From 2c10f03d7aadd85356cc98771bd6c1ae0aa6285b524e5d16714507baa7497610 Mon Sep 17 00:00:00 2001 From: c unix Date: Tue, 26 Sep 2023 15:08:09 +0000 Subject: [PATCH] Accepting request 1113576 from home:firstyear:branches:security - bsc#1215657 - chosen ciphertext attack possible against aes-gcm * update vendor.tar.zst to contain aes-gcm >= 0.10.3 - Update to version 0.9.2+0: * CI: Ensure `apt` repository is up-to-date before installing build deps * CI: Build Linux releases using `ubuntu-20.04` runner * CI: Remove most uses of `actions-rs` actions OBS-URL: https://build.opensuse.org/request/show/1113576 OBS-URL: https://build.opensuse.org/package/show/security/rage-encryption?expand=0&rev=29 --- _service | 2 +- _servicedata | 2 +- rage-0.9.2+0.tar.gz | 4 ++-- rage-encryption.changes | 14 ++++++++++++++ rage-encryption.spec | 2 +- vendor.tar.xz | 3 --- vendor.tar.zst | 3 +++ 7 files changed, 22 insertions(+), 8 deletions(-) delete mode 100644 vendor.tar.xz create mode 100644 vendor.tar.zst diff --git a/_service b/_service index 4ff787f..1f9b157 100644 --- a/_service +++ b/_service @@ -18,7 +18,7 @@ rage - xz + zst true diff --git a/_servicedata b/_servicedata index 8a2c2c1..f61805d 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/str4d/rage.git - 267f383d3c1623c10bc6715c07fa77689171f940 \ No newline at end of file + e6180f1a2004008873b8e8d40110995ecec416c4 \ No newline at end of file diff --git a/rage-0.9.2+0.tar.gz b/rage-0.9.2+0.tar.gz index bf663c3..3c4b6d4 100644 --- a/rage-0.9.2+0.tar.gz +++ b/rage-0.9.2+0.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:ae51d06e2829215baaa51f828acf316e71577eef778601d332a28e8c83dec81d -size 1599818 +oid sha256:faaf7716819e4d30d47bead3e35c7776442a790fe072b80485cb69930dc28661 +size 1600116 diff --git a/rage-encryption.changes b/rage-encryption.changes index a926a42..d8127cb 100644 --- a/rage-encryption.changes +++ b/rage-encryption.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Tue Sep 26 03:59:43 UTC 2023 - William Brown + +- bsc#1215657 - chosen ciphertext attack possible against aes-gcm + * update vendor.tar.zst to contain aes-gcm >= 0.10.3 + +------------------------------------------------------------------- +Tue Sep 26 01:06:56 UTC 2023 - william.brown@suse.com + +- Update to version 0.9.2+0: + * CI: Ensure `apt` repository is up-to-date before installing build deps + * CI: Build Linux releases using `ubuntu-20.04` runner + * CI: Remove most uses of `actions-rs` actions + ------------------------------------------------------------------- Tue Jun 13 00:35:46 UTC 2023 - william.brown@suse.com diff --git a/rage-encryption.spec b/rage-encryption.spec index 1c2de44..81962a0 100644 --- a/rage-encryption.spec +++ b/rage-encryption.spec @@ -31,7 +31,7 @@ License: (0BSD OR MIT OR Apache-2.0) AND (Apache-2.0 OR BSL-1.0) AND (Apa Group: Productivity/Security URL: https://github.com/str4d/rage Source0: rage-%{version}.tar.gz -Source1: vendor.tar.xz +Source1: vendor.tar.zst Source2: cargo_config %if %{suse_version} > 1500 BuildRequires: cargo-packaging diff --git a/vendor.tar.xz b/vendor.tar.xz deleted file mode 100644 index 6b9f5ca..0000000 --- a/vendor.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a4f3e0446cc48a847aa6758aa09c7af56c02be60436e288e6495686cdf64eefa -size 33837292 diff --git a/vendor.tar.zst b/vendor.tar.zst new file mode 100644 index 0000000..e3204bb --- /dev/null +++ b/vendor.tar.zst @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4977cf5bab4d73b8d51f7df9fa0d72bf077922b25f9da05c2f51369b74cbec68 +size 33927832