rpm/mbedtls
SHA256
1
0
Fork 0
forked from pool/mbedtls
Code Pull Requests Activity

Accepting request 408503 from devel:libraries:c_c++

Browse Source 
- Update to version 1.3.17 (boo#988956):

OBS-URL: https://build.opensuse.org/request/show/408503
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mbedtls?expand=0&rev=8
This commit is contained in:
Dominique Leuenberger 2016-07-21 05:52:59 +00:00 committed by Git OBS Bridge
parent dc276d9720
commit 547a91b29f
4 changed files with 38 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mbedtls-1.3.16-gpl.tgz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f413146c177c52d4ad8f48015e2fb21dd3a029ca30a2ea000cbc4f9bd092c933
size 1760112

3
mbedtls-1.3.17-gpl.tgz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f5beb43e850283915e3e0f8d37495eade3bfb5beedfb61e7b8da70d4c68edb82
size 1766596

33
mbedtls.changes
View File

@ -1,3 +1,36 @@
-------------------------------------------------------------------
Thu Jul 14 12:00:56 UTC 2016 - mpluskal@suse.com
- Update to version 1.3.17 (boo#988956):
* Security
+ Fix missing padding length check in
mbedtls_rsa_rsaes_pkcs1_v15_decrypt required by PKCS1 v2.2
+ Fix a potential integer underflow to buffer overread in
mbedtls_rsa_rsaes_oaep_decrypt. It is not triggerable
remotely in SSL/TLS.
+ Fix potential integer overflow to buffer overflow in
mbedtls_rsa_rsaes_pkcs1_v15_encrypt and
mbedtls_rsa_rsaes_oaep_encrypt
* Bugfix
+ Fix bug in mbedtls_mpi_add_mpi() that caused wrong results
when the three arguments where the same (in-place doubling).
Found and fixed by Janos Follath. #309
+ Fix issue in Makefile that prevented building using armar.
+ Fix issue that caused a hang up when generating RSA keys of
odd bitlength
+ Fix bug in mbedtls_rsa_rsaes_pkcs1_v15_encrypt that made
null pointer dereference possible.
+ Fix issue that caused a crash if invalid curves were passed
to mbedtls_ssl_conf_curves. #373
* Changes
+ On ARM platforms, when compiling with -O0 with GCC, Clang or
armcc5, don't use the optimized assembly for bignum
multiplication. This removes the need to pass
-fomit-frame-pointer to avoid a build error with -O0.
+ Disabled SSLv3 in the default configuration.
+ Fix non-compliance server extension handling. Extensions for
SSLv3 are now ignored, as required by RFC6101.
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Jan 10 13:08:11 UTC 2016 - mpluskal@suse.com Sun Jan 10 13:08:11 UTC 2016 - mpluskal@suse.com

5
mbedtls.spec
View File

@ -18,7 +18,7 @@
%define lib_name lib%{name}9 %define lib_name lib%{name}9
Name: mbedtls Name: mbedtls
Version: 1.3.16 Version: 1.3.17
Release: 0 Release: 0
Summary: Open Source embedded SSL/TLS cryptographic library Summary: Open Source embedded SSL/TLS cryptographic library
License: GPL-2.0+ License: GPL-2.0+
@ -27,7 +27,7 @@ Url: https://tls.mbed.org
Source: https://tls.mbed.org/download/%{name}-%{version}-gpl.tgz Source: https://tls.mbed.org/download/%{name}-%{version}-gpl.tgz
Source99: baselibs.conf Source99: baselibs.conf
BuildRequires: cmake BuildRequires: cmake
BuildRequires: pkg-config BuildRequires: pkgconfig
BuildRequires: zlib-devel BuildRequires: zlib-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -76,7 +76,6 @@ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:%{_builddir}/%{name}-%{version}/build/li
make -C build test %{?_smp_mflags} make -C build test %{?_smp_mflags}
%post -n %{lib_name} -p /sbin/ldconfig %post -n %{lib_name} -p /sbin/ldconfig
%postun -n %{lib_name} -p /sbin/ldconfig %postun -n %{lib_name} -p /sbin/ldconfig
%files devel %files devel