From 4d92d29d53649748c9030ce13be348031ca05cfde890ea690e0460d57de97a7f Mon Sep 17 00:00:00 2001
From: Dominique Leuenberger <dleuenberger@suse.com>
Date: Sun, 7 Feb 2016 08:22:44 +0000
Subject: [PATCH] Accepting request 357899 from devel:libraries:c_c++

- Version update to 3.2 release bnc#964849 CVE-2015-8805 bnc#964847
  CVE-2015-8804 bnc#964845 CVE-2015-8803:
  * New functions for RSA private key operations, identified by
    the "_tr" suffix, with better resistance to side channel
    attacks and to hardware or software failures which could
    break the CRT optimization
  * SHA3 implementation is updated according to the FIPS 202 standard
  * New ARM Neon implementation of the chacha stream cipher
  * Should be compatible binary with 3.1 series
- Add patch to fix build with cflags:
  * nettle-respect-cflags.patch

OBS-URL: https://build.opensuse.org/request/show/357899
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libnettle?expand=0&rev=23
---
 libnettle.changes           |  15 ++++++++++++++
 libnettle.spec              |   7 +++++--
 nettle-3.1.1.tar.gz         |   3 ---
 nettle-3.1.1.tar.gz.sig     | Bin 351 -> 0 bytes
 nettle-3.2.tar.gz           |   3 +++
 nettle-3.2.tar.gz.sig       | Bin 0 -> 351 bytes
 nettle-respect-cflags.patch |  38 ++++++++++++++++++++++++++++++++++++
 7 files changed, 61 insertions(+), 5 deletions(-)
 delete mode 100644 nettle-3.1.1.tar.gz
 delete mode 100644 nettle-3.1.1.tar.gz.sig
 create mode 100644 nettle-3.2.tar.gz
 create mode 100644 nettle-3.2.tar.gz.sig
 create mode 100644 nettle-respect-cflags.patch

diff --git a/libnettle.changes b/libnettle.changes
index 0a8e59f..5608ca2 100644
--- a/libnettle.changes
+++ b/libnettle.changes
@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Thu Jan 28 20:45:45 UTC 2016 - tchvatal@suse.com
+
+- Version update to 3.2 release bnc#964849 CVE-2015-8805 bnc#964847
+  CVE-2015-8804 bnc#964845 CVE-2015-8803:
+  * New functions for RSA private key operations, identified by
+    the "_tr" suffix, with better resistance to side channel
+    attacks and to hardware or software failures which could
+    break the CRT optimization
+  * SHA3 implementation is updated according to the FIPS 202 standard
+  * New ARM Neon implementation of the chacha stream cipher
+  * Should be compatible binary with 3.1 series
+- Add patch to fix build with cflags:
+  * nettle-respect-cflags.patch
+
 -------------------------------------------------------------------
 Mon Jun 22 08:43:05 UTC 2015 - tchvatal@suse.com
 
diff --git a/libnettle.spec b/libnettle.spec
index 996ea0a..bbf44e1 100644
--- a/libnettle.spec
+++ b/libnettle.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package libnettle
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
 %define soname 6
 %define hogweed_soname 4
 Name:           libnettle
-Version:        3.1.1
+Version:        3.2
 Release:        0
 Summary:        Cryptographic Library
 License:        LGPL-2.1+ and GPL-2.0+
@@ -29,6 +29,8 @@ Source0:        https://ftp.gnu.org/gnu/nettle/nettle-%{version}.tar.gz
 Source1:        https://ftp.gnu.org/gnu/nettle/nettle-%{version}.tar.gz.sig
 Source2:        %{name}.keyring
 Source3:        baselibs.conf
+# PATCH-FIX-UPSTREAM respect cflags while building
+Patch0:         nettle-respect-cflags.patch
 BuildRequires:  gmp-devel
 BuildRequires:  makeinfo
 BuildRequires:  pkgconfig
@@ -91,6 +93,7 @@ operations using the nettle library.
 
 %prep
 %setup -q -n nettle-%{version}
+%patch0 -p1
 
 %build
 %configure \
diff --git a/nettle-3.1.1.tar.gz b/nettle-3.1.1.tar.gz
deleted file mode 100644
index 4d1e508..0000000
--- a/nettle-3.1.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5fd4d25d64d8ddcb85d0d897572af73b05b4d163c6cc49438a5bfbb8ff293d4c
-size 1851876
diff --git a/nettle-3.1.1.tar.gz.sig b/nettle-3.1.1.tar.gz.sig
deleted file mode 100644
index fbb00b9a9a3baec33a24e06f6ff867b7e2af388dc2e117908cb6f480d2b168a9..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 351
zcmV-l0igbg0bB$C0RjL91p-w%p6LJz2@vyHpZF-oa+tZB3ILKp#Usm1&ln=6!Yefn
z$<KJ#=B9m2{A;YQOI;GFBL@B2Ne(mDLO0wK2z9PaP*E**qg@U}!q*o;){~<B??q%W
zO|SWpfvjNBg1h5lRQ_e=E~&Jm=Wn}Lz=)bSVGyigg8WYA7h`=g-#5XKj`@KOg?n{g
zBqv{L_3B9`BMZ?9KzvB=Lw(e0=SI}_J4i%n`H@0@Tc(ffrlu;f`CSP(D$38*Q0`tJ
z_iLCi82x-*qAKNI%&2k_HV4aDQeVszV+%V@`A@`ZpJ_k%<z|+!+;hkQpxjTBO<mHU
zNAM181WK{7T11j*7aPc3D`!@q_a_-H@{T{sX0ocmKqZYNG9ug5G7&@67_)n)(zc}>
x%z0xc1_bb$6g!hkf~da2L07O<raZD~W?mJh9JPO*O*rrqe23Hv92GkuM?gofp<)04

diff --git a/nettle-3.2.tar.gz b/nettle-3.2.tar.gz
new file mode 100644
index 0000000..d02080e
--- /dev/null
+++ b/nettle-3.2.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ea4283def236413edab5a4cf9cf32adf540c8df1b9b67641cfc2302fca849d97
+size 1879604
diff --git a/nettle-3.2.tar.gz.sig b/nettle-3.2.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..08c2ab0ce6a69de50751851d34b351e174d4ab5574d19017435105d0690e845c
GIT binary patch
literal 351
zcmV-l0igbg0bB$C0RjL91p-#8bd3NC2@vyHpZF-oa+sj$3ILCyn*U9H@{QDk(*g-)
zs-JQ<7_<R}2`T(umAf4C7ivh$ASGOv|5#kqdK!Jh_SWk;NN9-GT;eN=!I^qi#!Fh;
zPfoW;ov``?*%pwb+Z-g}s8=B@cI95l5vTi|ew?E9hxm_6s6A??$zJ++osZucuAn32
z4ib&noeNq~Kj{OYv<}#rGMAhRN89#$?rJIp<~EVHBYx5!zV8ZNCX>#A%JU252`-Y^
zC)d&STcN)~;xsQ@ZE7b<>?ca^Sg?37@<rwL8qEcoxH!vrU%dZ!e6-|u|8E!0S5fIa
zKs$K~bx1O<quwG#9*_46M#0cuX)wa<TPMd(Vd0EO+Bc8hkc3)YE2Mkd<TJ;C$8YCh
x|4@ol7z~ltyVb|5lBb)Da@x-c%1+91*_iL(86C=4svq<{_uVfsO}`1;m_4heu2}#8

literal 0
HcmV?d00001

diff --git a/nettle-respect-cflags.patch b/nettle-respect-cflags.patch
new file mode 100644
index 0000000..d55e3ac
--- /dev/null
+++ b/nettle-respect-cflags.patch
@@ -0,0 +1,38 @@
+Index: nettle-3.2/Makefile.in
+===================================================================
+--- nettle-3.2.orig/Makefile.in
++++ nettle-3.2/Makefile.in
+@@ -278,27 +278,27 @@ $(LIBHOGWEED_FORLINK): $(hogweed_OBJS) $
+ # executable. Avoid object file targets to make it easy to run the
+ # right compiler.
+ aesdata$(EXEEXT_FOR_BUILD): aesdata.c
+-	$(CC_FOR_BUILD) `test -f aesdata.c || echo '$(srcdir)/'`aesdata.c \
++	$(CC_FOR_BUILD) $(CFLAGS) `test -f aesdata.c || echo '$(srcdir)/'`aesdata.c \
+ 	-o aesdata$(EXEEXT_FOR_BUILD)
+ 
+ desdata$(EXEEXT_FOR_BUILD): desdata.c
+-	$(CC_FOR_BUILD) `test -f desdata.c || echo '$(srcdir)/'`desdata.c \
++	$(CC_FOR_BUILD) $(CFLAGS) `test -f desdata.c || echo '$(srcdir)/'`desdata.c \
+ 	-o desdata$(EXEEXT_FOR_BUILD)
+ 
+ twofishdata$(EXEEXT_FOR_BUILD): twofishdata.c
+-	$(CC_FOR_BUILD) `test -f twofishdata.c || echo '$(srcdir)/'`twofishdata.c \
++	$(CC_FOR_BUILD) $(CFLAGS) `test -f twofishdata.c || echo '$(srcdir)/'`twofishdata.c \
+ 	-o twofishdata$(EXEEXT_FOR_BUILD)
+ 
+ shadata$(EXEEXT_FOR_BUILD): shadata.c
+-	$(CC_FOR_BUILD) `test -f shadata.c || echo '$(srcdir)/'`shadata.c -lm \
++	$(CC_FOR_BUILD) $(CFLAGS) `test -f shadata.c || echo '$(srcdir)/'`shadata.c -lm \
+ 	-o shadata$(EXEEXT_FOR_BUILD)
+ 
+ gcmdata$(EXEEXT_FOR_BUILD): gcmdata.c
+-	$(CC_FOR_BUILD) `test -f gcmdata.c || echo '$(srcdir)/'`gcmdata.c \
++	$(CC_FOR_BUILD) $(CFLAGS) `test -f gcmdata.c || echo '$(srcdir)/'`gcmdata.c \
+ 	-o gcmdata$(EXEEXT_FOR_BUILD)
+ 
+ eccdata$(EXEEXT_FOR_BUILD): eccdata.c mini-gmp.c mini-gmp.h
+-	$(CC_FOR_BUILD) `test -f eccdata.c || echo '$(srcdir)/'`eccdata.c \
++	$(CC_FOR_BUILD) $(CFLAGS) `test -f eccdata.c || echo '$(srcdir)/'`eccdata.c \
+ 	-o eccdata$(EXEEXT_FOR_BUILD)
+ 
+ # desCore rules