------------------------------------------------------------------- Wed Sep 4 01:43:07 UTC 2024 - William Brown - bsc#1229959 - RUSTSEC-2024-0006 - rust-shlex: Multiple issues involving quote API ------------------------------------------------------------------- Mon Apr 22 12:15:24 UTC 2024 - Joshua Smith - Enable tests - Install all language manpages - Fix -keygen installing to -mount - Switch from obsoleted practices to modern ones: * %setup is now %autosetup * cargo_config is now part of vendor file * disabledrun is now manualrun - Update to version 0.10.0+0: Added: * Russian translation * rage-keygen -y IDENTITY_FILE to convert identity files to recipients. Changed: * MSRV is now 1.65.0. * Migrated from gumdrop to clap for argument parsing. * -R/--recipients-file and -i/--identity now support "read-once" files, like those used by process substitution (-i <(other_binary get-age-identity)) and named pipes. * The filename - (hyphen) is now treated as an explicit request to read from standard input when used with -R/--recipients-file or -i/--identity. It must only occur once across the -R/--recipients-file and -i/--identity flags, and the input file. It cannot be used if the input file is omitted. Fixed: * OpenSSH private keys passed to -i/--identity that contain invalid public keys are no longer ignored when encrypting, and instead cause an error. * Weak ssh-rsa public keys that are smaller than 2048 bits are now rejected. * rage-keygen no longer overwrites existing key files with the -o/--output flag. This was its behaviour prior to 0.6.0, but was unintentionally changed when rage was modified to overwrite existing files. Key file overwriting can still be achieved by omitting -o/--output and instead piping stdout to the file. * rage-keygen now prints fatal errors directly instead of them being hidden behind the RUST_LOG=error environment variable. It also now sets its return code appropriately instead of always returning 0. ------------------------------------------------------------------- Tue Sep 26 03:59:43 UTC 2023 - William Brown - bsc#1215657 - chosen ciphertext attack possible against aes-gcm * update vendor.tar.zst to contain aes-gcm >= 0.10.3 ------------------------------------------------------------------- Tue Sep 26 01:06:56 UTC 2023 - william.brown@suse.com - Update to version 0.9.2+0: * CI: Ensure `apt` repository is up-to-date before installing build deps * CI: Build Linux releases using `ubuntu-20.04` runner * CI: Remove most uses of `actions-rs` actions ------------------------------------------------------------------- Tue Jun 13 00:35:46 UTC 2023 - william.brown@suse.com - Update to version 0.9.2+0: * v0.9.2 * Fix changelog bugs and add missing entry * Document `PINENTRY_PROGRAM` environment variable * age: Add `Decryptor::new_async_buffered` * age: `impl AsyncBufRead for ArmoredReader` * Pre-initialize vectors when the capacity is known, or use arrays * Use `PINENTRY_PROGRAM` as environment variable for `pinentry` * Document why `impl AsyncWrite for StreamWriter` doesn't loop indefinitely * cargo update * cargo vet prune * Migrate to `cargo-vet 0.7` * build(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.1 * Correct spelling in documentation * build(deps): bump codecov/codecov-action from 3.1.1 to 3.1.4 * StreamWriter AsyncWrite: fix usage with futures::io::copy() * rage: Use `Decryptor::new_buffered` * age: Add `Decryptor::new_buffered` * age: `impl BufRead for ArmoredReader` * Update Homebrew formula to v0.9.1 * feat/pinentry: Use env var to define pinentry binary ------------------------------------------------------------------- Tue Apr 11 11:13:29 UTC 2023 - Jan Engelhardt - As per https://en.opensuse.org/openSUSE:Package_description_guidelines mention distinctive characteristics that offset this solution from e.g. gpg. ------------------------------------------------------------------- Sun Mar 26 07:04:54 UTC 2023 - Soc Virnyl Estela - Update to version 0.9.1+0: * ssh: Fix parsing of OpenSSH private key format * ssh: Support `aes256-gcm@openssh.com` ciphers for encrypted keys * ssh: Add `aes256-gcm@openssh.com` cipher to test cases * ssh: Extract common key material derivation logic for encrypted keys * ssh: Use associated constants for key and IV sizes * ssh: Add test cases for encrypted keys - Add shell completions for fish and zsh. ------------------------------------------------------------------- Fri Jan 13 03:23:28 UTC 2023 - William Brown - bsc#1207039 - CVE-2023-22895 - update bzip2 crate - Update of vendored dependencies ------------------------------------------------------------------- Thu Jan 05 03:20:27 UTC 2023 - william.brown@suse.com - Update of vendored dependencies ------------------------------------------------------------------- Mon Nov 21 15:00:46 UTC 2022 - Dominique Leuenberger - Do not have the main package recommend the bash-completion sub-package, but rather have the subpackage supplement the combination of tage-encryption and bash-completion. ------------------------------------------------------------------- Mon Oct 31 02:20:35 UTC 2022 - william.brown@suse.com - Update to version 0.9.0+0: * v0.9.0 * use pkcs1 crate to parse RSAPrivateKey ASN.1 object * qa: Add workflow that runs `cargo vet --locked` * qa: Import `cargo vet` audits from Firefox and zcashd * qa: Add `crypto-reviewed` criteria or `cargo vet` * qa: `cargo vet init` ------------------------------------------------------------------- Tue Aug 09 03:56:26 UTC 2022 - william.brown@suse.com - Set minimum rust requirement to 1.59 - Update to version 0.8.1+0: * v0.8.1 * Revert updates to `dashmap` and `indexmap` * cargo update * age: Add passphrase to scrypt_work_factor_23 testkit test file * age: Reject invalid or non-canonical X25519 recipient stanzas * age: Require "contributory" behaviour for X25519 recipient stanzas * age: Add testkit test files from reference impl * Update Homebrew formula to v0.8.0 ------------------------------------------------------------------- Tue May 03 00:27:46 UTC 2022 - william.brown@suse.com - Update to version 0.8.0+0: * v0.8.0 * age: Allow ciphertexts that encrypt the empty plaintext * Update Italian translation * Don't allow -i/--identity with passphrase-encrypted files * age: Require the last STREAM chunk to be non-empty * age: Return correct response encoding for `confirm` command * age: Base64-decode metadata arguments to "confirm" message * age: Extract "confirm" command handling into a helper function ------------------------------------------------------------------- Tue Apr 5 05:38:22 UTC 2022 - William Brown - Automatic update of vendored dependencies ------------------------------------------------------------------- Mon Mar 14 22:53:25 UTC 2022 - william.brown@suse.com - Update to resolve bsc#1196972 CVE-2022-24713 - Regex DOS ------------------------------------------------------------------- Mon Mar 14 12:00:00 UTC 2022 - cunix@mail.de - switched to vendored_licenses_packager as build dependency - define macro "rust_tier1_arches" if undefined ------------------------------------------------------------------- Tue Feb 15 03:58:13 UTC 2022 - William Brown - Add specific lock file path to _service for cargo audit to prevent confusion with the lock files in the fuzz folders. ------------------------------------------------------------------- Mon Jan 31 12:00:00 UTC 2022 - cunix@mail.de - Update to version 0.7.1 * Fixed a bug where non-canonical recipient stanza bodies in an age file header would cause rage to crash instead of being rejected * vendor.tar.xz updated from source code Cargo.lock file - Added: * binary rage-mount * bash-completion for rage, rage-keygen and rage-mount * manual pages for rage, rage-keygen and rage-mount * Licenses files * Licenses files of vendored crates extracted with script "vendored_licenses_packager.sh" * README and CHANGELOG files * possibility to build without cargo-packaging for "older" distros ------------------------------------------------------------------- Fri Nov 19 01:08:01 UTC 2021 - william.brown@suse.com - Update to version 0.7.0~git0.c93b914: * v0.7.0 * cargo update fuzz* * Update lockfiles for fuzzers * rage: Pin clap to 3.0.0-beta.2 * CI: Add bitrot check to ensure examples and benchmarks still compile * console 0.15 * age: Re-export `secrecy` crate * age-core: Improve crate documentation * age-core: Re-export `secrecy` crate * age-core: Add `plugin::Error` enum ------------------------------------------------------------------- Tue Nov 16 02:26:14 UTC 2021 - William Brown - Initial commit of rage