generic
    - Use mpi_invm_odd for usual odd cases: _gcry_mpi_invm
  * mpi: Abort on division by zero also in _gcry_mpi_tdiv_qr
  * Fix wrong code execution in Poly1305 ARM/NEON implementation
    - Set r14 to -1 at function entry: (_gcry_poly1305_armv7_neon_init_ext)
  * Set vZZ.16b register to zero before use in armv8 gcm implementation
  * random: Fix include of config.h
  * Fix declaration of internal function _gcry_mpi_get_ui: Don't use ulong
  * ecc: Fix wrong handling of shorten PK bytes
    - Zeros are already recovered: (_gcry_ecc_mont_decodepoint)
- Update libgcrypt-ecc-ecdsa-no-blinding.patch

OBS-URL: https://build.opensuse.org/request/show/819163
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=138
2020-07-07 09:36:56 +00:00
Vítězslav Čížek
9a7cde5372 Accepting request 805624 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- FIPS: libgcrypt: Double free in test_keys() on failed signature
  verification [bsc#1169944]
  * Use safer gcry_mpi_release() instead of mpi_free()
- Update patches:
  * libgcrypt-PCT-DSA.patch
  * libgcrypt-PCT-RSA.patch
  * libgcrypt-PCT-ECC.patch

- Ship the FIPS checksum file in the shared library package and
  create a separate trigger file for the FIPS selftests (bsc#1169569)
  * add libgcrypt-fips_selftest_trigger_file.patch
  * refresh libgcrypt-global_init-constructor.patch
- Remove libgcrypt-binary_integrity_in_non-FIPS.patch obsoleted
  by libgcrypt-global_init-constructor.patch

- FIPS: Verify that the generated signature and the original input
  differ in test_keys function for RSA, DSA and ECC: [bsc#1165539]
- Add zero-padding when qx and qy have different lengths when
  assembling the Q point from affine coordinates.
- Refreshed patches:
  * libgcrypt-PCT-DSA.patch
  * libgcrypt-PCT-RSA.patch
  * libgcrypt-PCT-ECC.patch

- FIPS: Switch the PCT to use the new signature operation [bsc#1165539]
  * Patches for DSA, RSA and ECDSA test_keys functions:
    - libgcrypt-PCT-DSA.patch
    - libgcrypt-PCT-RSA.patch
    - libgcrypt-PCT-ECC.patch
- Update patch: libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch

OBS-URL: https://build.opensuse.org/request/show/805624
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=134
2020-05-14 15:39:34 +00:00
Tomáš Chvátal
e37716ed54 Accepting request 766877 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- FIPS: libgcrypt DSA PQG parameter generation: Missing value [bsc#1161219]
- FIPS: libgcrypt DSA PQG verification incorrect results [bsc#1161215]
- FIPS: libgcrypt RSA siggen/keygen: 4k not supported [bsc#1161220]
  * Add patch from Fedora libgcrypt-1.8.4-fips-keygen.patch

- FIPS: RSA/DSA/ECDSA are missing hashing operation [bsc#1155337]
  * Add libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch

- Fix tests in FIPS mode:
  * Fix tests: basic benchmark bench-slope pubkey t-cv25519 t-secmem
  * Add patch libgcrypt-fix-tests-fipsmode.patch

- Fix test dsa-rfc6979 in FIPS mode:
  * Disable tests in elliptic curves with 192 bits which are not
    recommended in FIPS mode
  * Add patch libgcrypt-dsa-rfc6979-test-fix.patch

- CMAC AES and TDES FIPS self-tests:
  * CMAC AES self test missing [bsc#1155339]
  * CMAC TDES self test missing [bsc#1155338]
- Add libgcrypt-CMAC-AES-TDES-selftest.patch

OBS-URL: https://build.opensuse.org/request/show/766877
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=132
2020-01-24 12:13:28 +00:00
74a1d44e1d Accepting request 727257 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.8.5 CVE-2019-13627 boo#1148987

OBS-URL: https://build.opensuse.org/request/show/727257
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=130
2019-08-30 20:13:27 +00:00
d57c784f09 Accepting request 712076 from home:jsikes:branches:devel:libraries:c_c++
This fixes bsc#1133808. Hope it doesn't break anything else. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/712076
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=128
2019-06-27 15:31:10 +00:00
02d04cf4ae Accepting request 711377 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Fixed env-script-interpreter in cavs_driver.pl

- Security fix: [bsc#1138939, CVE-2019-12904]
  * The C implementation of AES is vulnerable to a flush-and-reload
    side-channel attack because physical addresses are available to
    other processes. (The C implementation is used on platforms where
    an assembly-language implementation is unavailable.)
  * Added patches:
    - libgcrypt-CVE-2019-12904-GCM-Prefetch.patch
    - libgcrypt-CVE-2019-12904-GCM.patch
    - libgcrypt-CVE-2019-12904-AES.patch

OBS-URL: https://build.opensuse.org/request/show/711377
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=127
2019-06-25 12:49:02 +00:00
Tomáš Chvátal
61eeda1b5c Accepting request 698242 from home:jsikes:branches:devel:libraries:c_c++
Hopefully this fixes bsc#1131369. Hopefully.

OBS-URL: https://build.opensuse.org/request/show/698242
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=125
2019-04-27 08:19:28 +00:00
Tomáš Chvátal
44e7a5642f Accepting request 697283 from home:jsikes:branches:devel:libraries:c_c++
Fixed a few bugs. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/697283
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=124
2019-04-24 08:43:31 +00:00
Tomáš Chvátal
9521655df0 Accepting request 692407 from home:jsikes:branches:devel:libraries:c_c++
Fixed a little oops. Enjoy.

OBS-URL: https://build.opensuse.org/request/show/692407
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=123
2019-04-09 06:12:53 +00:00
9563eb9685 Accepting request 689095 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- libgcrypt-1.8.3-fips-ctor.patch changed the way the fips selftests
  are invoked as well as the state transition, adjust the code so
  a missing checksum file is not an issue in non-FIPS mode (bsc#1097073)
  * update libgcrypt-binary_integrity_in_non-FIPS.patch

- Enforce the minimal RSA keygen size in fips mode (bsc#1125740)
  * add libgcrypt-fips_rsa_no_enforced_mode.patch

OBS-URL: https://build.opensuse.org/request/show/689095
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=122
2019-03-27 14:36:50 +00:00
Tomáš Chvátal
655523d262 Accepting request 688356 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- Don't run full self-tests from constructor (bsc#1097073)
  * Don't call global_init() from the constructor, _gcry_global_constructor()
    from libgcrypt-1.8.3-fips-ctor.patch takes care of the binary
    integrity check instead.
  * Only the binary checksum will be verified, the remaining
    self-tests will be run upon the library initialization
- Add libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch
- Drop libgcrypt-init-at-elf-load-fips.patch and
  libgcrypt-fips_run_selftest_at_constructor.patch obsoleted
  by libgcrypt-1.8.3-fips-ctor.patch

- Skip all the self-tests except for binary integrity when called
  from the constructor (bsc#1097073)
  * Added libgcrypt-1.8.3-fips-ctor.patch from Fedora

OBS-URL: https://build.opensuse.org/request/show/688356
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=121
2019-03-25 18:52:00 +00:00
Tomáš Chvátal
b13fa86e81 Accepting request 652048 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- Fail selftests when checksum file is missing in FIPS mode only
  (bsc#1117355)
  * add libgcrypt-binary_integrity_in_non-FIPS.patch

OBS-URL: https://build.opensuse.org/request/show/652048
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=119
2018-11-26 17:27:31 +00:00
Ismail Dönmez
5a5bf04851 Accepting request 645112 from security:privacy
libgcrypt 1.8.4

OBS-URL: https://build.opensuse.org/request/show/645112
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=117
2018-10-28 21:21:59 +00:00
Tomáš Chvátal
fb3d3cb514 Accepting request 620215 from home:Andreas_Schwab:Factory
- libgcrypt-1.6.3-aliasing.patch, libgcrypt-ppc64.patch,
  libgcrypt-strict-aliasing.patch: Remove obsolete patches
- libgcrypt-1.4.1-rijndael_no_strict_aliasing.patch: Rediff
- Reenable testsuite

OBS-URL: https://build.opensuse.org/request/show/620215
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=115
2018-07-02 10:45:19 +00:00
Vítězslav Čížek
f9c1c6b499 Accepting request 616502 from home:kbabioch:branches:devel:libraries:c_c++
- Update to version 1.8.3:
  - Use blinding for ECDSA signing to mitigate a novel side-channel
    attack. (CVE-2018-0495 bsc#1097410)
  - Fix incorrect counter overflow handling for GCM when using an IV
    size other than 96 bit.
  - Fix incorrect output of AES-keywrap mode for in-place encryption
    on some platforms.
  - Fix the gcry_mpi_ec_curve_point point validation function.
  - Fix rare assertion failure in gcry_prime_check. 
- Applied spec-cleaner

OBS-URL: https://build.opensuse.org/request/show/616502
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=113
2018-06-13 11:32:30 +00:00
Tomáš Chvátal
074f940c73 Accepting request 603165 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
OBS-URL: https://build.opensuse.org/request/show/603165
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=111
2018-05-02 15:35:24 +00:00
Tomáš Chvátal
3e049117f8 Accepting request 603156 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Suggest libgcrypt20-hmac for package libgcrypt20 to ensure they
  are installed in the right order. [bsc#1090766]

OBS-URL: https://build.opensuse.org/request/show/603156
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=110
2018-05-02 15:02:36 +00:00
Tomáš Chvátal
7da0c092f1 Accepting request 592205 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Extended the fipsdrv dsa-sign and dsa-verify commands with the
  --algo parameter for the FIPS testing of DSA SigVer and SigGen
  (bsc#1064455).
  * Added libgcrypt-fipsdrv-enable-algo-for-dsa-sign.patch
  * Added libgcrypt-fipsdrv-enable-algo-for-dsa-verify.patch

OBS-URL: https://build.opensuse.org/request/show/592205
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=108
2018-03-29 09:57:58 +00:00
Tomáš Chvátal
4de74bf3f1 Accepting request 580096 from home:favogt:licensetag
Use %license (boo#1082318). Please forward to SLE, if possible

OBS-URL: https://build.opensuse.org/request/show/580096
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=106
2018-02-26 09:33:50 +00:00
Tomáš Chvátal
e505d65dd8 Accepting request 556783 from security:privacy
libgcrypt 1.8.2

OBS-URL: https://build.opensuse.org/request/show/556783
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=104
2017-12-13 20:15:54 +00:00
Tomáš Chvátal
8ea7d3a2d4 Accepting request 519788 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.8.1 libgcrypt 1.8.1 CVE-2017-0379 bsc#1055837

OBS-URL: https://build.opensuse.org/request/show/519788
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=102
2017-08-31 08:01:22 +00:00
Tomáš Chvátal
8af5760958 Accepting request 512392 from home:jengelh:branches:devel:libraries:c_c++
- RPM group fixes.
remove with-pic, that's for static only

OBS-URL: https://build.opensuse.org/request/show/512392
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=100
2017-07-25 06:30:55 +00:00
Tomáš Chvátal
17c1484584 Accepting request 512084 from security:privacy
libgcrypt 1.8.0

OBS-URL: https://build.opensuse.org/request/show/512084
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=97
2017-07-24 08:15:56 +00:00
Vítězslav Čížek
27c67e3671 Accepting request 507220 from security:privacy
libgcrypt 1.7.8 CVE-2017-7526 bsc#1046607

OBS-URL: https://build.opensuse.org/request/show/507220
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=95
2017-06-30 06:36:55 +00:00
Tomáš Chvátal
c785cdbe16 Accepting request 501007 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.7.7

OBS-URL: https://build.opensuse.org/request/show/501007
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=93
2017-06-05 07:34:40 +00:00
Tomáš Chvátal
ef71f17567 Accepting request 500599 from home:pmonrealgonzalez:branches:devel:libraries:c_c++
- Added libgcrypt-secure-EdDSA-session-key.patch [bsc#1042326]
  * Store the session key in secure memory to ensure that constant
    time point operations are used in the MPI library.

OBS-URL: https://build.opensuse.org/request/show/500599
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=92
2017-06-03 18:51:04 +00:00
Tomáš Chvátal
fc34d37147 Accepting request 451572 from home:rmaliska:branches:devel:libraries:c_c++
- libgcrypt 1.7.6:
  * Fix counter operand from read-only to read/write 
  * Fix too large jump alignment in mpih-rshift

OBS-URL: https://build.opensuse.org/request/show/451572
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=90
2017-01-20 09:50:05 +00:00
Tomáš Chvátal
611eb05395 Accepting request 446365 from security:privacy
libgcrypt 1.7.5

OBS-URL: https://build.opensuse.org/request/show/446365
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=89
2016-12-15 11:55:13 +00:00
P. Janouch
b75d794f38 Accepting request 420659 from security:privacy
libgcrypt 1.7.3

OBS-URL: https://build.opensuse.org/request/show/420659
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=87
2016-08-22 09:21:16 +00:00
Ismail Dönmez
3cd014e39c Accepting request 419802 from security:privacy
libgcrypt 1.6.6 CVE-2016-6313 (bsc#994157)

OBS-URL: https://build.opensuse.org/request/show/419802
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=85
2016-08-18 07:41:25 +00:00
P. Janouch
81354459e3 Fixup, we need the same release as well
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=83
2016-05-16 16:03:22 +00:00
P. Janouch
b7923a28bd - remove conditionals for unsupported distributions (before 13.2),
it would not build anyway because of new dependencies

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=82
2016-05-16 14:41:28 +00:00
P. Janouch
5f4c72ab48 - make the -hmac package depend on the same version of the library,
fixing bsc#979629 FIPS: system fails to reboot after installing
  fips pattern

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=81
2016-05-16 14:30:25 +00:00
Michal Vyskocil
1e84b1513d Accepting request 358619 from security:privacy
update to 1.6.5: CVE-2015-7511: Mitigate side-channel attack on ECDH with Weierstrass curves (boo#965902)

OBS-URL: https://build.opensuse.org/request/show/358619
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=79
2016-02-09 21:32:46 +00:00
Ismail Dönmez
ab89552259 Accepting request 337609 from security:privacy
- follow-up to libgcrypt 1.6.4 update: sosuffix is 20.0.4

OBS-URL: https://build.opensuse.org/request/show/337609
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=77
2015-10-10 17:29:21 +00:00
Ismail Dönmez
cce4763633 Accepting request 329637 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- update to 1.6.4
- fixes libgcrypt equivalent of CVE-2015-5738 (bsc#944456)
 * Speed up the random number generator by requiring less extra
   seeding.
 * New flag "no-keytest" for ECC key generation.  Due to a bug in the
   parser that flag will also be accepted but ignored by older version
   of Libgcrypt.
 * Always verify a created RSA signature to avoid private key leaks
   due to hardware failures.
 * Other minor bug fixes.

OBS-URL: https://build.opensuse.org/request/show/329637
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=75
2015-09-08 17:55:16 +00:00
Ismail Dönmez
c32332f370 Accepting request 313303 from home:k0da:branches:devel:libraries:c_c++
- Fix gpg2 tests on BigEndian architectures: s390x ppc64 
  libgcrypt-1.6.3-aliasing.patch

OBS-URL: https://build.opensuse.org/request/show/313303
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=73
2015-06-24 07:39:00 +00:00
Ismail Dönmez
d508407bd5 Accepting request 288391 from security:privacy
- fix sosuffix for 1.6.3 (20.0.3)

OBS-URL: https://build.opensuse.org/request/show/288391
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=71
2015-03-02 09:31:21 +00:00
Ismail Dönmez
1025b98553 Accepting request 288249 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.6.3 [bnc#920057]

OBS-URL: https://build.opensuse.org/request/show/288249
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=70
2015-03-01 07:57:34 +00:00
Stephan Kulow
f5c7e834a5 Accepting request 284554 from home:dimstar:Factory
- Move %install_info_delete calls from postun to preun: the files
  must still be present to be parsed.
- Fix the names passed to install_info for gcrypt.info-[12].gz
  instead of gcrypt-[12].info.gz.

  via xtrymalloc macro

OBS-URL: https://build.opensuse.org/request/show/284554
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=68
2015-02-06 18:56:29 +00:00
Stephan Kulow
f3deb426aa Accepting request 284553 from home:coolo:branches:openSUSE:Factory
- making the build reproducible - see 
  http://lists.gnupg.org/pipermail/gnupg-commits/2014-September/010683.html
  for a very similiar problem

- fix filename for info pages in %post scripts

OBS-URL: https://build.opensuse.org/request/show/284553
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=67
2015-02-06 18:56:02 +00:00
Ismail Dönmez
7377b22af6 Accepting request 259951 from home:AndreasStieger:branches:devel:libraries:c_c++
libgcrypt 1.6.2

OBS-URL: https://build.opensuse.org/request/show/259951
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=65
2014-11-05 20:53:18 +00:00
Ismail Dönmez
c1ef8148bf Accepting request 250747 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- disabled curve P-192 in FIPS mode (bnc#896202)
  * added libgcrypt-fips_ecdsa.patch
- don't use SHA-1 for ECDSA in FIPS mode
- also run the fips self tests only in FIPS mode

- run the fips self tests at the constructor code
  * added libgcrypt-fips_run_selftest_at_constructor.patch

- rewrite the DSA-2 code to be FIPS 186-4 compliant (bnc#894216)
  * added libgcrypt-fips-dsa.patch
  * install fips186_dsa
- use 2048 bit keys in selftests_dsa

OBS-URL: https://build.opensuse.org/request/show/250747
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=63
2014-09-22 20:11:21 +00:00
Ismail Dönmez
1521b4e1a9 Accepting request 247239 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- fix an issue in DRBG patchset
  * size_t type is 32-bit on 32-bit systems
- fix a potential NULL pointer deference in DRBG patchset
  * patches from https://bugs.g10code.com/gnupg/issue1701
- added v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
- added v9-0007-User-interface-to-DRBG.patch
- removed v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
- removed v7-0007-User-interface-to-DRBG.patch
- add a subpackage for CAVS testing
  * add cavs_driver.pl and cavs-test.sh from the kernel cavs package
  * added drbg_test.patch

OBS-URL: https://build.opensuse.org/request/show/247239
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=61
2014-09-02 17:36:56 +00:00