Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package oqs-provider for openSUSE:Factory checked in at 2023-06-13 16:11:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/oqs-provider (Old) and /work/SRC/openSUSE:Factory/.oqs-provider.new.15902 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "oqs-provider" Tue Jun 13 16:11:05 2023 rev:2 rq:1092835 version:0.5.0 Changes: -------- --- /work/SRC/openSUSE:Factory/oqs-provider/oqs-provider.changes 2022-11-16 15:43:30.663863868 +0100 +++ /work/SRC/openSUSE:Factory/.oqs-provider.new.15902/oqs-provider.changes 2023-06-13 16:11:06.435450762 +0200 @@ -1,0 +2,57 @@ +Tue Jun 13 09:19:27 UTC 2023 - Marcus Meissner <[email protected]> + +- updated to 0.5.0: + + - oqs-provider now also enables use of QSC algorithms during TLS1.3 + handshake. The required OpenSSL code updates are contained in + openssl/openssl#19312. + + * Algorithm updates + + All algorithms no longer supported in the NIST PQC competition + and not under consideration for standardization by ISO have been + removed. All remaining algorithms with the exception of McEliece + have been lifted to their final round 3 variants as documented in + liboqs. Most notably, algorithm names for Sphincs+ have been changed + to the naming chosen by its authors. + + * Functional updates + + - Enablement of oqs-provider as a (first) dynamically fetchable OpenSSL3 TLS1.3 signature provider. + - OSX support + - Full support for CA functionality + - Algorithms can now be selected by their respective bit strength using the property string "oqsprovider.security_bits" + - Documentation of (O)IDs used by the different PQC algorithms used and supported in current and past releases of oqs-openssl and oqs-provider + - Graceful handling (by way of functional degradation) of the feature sets contained in different OpenSSL releases; all oqsprovider capabilities are only available when using a version > than OpenSSL3.1. + - A bug regarding handling of hybrid algorithms has been fixed as well as some memory leaks. + + * Misc updates + + - Dynamic code point and OID changes via environment variables. See ALGORITHMS.md. + - Dynamic key encoding changes via environment variable using external qsc_key_encoder library. See ALGORITHMS.md. + +- oqs-provider-shared-liboqs.patch: removed, not needed anymore + +- updated to 0.4.0: + + * Security considerations + + - This release removes Rainbow level 1 and all variants of SIDH and + SIKE due to cryptanalytic breaks of those algorithms. Users are advised + to move away from use of those algorithms immediately. + + * Algorithm updates + + - Removal of SIKE/SIDH and Rainbow level I due to cryptographic breaks + + * Functional updates + + - Addition of quantum-safe CMS operations via the OpenSSL interface + - Addition of quantum-safe dgst operations via the OpenSSL interface + + * Misc updates + + - Additional testing + - Integration with and of OpenSSL test harness + +------------------------------------------------------------------- Old: ---- oqs-provider-0.3.0.tar.gz oqs-provider-shared-liboqs.patch New: ---- oqs-provider-0.5.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ oqs-provider.spec ++++++ --- /var/tmp/diff_new_pack.pPHvEE/_old 2023-06-13 16:11:07.015454185 +0200 +++ /var/tmp/diff_new_pack.pPHvEE/_new 2023-06-13 16:11:07.019454208 +0200 @@ -1,7 +1,7 @@ # # spec file for package oqs-provider # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,19 +17,18 @@ Name: oqs-provider -Version: 0.3.0 +Version: 0.5.0 Release: 0 Summary: Quantum-safe crypto provider for OpenSSL License: MIT Group: Productivity/Security URL: https://github.com/open-quantum-safe/oqs-provider/ Source: https://github.com/open-quantum-safe/oqs-provider/archive/refs/tags/%{version}.tar.gz#/%name-%version.tar.gz -Patch0: oqs-provider-shared-liboqs.patch # currently would need libtestutil.a from openssl-3, so basically a copy of openssl-3 to test. Patch1: oqs-provider-disable-test.patch BuildRequires: cmake BuildRequires: libopenssl-3-devel -BuildRequires: liboqs-devel +BuildRequires: pkgconfig(liboqs) %description This is a plugin/shared library making available quantum-safe cryptography @@ -51,7 +50,8 @@ %install install -d %buildroot/%{_libdir}/ossl-modules/ -install -m 755 -c build/oqsprov/oqsprovider.so %buildroot/%{_libdir}/ossl-modules/ + +install -m 755 -c build/lib/oqsprovider.so %buildroot/%{_libdir}/ossl-modules/ %files %license LICENSE.txt ++++++ oqs-provider-0.3.0.tar.gz -> oqs-provider-0.5.0.tar.gz ++++++ ++++ 15166 lines of diff (skipped)
