commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2020-11-03 15:16:42 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new.3463 (New) Package is "Botan" Tue Nov 3 15:16:42 2020 rev:55 rq:845615 version:2.16.0 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2020-08-17 12:04:44.882673120 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new.3463/Botan.changes2020-11-03 15:17:22.452086727 +0100 @@ -1,0 +2,26 @@ +Tue Oct 27 15:53:08 UTC 2020 - Pedro Monreal + +- Update to 2.16.0: + * Now userspace PRNG objects (such as AutoSeeded_RNG and HMAC_DRBG) +use an internal lock, which allows safe concurrent use. This +however is purely a precaution in case of accidental sharing of +such RNG objects; for performance reasons it is always preferable +to use a RNG per thread if a userspace RNG is needed. + * DL_Group and EC_Group objects now track if they were created +from a known trusted group (such as P-256 or an IPsec DH +parameter). If so, then verification tests can be relaxed, as +compared to parameters which may have been maliciously +constructed in order to pass primality checks. + * RandomNumberGenerator::add_entropy_T assumed its input was a POD +type but did not verify this. + * Support OCSP responders that live on a non-standard port. + * Add support for Solaris sandbox. + * Support suffixes on release numbers for alpha/beta releases. + * Fix a bug in EAX which allowed requesting a 0 length tag, which +had the effect of using a full length tag. Instead omit the +length field, or request the full tag length explicitly. + * Fix a memory leak in GCM where if passed an unsuitable block +cipher (eg not 128 bit) it would throw an exception and leak +the cipher object. + +--- Old: Botan-2.15.0.tar.xz Botan-2.15.0.tar.xz.asc New: Botan-2.16.0.tar.xz Botan-2.16.0.tar.xz.asc Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.ziUHub/_old 2020-11-03 15:17:23.800088024 +0100 +++ /var/tmp/diff_new_pack.ziUHub/_new 2020-11-03 15:17:23.804088028 +0100 @@ -16,10 +16,10 @@ # -%define version_suffix 2-15 +%define version_suffix 2-16 %define short_version 2 Name: Botan -Version:2.15.0 +Version:2.16.0 Release:0 Summary:A C++ Crypto Library License:BSD-2-Clause ++ Botan-2.15.0.tar.xz -> Botan-2.16.0.tar.xz ++ 2709 lines of diff (skipped) ++ baselibs.conf ++ --- /var/tmp/diff_new_pack.ziUHub/_old 2020-11-03 15:17:25.864090010 +0100 +++ /var/tmp/diff_new_pack.ziUHub/_new 2020-11-03 15:17:25.864090010 +0100 @@ -1,4 +1,4 @@ -libbotan-2-15 +libbotan-2-16 libbotan-devel requires -libbotan- = - requires "libbotan-2-15- = " + requires "libbotan-2-16- = "
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2020-08-17 12:04:03 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new.3399 (New) Package is "Botan" Mon Aug 17 12:04:03 2020 rev:54 rq:826938 version:2.15.0 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2020-04-21 13:05:52.240238291 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new.3399/Botan.changes2020-08-17 12:04:44.882673120 +0200 @@ -1,0 +2,52 @@ +Sun Aug 16 01:57:13 UTC 2020 - Dirk Mueller + +- update to 2.15: + Fix a bug where the name constraint extension did not constrain the alternative + DN field which can be included in a subject alternative name. This would allow + a corrupted sub-CA which was otherwise constrained by a name constraint to + issue a certificate with a prohibited DN. + + Fix a bug in the TLS server during client authentication where where if a + (disabled by default) static RSA ciphersuite was selected, then no certificate + request would be sent. This would have an equivalent effect to a client which + simply replied with an empty Certificate message. (GH #2367) + + Replace the T-Tables implementation of AES with a 32-bit bitsliced version. As + a result AES is now constant time on all processors. (GH #2346 #2348 #2353 + #2329 #2355) + + In TLS, enforce that the key usage given in the server certificate allows the + operation being performed in the ciphersuite. (GH #2367) + + In X.509 certificates, verify that the algorithm parameters are the expected + NULL or empty. (GH #2367) + + Change the HMAC key schedule to attempt to reduce the information leaked from + the key schedule with regards to the length of the key, as this is at times (as + for example in PBKDF2) sensitive information. (GH #2362) + + Add Processor_RNG which wraps RDRAND or the POWER DARN RNG instructions. The + previous RDRAND_RNG interface is deprecated. (GH #2352) + + The documentation claimed that mlocked pages were created with a guard page + both before and after. However only a trailing guard page was used. Add a + leading guard page. (GH #2334) + + Add support for generating and verifying DER-encoded ECDSA signatures in the C + and Python interfaces. (GH #2357 #2356) + + Workaround a bug in GCC’s UbSan which triggered on a code sequence in XMSS (GH + #2322) + + When building documentation using Sphinx avoid parallel builds with version 3.0 + due to a bug in that version (GH #2326 #2324) + + Fix a memory leak in the CommonCrypto block cipher calls (GH #2371) + + Fix a flaky test that would occasionally fail when running the tests with a + large number of threads. (GH #2325 #2197) + + Additional algorithms are now deprecated: XTEA, GOST, and Tiger. They will be + removed in a future major release. + +--- Old: Botan-2.14.0.tar.xz Botan-2.14.0.tar.xz.asc New: Botan-2.15.0.tar.xz Botan-2.15.0.tar.xz.asc Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.bsGuOj/_old 2020-08-17 12:04:47.046674326 +0200 +++ /var/tmp/diff_new_pack.bsGuOj/_new 2020-08-17 12:04:47.050674329 +0200 @@ -16,10 +16,10 @@ # -%define version_suffix 2-13 +%define version_suffix 2-15 %define short_version 2 Name: Botan -Version:2.14.0 +Version:2.15.0 Release:0 Summary:A C++ Crypto Library License:BSD-2-Clause ++ Botan-2.14.0.tar.xz -> Botan-2.15.0.tar.xz ++ 9411 lines of diff (skipped) ++ baselibs.conf ++ --- /var/tmp/diff_new_pack.bsGuOj/_old 2020-08-17 12:04:48.954675390 +0200 +++ /var/tmp/diff_new_pack.bsGuOj/_new 2020-08-17 12:04:48.954675390 +0200 @@ -1,4 +1,4 @@ -libbotan-2-13 +libbotan-2-15 libbotan-devel requires -libbotan- = - requires "libbotan-2-13- = " + requires "libbotan-2-15- = "
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2020-04-21 13:05:48 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new.2738 (New) Package is "Botan" Tue Apr 21 13:05:48 2020 rev:53 rq:795525 version:2.14.0 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2019-04-05 11:56:50.882344514 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new.2738/Botan.changes2020-04-21 13:05:52.240238291 +0200 @@ -1,0 +2,48 @@ +Wed Apr 8 08:19:50 UTC 2020 - Paolo Stivanin + +- Update to Botan 2.14: + * Add support for using POWER8+ VPSUMD instruction to accelerate GCM (GH #2247) + * Optimize the vector permute AES implementation, especially improving +performance on ARMv7, Aarch64, and POWER. (GH #2243) + * Use a new algorithm for modular inversions which is both faster +and more resistant to side channel attacks. (GH #2287 #2296 #2301) + * Address an issue in CBC padding which would leak the length of the plaintext +which was being padded. Unpadding during decryption was not affected. + * Optimize NIST prime field reductions, improving ECDSA by 3-9% (GH #2295) + * Increase the size of the ECC blinding mask and scale it based on the +size of the group order. (GH #880 #893 #2308) + * Add server side support for the TLS asio wrapper. (GH #2229) + * Add support for using Windows certificate store on MinGW (GH #2280) + * Add a CLI utility cpu_clock which estimates the speed of the processor cycle counter. + * Add Roughtime client (GH #2143 #1842) + * Add support for XMSS X.509 certificates (GH #2172) + * Add support for X.509 CRLs in FFI layer and Python wrapper (GH #2213) + * Add AVX2 implementation of SHACAL2 (GH #2196) + * Support more functionality for X.509 in the Python API (GH #2165) + * Add generic CPU target useful when building for some new or unusual platform. + * Disable MD5 in BSI or NIST modes (GH #2188) + * Many currently public headers are being deprecated. If any such header is included by +an application, a warning is issued at compile time. +Headers issuing this warning will be made internal in a future major release. + * RSA signature performance improvements (GH #2068 #2070) + * Performance improvements for GCM (GH #2024 #2099 #2119), OCB (#2122), XTS (#2123) and +ChaCha20Poly1305 (GH #2117), especially for small messages. + * Add support for constant time AES using NEON and AltiVec (GH #2093 #2095 #2100) + * Improve performance of POWER8 AES instructions (GH #2096) + * Add support for the POWER9 hardware random number generator (GH #2026) + * Add support for 64-bit version of RDRAND, doubling performance on x86-64 (GH #934 #2022) + * In DTLS server, support a client crashing and then reconnecting from the same +source port, as described in RFC 6347 sec 4.2.8 (GH #2029) + * Optimize DTLS MTU splitting to split precisely to the set MTU (GH #2042) + * Add support for the TLS v1.3 downgrade indicator. (GH #2027) + * Add Argon2 PBKDF and password hash (GH #459 #1981 #1987) + * Add Bcrypt-PBKDF (GH #1990) + * Add server side support for issuing DTLS HelloVerifyRequest messages (GH #1999) + * Add support for the TLS v1.3 supported_versions extension. (GH #1976) + * Add Ed25519ph compatible with RFC 8032 (GH #1699 #2000) + * Add support for OCSP stapling on server side. (GH #1703 #1967) + * Add a boost::asio TLS stream compatible with boost::asio::ssl. (GH #1839 #1927 #1992) + * Add a certificate store for Linux/Unix systems. (GH #1885 #1936) + * Various Fixes + +--- Old: Botan-2.10.0.tgz Botan-2.10.0.tgz.asc New: Botan-2.14.0.tar.xz Botan-2.14.0.tar.xz.asc Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.FCUj7v/_old 2020-04-21 13:05:53.352240509 +0200 +++ /var/tmp/diff_new_pack.FCUj7v/_new 2020-04-21 13:05:53.356240517 +0200 @@ -1,7 +1,7 @@ # # spec file for package Botan # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,17 +16,17 @@ # -%define version_suffix 2-10 +%define version_suffix 2-13 %define short_version 2 Name: Botan -Version:2.10.0 +Version:2.14.0 Release:0 Summary:A C++ Crypto Library License:BSD-2-Clause Group: Development/Libraries/C and C++ -Url:http://botan.randombit.net -Source0:http://botan.randombit.net/releases/Botan-%{version}.tgz -Source1:http://bot
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2019-04-05 11:56:49 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new.3908 (New) Package is "Botan" Fri Apr 5 11:56:49 2019 rev:52 rq:691275 version:2.10.0 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2018-07-31 16:04:27.568062808 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new.3908/Botan.changes2019-04-05 11:56:50.882344514 +0200 @@ -1,0 +2,296 @@ +Tue Apr 2 12:54:40 UTC 2019 - Daniel Molkentin + +- Update to Botan 2.10 + + * Bump SONAME + + * Warning: XMSS currently implements draft-06 which is not compatible with +the final RFC 8391 specification. A PR is open to fix this, however it will +break all current uses of XMSS. If you are currently using XMSS please +comment at https://github.com/randombit/botan/pull/1858. Otherwise the PR +will be merged and support for draft-06 will be removed starting in 2.11. + + * Added a new certificate store implementation that can access the MacOS +keychain certificate store. (GH #1830) + + * Redesigned Memory_Pool class, which services allocations out of a set of +pages locked into memory (using mlock/VirtualLock). It is now faster and +with improved exploit mitigations. (GH #1800) + + * Add BMI2 implementations of SHA-512 and SHA-3 which improve performance by +25-35% on common CPUs. (GH #1815) + + * Unroll SHA-3 computation improving performance by 10-12% (GH #1838) + + * Add a Thread_Pool class. It is now possible to run the tests in multiple +threads with --test-threads=N flag to select the number of threads to use. +Use --test-threads=0 to run with as many CPU cores as are available on the +current system. The default remains single threaded. (GH #1819) + + * XMSS signatures now uses a global thread pool instead of spawning new +threads for each usage. This improves signature generation performance by +between 10% and 60% depending on architecture and core count. (GH #1864) + + * Some functions related to encoding and decoding BigInts have been +deprecated. (GH #1817) + + * Binary encoding and decoding of BigInts has been optimized by performing +word-size operations when possible. (GH #1817) + + * Rename the exception Integrity_Failure to Invalid_Authentication_Tag to +make its meaning and usage more clear. The old name remains as a typedef. +(GH #1816) + + * Support for using Boost filesystem and MSVC’s std::filesystem have been +removed, since already POSIX and Win32 versions had to be maintained for +portability. (GH #1814) + + * Newly generated McEliece and XMSS keys now default to being encrypted using +SIV mode, support for which was added in 2.8.0. Previously GCM was used by +default for these algorithms. + + * Use arc4random on Android systems (GH #1851) + + * Fix the encoding of PGP-S2K iteration counts (GH #1853 #1854) + + * Add a facility for sandboxing the command line util. Currently FreeBSD +(Capsicum) and OpenBSD (pledge) sandboxes are supported. (GH #1808) + + * Use if constexpr when available. + + * Disable building shared libs on iOS as it was broken and it is not clear +shared libraries are ever useful on iOS (GH #1865) + + * Renamed the darwin build target to macos. This should not cause any +user-visible change. (GH #1866) + + * Add support for using sccache to cache the Windows CI build (GH #1807) + + * Add --extra-cxxflags option which allows adding compilation flags without +overriding the default set. (GH #1826) + + * Add --format= option to the hash cli which allows formatting the output as +base64 or base58, default output remains hex. + + * Add base58_enc and base58_dec cli utils for base58 encoding/decoding. (GH #1848) + + * Enable getentropy by default on macOS (GH #1862) + + * Avoid using -momit-leaf-frame-pointer flags, since -fomit-frame-pointer is +already the default with recent versions of GCC. + + * Fix XLC sanitizer flags. + + * Rename Blake2b class to BLAKE2b to match the official name. There is a typedef for compat. + + * Fix a bug where loading a raw Ed25519_PublicKey of incorrect length would +lead to a crash. (GH #1850) + + * Fix a bug that caused compilation problems using CryptoNG PRNG. (GH #1832) + + * Extended SHAKE-128 cipher to support any key between 1 and 160 bytes, +instead of only multiples of 8 bytes. + + * Minor HMAC optimizations. + + * Build fixes for GNU/Hurd. + + * Fix a bug that prevented generating or verifying Ed25519 signatures in the +CLI (GH #1828 #1829) + + * Fix a compilation error when building the amalgamation outside of the +original source directory when AVX2 was enabled. (GH #1812) + + * Fix a crash whe
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2018-07-31 16:04:14 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Tue Jul 31 16:04:14 2018 rev:51 rq:626674 version:2.7.0 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2018-04-13 12:52:59.136562750 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2018-07-31 16:04:27.568062808 +0200 @@ -1,0 +2,102 @@ +Tue Jul 31 10:44:02 UTC 2018 - daniel.molken...@suse.com + +- Fix version in baselibs.conf + +--- +Tue Jul 10 09:27:35 UTC 2018 - daniel.molken...@suse.com + +- Update to Botan 2.7 + + * CVE-2018-12435 Avoid a side channel in ECDSA signature generation (GH +#1604) + + * Avoid a side channel in RSA key generation due to use of a non-constant +time gcd algorithm. (GH #1542 #1556) + + * Optimize prime generation, especially improving RSA key generation. (GH +#1542) + + * Make Karatsuba multiplication, Montgomery field operations, Barrett +reduction and Montgomery exponentiation const time (GH #1540 #1606 #1609 +#1610) + + * Optimizations for elliptic curve operations especially improving reductions +and inversions modulo NIST primes (GH #1534 #1538 #1545 #1546 #1547 #1550) + + * Add 24 word wide Comba multiplication, improving 3072-bit RSA and DH by +~25%. (GH #1564) + + * Unroll Montgomery reduction for specific sizes (GH #1603) + + * Improved performance of signature verification in ECGDSA, ECKCDSA, SM2 and +GOST by 10-15%. + + * XMSS optimizations (GH #1583 #1585) + + * Fix an error that meant XMSS would only sign half as many signatures as is +allowed (GH #1582) + + * Add support for base32 encoding/decoding (GH #1541) + + * Add BMI2 optimized version of SHA-256, 40% faster on Skylake (GH #1584) + + * Allow the year to be up to 2200 in ASN.1 time objects. Previously this was +limited to 2100. (GH #1536) + + * Add support for Scrypt password hashing (GH #1570) + + * Add support for using Scrypt for private key encryption (GH #1574) + + * Optimizations for DES/3DES, approx 50% faster when used in certain modes +such as CBC decrypt or CTR. + + * XMSS signature verification did not check that the signature was of the +expected length which could lead to a crash. (GH #1537) + + * The bcrypt variants 2b and 2y are now supported. + + * Support for 192-bit Suite B TLS profile is now implemented, as the 128-bit +Suite B is since 2015 not allowed anymore. + + * Previously botan allowed GCM to be used with an empty nonce, which is not +allowed by the specification. Now such nonces are rejected. + + * Avoid problems on Windows when compiling in Unicode mode (GH #1615 #1616) + + * Previously for ASN.1 encoded signatures (eg ECDSA) Botan would accept any +valid BER encoding. Now only the single valid DER encoding is accepted. + + * Correct an error that could in rare cases cause an internal error exception +when doing computations with the P-224 curve. + + * Optimizations to reduce allocations/copies during DER encoding and BER +decoding (GH #1571 #1572 #1600) + + * Botan generates X.509 subject key IDs by hashing the public key with +whatever hash function is being used to sign the certificate. However +especially for SHA-512 this caused SKIDs that were far longer than +necessary. Now all SKIDs are truncated to 192 bits. + + * In the test suite use mkstemp to create temporary files instead of creating +them in the current working directory. (GH #1533 #1530) + + * It is now possible to safely override CXX when invoking make in addition to +when configure.py is run. (GH #1579) + + * OIDs for Camellia and SM4 in CBC and GCM mode are now defined, making it +possible to use this algorithms for private key encryption. + + * Avoid creating symlinks to the shared object on OpenBSD (#1535) + + * The factor command runs much faster on larger inputs now. + + * Support for Windows Phone/UWP was deprecated starting in 2.5. This +deprecation has been reversed as it seems UWP is still actively used. (GH +#1586 #1587) + + * Support for Visual C++ 2013 is deprecated, and will be removed in Jan 2019. + + * Added support for GCC’s –sysroot option to configure.py for +cross-compiling. + +--- Old: Botan-2.6.0.tgz Botan-2.6.0.tgz.asc New: Botan-2.7.0.tgz Botan-2.7.0.tgz.asc Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.jKArC2/_old 2018-07-31 16:04:28.600064568 +0200 +++ /var/tmp/di
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2018-04-13 12:52:18 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Fri Apr 13 12:52:18 2018 rev:50 rq:596223 version:2.6.0 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2018-04-11 14:05:33.755052793 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2018-04-13 12:52:59.136562750 +0200 @@ -1,0 +2,5 @@ +Thu Apr 12 16:06:00 UTC 2018 - kasim...@outlook.de + +- fixed to build on armv6 and armv7 + +--- Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.qb2ojM/_old 2018-04-13 12:53:00.004531303 +0200 +++ /var/tmp/diff_new_pack.qb2ojM/_new 2018-04-13 12:53:00.008531158 +0200 @@ -102,8 +102,12 @@ %ifarch %ix86 --cpu=x86_32 %else +%ifarch %{arm} + --cpu=arm +%else --cpu=%{_target_cpu} %endif +%endif make %{?_smp_mflags} WARN_FLAGS="%{optflags}"
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2018-04-11 14:03:56 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Wed Apr 11 14:03:56 2018 rev:49 rq:595522 version:2.6.0 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2018-04-06 17:47:41.975494258 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2018-04-11 14:05:33.755052793 +0200 @@ -1,0 +2,26 @@ +Tue Apr 10 15:07:00 UTC 2018 - daniel.molken...@suse.com + +- Update to Botan 2.6 + + * CVE-2018-9860 Fix a bug decrypting TLS CBC ciphertexts which could for a +malformed ciphertext cause the decryptor to read and HMAC an additional 64K +bytes of data which is not part of the record. This could cause a crash if +the read went into unmapped memory. No information leak or out of bounds +write occurs. + + * Add support for OAEP labels (GH #1508) + + * RSA signing is about 15% faster (GH #1523) and RSA verification is about 50% faster. + + * Add exponent blinding to RSA (GH #1523) + + * Add Cipher_Mode::create and AEAD_Mode::create (GH #1527) + + * Fix bug in TLS server introduced in 2.5 which caused connection to fail if +the client offered any signature algorithm not known to the server (for +example RSA/SHA-224). + + * Fix a bug in inline asm that would with GCC 7.3 cause incorrect +computations and an infinite loop during the tests. (GH #1524 #1529) + +--- Old: Botan-2.5.0.tgz Botan-2.5.0.tgz.asc New: Botan-2.6.0.tgz Botan-2.6.0.tgz.asc Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.2yCyeg/_old 2018-04-11 14:05:34.787015259 +0200 +++ /var/tmp/diff_new_pack.2yCyeg/_new 2018-04-11 14:05:34.787015259 +0200 @@ -19,7 +19,7 @@ %define version_suffix 2-5 %define short_version 2 Name: Botan -Version:2.5.0 +Version:2.6.0 Release:0 Summary:A C++ Crypto Library License:BSD-2-Clause ++ Botan-2.5.0.tgz -> Botan-2.6.0.tgz ++ /work/SRC/openSUSE:Factory/Botan/Botan-2.5.0.tgz /work/SRC/openSUSE:Factory/.Botan.new/Botan-2.6.0.tgz differ: char 5, line 1
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2018-04-06 17:47:28 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Fri Apr 6 17:47:28 2018 rev:48 rq:593756 version:2.5.0 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2018-02-26 23:25:46.504989509 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2018-04-06 17:47:41.975494258 +0200 @@ -1,0 +2,116 @@ +Tue Apr 3 08:06:46 UTC 2018 - daniel.molken...@suse.com + +- Update to Botan 2.5 + + * Fix error in certificate wildcard matching (CVE-2018-9127), where a +wildcard cert for b*.example.com would be accepted as a match for any host +with name *b*.example.com (GH #1519) + + * Add support for RSA-PSS signatures in TLS (GH #1285) + + * Ed25519 certificates are now supported (GH #1501) + + * Many optimizations in ECC operations. ECDSA signatures are 8-10 times +faster. ECDSA verification is about twice as fast. ECDH key agreement is +3-4 times faster. (GH #1457 #1478) + + * Implement product scanning Montgomery reduction, which improves +Diffie-Hellman and RSA performance by 10 to 20% on most platforms. (GH +#1472) + + * DSA signing and verification performance has improved by 30-50%. + + * Add a new Credentials_Manager callback that specifies which CAs the server +has indicated it trusts (GH #1395 fixing #1261) + + * Add new TLS::Callbacks methods that allow creating or removing extensions, +as well as examining extensions sent by the peer (GH #1394 #1186) + + * Add new TLS::Callbacks methods that allow an application to negotiate use +of custom elliptic curves. (GH #1448) + + * Add ability to create custom elliptic curves (GH #1441 #1444) + + * Add support for POWER8 AES instructions (GH #1459 #1393 #1206) + + * Fix DSA/ECDSA handling of hashes longer than the group order (GH #1502 +#986) + + * The default encoding of ECC public keys has changed from compressed to +uncompressed point representation. This improves compatability with some +common software packages including Golang’s standard library. (GH #1480 +#1483) + + * It is now possible to create DNs with custom components. (GH #1490 #1492) + + * It is now possible to specify the serial number of created certificates, +instead of using the default 128-bit random integer. (GH #1489 #1491) + + * Change DL_Group and EC_Group to store their data as shared_ptr for fast +copying. Also both classes precompute additional useful values (eg for +modular reductions). (GH #1435 #1454) + + * Make it possible for PKCS10 requests to include custom extensions. This +also makes it possible to use muliple SubjectAlternativeNames of a single +type in a request, which was previously not possible. (GH #1429 #1428) + + * Add new optimized interface for FE1 format preserving encryption. By +caching a number of values computed in the course of the FPE calculation, +it provides a 6-7x speedup versus the old API. (GH #1469) + + * Add DSA and ElGamal keygen functions to FFI (#1426) + + * Add Pipe::prepend_filter to replace Pipe::prepend (GH #1402) + + * Fix a memory leak in the OpenSSL block cipher integration, introduced in + * 2.2.0 + + * Use an improved algorithm for generating safe primes which is several tens +of times faster. Also, fix a bug in the prime sieving algorithm which +caused standard prime generation (like for RSA keys) to be slower than +necessary. (GH #1413 #1411) + + * Correct the return value of PK_Encryptor::maximum_input_size which reported +a much too small value (GH #1410) + + * Remove use of CPU specific optimization flags, instead the user should set +these via CXXFLAGS if desired. (GH #1392) + + * Resolve an issue that would cause a crash in the tests if they were run on +a machine without SSE2/NEON/VMX instructions. (GH #1495) + + * The Python module now tries to load DLLs from a list of names and uses the +first one which successfully loads and indicates it supports the desired +API level. (GH #1497) + + * Various minor optimizations for SHA-3 (GH #1433 #1434) + + * The output of botan --help has been improved (GH #1387) + + * Add --der-format flag to command line utils, making it possible verify +DSA/ECDSA signatures generated by OpenSSL command line (GH #1409) + + * Add support for --library-suffix option to configure.py (GH #1405 #1404) + + * Use feature flags to enable/disable system specific code (GH #1378) + + * Add --msvc-runtime option to allow using static runtime (GH #1499 #210) + + * Add –enable-sanitizers= option to allow specifying which sanitizers to +enable. The existing --with-sanitizers option just enables some default set
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2018-02-26 23:25:46 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Mon Feb 26 23:25:46 2018 rev:47 rq:580043 version:2.4.0 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2018-02-24 16:38:42.682892241 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2018-02-26 23:25:46.504989509 +0100 @@ -5,0 +6 @@ + and make documentation package noarch Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.ndRNDi/_old 2018-02-26 23:25:47.588950525 +0100 +++ /var/tmp/diff_new_pack.ndRNDi/_new 2018-02-26 23:25:47.596950238 +0100 @@ -80,6 +80,7 @@ %define botan_docdir %{_docdir}/botan-%{version} Summary:Documentation of Botan Group: Development/Libraries/C and C++ +BuildArch: noarch %description doc Documentation of Botan package.
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2018-02-24 16:38:39 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Sat Feb 24 16:38:39 2018 rev:46 rq:578047 version:2.4.0 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2017-11-04 10:24:50.008613873 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2018-02-24 16:38:42.682892241 +0100 @@ -1,0 +2,305 @@ +Fri Feb 16 16:07:40 UTC 2018 - sleep_wal...@opensuse.org + +- drop explicit package requirements +- split binary package and documentation from dynamic library package +- merge back Botan2 package to Botan with changelog history +- drop Botan patches +aarch64-support.patch - doesn't seem to be required anymore +Botan-fix_install_paths.patch - doesn't seem to be required +no-cpuid-header.patch - SLE11 not target anymore +Botan-fix_pkgconfig.patch - this seem to be wrong +Botan-no-buildtime.patch - not needed anymore +dont-set-mach-value.diff - doesn't apply, unclear and undocumented why it is there +Botan-inttypes.patch - not required +Botan-ull_constants.patch.bz2 - no reason anymore + +--- +Wed Feb 14 10:29:44 UTC 2018 - sleep_wal...@opensuse.org + +- change group of libbotan-%{version_suffix} to 'System/Libraries' as + requested on review + +--- +Mon Feb 12 07:45:50 UTC 2018 - adam.ma...@suse.de + +- Don't drop -fstack-clash-protection for openSUSE 42.3 - we just + need the Update repository present. + +--- +Mon Feb 12 06:38:47 UTC 2018 - adam.ma...@suse.de + +- Rename libbotan-devel to libbotan2-devel. We can't have clashing + packages in the archive because Botan1 and Botan2 provide the + same -devel binary. Botan2 is also no API compatible with Botan. + +--- +Sun Feb 11 10:33:35 UTC 2018 - sleep_wal...@opensuse.org + +- fix expected version after bump in baselibs.conf too + +--- +Thu Feb 8 14:11:08 UTC 2018 - sleep_wal...@opensuse.org + +- fix unknown flag -fstack-clash-protection for openSUSE 42.3 +- rename to Botan2 +- drop Botan2-INT_MAX.patch as not needed anymore +- Bump to libbotan 2.4 + + Changes and new features: + + * Several build improvements requested by downstream packagers, +including the ability to disable building the static library. All +makefile constructs that were specific to nmake or GNU make have +been eliminated, thus the option ``--makefile-style`` which was +previously used to select the makefile type has also been +removed. (GH #1230 #1237 #1300 #1318 #1319 #1324 #1325 #1346) + + * Support for negotiating the DH group as specified in RFC 7919 is +now available in TLS (GH #1263) + + * Support for ARIA-GCM ciphersuites are now available in TLS. They +are disabled by default. (GH #1284) + + * Add support for generating and verifying X.509 objects +(certificates, CRLs, etc) using RSA-PSS signatures (GH #1270 and +#1368) + + * Add support for AES key wrapping with padding, as specified in RFC +5649 and NIST SP 800-38F (GH #1301) + + * OCSP requests made during certificate verification had the +potential to hang forever. Now the sockets are non-blocking and a +timeout is enforced. (GH #1360 fixing GH #1326) + + * Add ``Public_Key::fingerprint_public`` which allows fingerprinting +the public key. +The previously available ``Private_Key::fingerprint`` is +deprecated, now ``Private_Key::fingerprint_private`` should be +used if this is required. (GH #1357) + + * ECC certificates generated by Botan used an invalid encoding for +the parameters field, which was rejected by some certificate +validation libraries notably BouncyCastle. (GH #1367) + + * Loading an ECC key which used OID encoding for the domain +parameters, then saving it, would result in a key using the +explicit parameters encoding. Now the OID encoding is +retained. (GH #1365) + + * Correct various problems in certificate path validation that arose +when multiple paths could be constructed leading to a trusted root +but due to other constraints only some of them validated. (GH +#1363) + + * It is now possible for certificate validation to return warning +indicators, such as that the distinguished name is not within +allowed limits or that a certificate with a negative serial number +was observed. (GH #1363 #1359) + + * XMSS signatures now are multi-threaded for improved performance +(GH #
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2017-11-04 10:24:11 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Sat Nov 4 10:24:11 2017 rev:45 rq:538113 version:1.10.17 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2017-10-10 11:34:08.922745547 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2017-11-04 10:24:50.008613873 +0100 @@ -1,0 +2,5 @@ +Wed Nov 1 14:26:47 UTC 2017 - mimi...@gmail.com + +- configure Botan explicitly with python3 + +--- Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.COn470/_old 2017-11-04 10:24:50.620591604 +0100 +++ /var/tmp/diff_new_pack.COn470/_new 2017-11-04 10:24:50.624591458 +0100 @@ -48,7 +48,7 @@ BuildRequires: libopenssl-1_0_0-devel %endif BuildRequires: pkg-config -BuildRequires: python +BuildRequires: python3 BuildRequires: zlib-devel Requires: bzip2 >= 1.0.2 Requires: gmp >= 4.1 @@ -101,7 +101,7 @@ %build export RPM_OPT_FLAGS -./configure.py \ +python3 ./configure.py \ --prefix=%{_prefix} \ --libdir=%{_libdir} \ --docdir=%{_defaultdocdir} \
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2017-10-10 11:34:03 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Tue Oct 10 11:34:03 2017 rev:44 rq:531210 version:1.10.17 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2017-10-02 16:50:55.234040214 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2017-10-10 11:34:08.922745547 +0200 @@ -1,0 +2,38 @@ +Wed Oct 4 07:49:54 UTC 2017 - daniel.molken...@suse.com + +- Update to 1.10.17 + - Address a side channel affecting modular exponentiation. An attacker +capable of a local or cross-VM cache analysis attack may be able to recover +bits of secret exponents as used in RSA, DH, etc. CVE-2017-14737 Workaround +a miscompilation bug in GCC 7 on x86-32 affecting GOST-34.11 hash function. +(GH #1192 #1148 #882, bsc#1060433) + - Add SecureVector::data() function which returns the start of the buffer. +This makes it slightly simpler to support both 1.10 and 2.x APIs in the +same codebase. When compiled by a C++11 (or later) compiler, a template +typedef of SecureVector, secure_vector, is added. In 2.x this class is a +std::vector with a custom allocator, so has a somewhat different interface +than SecureVector in 1.10. But this makes it slightly simpler to support +both 1.10 and 2.x APIs in the same codebase. + - Fix a bug that prevented configure.py from running under Python3 + - Botan 1.10.x does not support the OpenSSL 1.1 API. Now the build will +#error if OpenSSL 1.1 is detected. Avoid –with-openssl if compiling against +1.1 or later. (GH #753) + - Import patches from Debian adding basic support for +building on aarch64, ppc64le, or1k, and mipsn32 platforms. + + * obsoletes CVE-2017-14737.patch + + * refreshes aarch64-support.patch + + * drop ppc64le-support.patch for upstream version +(disables altivec support as per concerns by upstream) + +--- +Tue Sep 26 13:03:46 UTC 2017 - daniel.molken...@suse.com + +- Fix for CVE-2017-14737: A cryptographic cache-based side channel in the RSA + implementation allows local attacker to recover information about RSA secret + keys. + * add CVE-2017-14737.patch + +--- Old: Botan-1.10.16.tgz Botan-1.10.16.tgz.asc ppc64le-support.patch New: Botan-1.10.17.tgz Botan-1.10.17.tgz.asc Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.lmG2IK/_old 2017-10-10 11:34:12.050608270 +0200 +++ /var/tmp/diff_new_pack.lmG2IK/_new 2017-10-10 11:34:12.054608094 +0200 @@ -19,7 +19,7 @@ %define version_suffix 1_10-1 %define short_version 1.10 Name: Botan -Version:1.10.16 +Version:1.10.17 Release:0 Summary:A C++ Crypto Library License:BSD-2-Clause @@ -36,7 +36,6 @@ Patch6: Botan-fix_pkgconfig.patch Patch7: dont-set-mach-value.diff Patch8: aarch64-support.patch -Patch9: ppc64le-support.patch Patch10:no-cpuid-header.patch BuildRequires: bzip2 >= 1.0.2 BuildRequires: gcc-c++ @@ -94,8 +93,7 @@ %patch4 %patch6 %patch7 -p1 -%patch8 -%patch9 +%patch8 -p1 %if 0%{?suse_version} == 1110 %patch10 -p1 %endif ++ Botan-1.10.16.tgz -> Botan-1.10.17.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.16/botan_version.py new/Botan-1.10.17/botan_version.py --- old/Botan-1.10.16/botan_version.py 2017-04-05 03:07:02.0 +0200 +++ new/Botan-1.10.17/botan_version.py 2017-10-02 08:00:00.0 +0200 @@ -1,11 +1,11 @@ release_major = 1 release_minor = 10 -release_patch = 16 +release_patch = 17 release_so_abi_rev = 1 # These are set by the distribution script -release_vc_rev = 'git:3756c97d295d06ac19cec6736e05003afb10623e' -release_datestamp = 20170404 -release_type = 'released' +release_vc_rev = 'git:f7fe6beb5b3b6f944aa7bac491a3455e48ef6ebb' +release_datestamp = 20171002 +release_type = 'release' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.16/configure.py new/Botan-1.10.17/configure.py --- old/Botan-1.10.16/configure.py 2017-04-05 03:06:45.0 +0200 +++ new/Botan-1.10.17/configure.py 2017-10-02 08:00:00.0 +0200 @@ -59,9 +59,6 @@ logging.debug('Monotone reported revision %s' % (rev)) return 'mtn:' + rev -except OSError as e: -logging.debug('Error getting rev from monotone - %s' % (e[1])) -return 'unknown' ex
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2017-10-02 16:50:33 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Mon Oct 2 16:50:33 2017 rev:43 rq:528603 version:1.10.16 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2017-04-20 20:48:02.036703730 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2017-10-02 16:50:55.234040214 +0200 @@ -1,0 +2,7 @@ +Thu Sep 21 09:48:17 UTC 2017 - vci...@suse.com + +- Explicitly require libopenssl-1_0_0-devel (bsc#1055322) + * Botan 1.x won't support OpenSSL 1.1 + (https://github.com/randombit/botan/issues/753) + +--- Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.69Hpul/_old 2017-10-02 16:50:56.373880236 +0200 +++ /var/tmp/diff_new_pack.69Hpul/_new 2017-10-02 16:50:56.377879675 +0200 @@ -42,7 +42,12 @@ BuildRequires: gcc-c++ BuildRequires: gmp-devel >= 4.1 BuildRequires: libbz2-devel +# Botan 1.x doesn't build with OpenSSL 1.1, so explicitly require OpenSSL 1.0.x +%if %{suse_version} < 1330 BuildRequires: openssl-devel +%else +BuildRequires: libopenssl-1_0_0-devel +%endif BuildRequires: pkg-config BuildRequires: python BuildRequires: zlib-devel
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2017-04-20 20:47:59 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Thu Apr 20 20:47:59 2017 rev:42 rq:487837 version:1.10.16 Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2017-01-15 11:09:50.528396097 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2017-04-20 20:48:02.036703730 +0200 @@ -1,0 +2,25 @@ +Wed Apr 12 14:52:45 UTC 2017 - daniel.molken...@suse.com + +- Add patch to build SLES11 (allows for simplified backporting, e.g. bsc#968030) + * add no-cpuid-header.patch +- Clean up spec file + +--- +Tue Apr 11 11:57:53 UTC 2017 - daniel.molken...@suse.com + +- Update to 1.10.16 (Fixes CVE-2017-2801, bsc#1033605) +* Fix a bug in X509 DN string comparisons that could result in out of bound + reads. This could result in information leakage, denial of service, or + potentially incorrect certificate validation results. (CVE-2017-2801) +* Avoid use of C++11 std::to_string in some code added in 1.10.14 (GH #747 #834) +- Changes from 1.10.15: +* Change an unintended behavior of 2.0.0, which named the include directory + botan-2.0. Since future release of Botan-2 should be compatible with code + written against old versions, there does not seem to be any reason to +* version the include directory with the minor number. (GH #830 #833) +* Fix a bug which caused an error when building on Cygwin or other platforms + where shared libraries are not supported. (GH #821) +* Enable use of readdir on Cygwin, which allows the tests to run (GH #824) +* Switch to readthedocs Sphinx theme by default (GH #822 #823) + +--- Old: Botan-1.10.14.tgz Botan-1.10.14.tgz.asc New: Botan-1.10.16.tgz Botan-1.10.16.tgz.asc no-cpuid-header.patch Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.5yU05v/_old 2017-04-20 20:48:03.080556138 +0200 +++ /var/tmp/diff_new_pack.5yU05v/_new 2017-04-20 20:48:03.080556138 +0200 @@ -1,7 +1,7 @@ # # spec file for package Botan # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %define version_suffix 1_10-1 %define short_version 1.10 Name: Botan -Version:1.10.14 +Version:1.10.16 Release:0 Summary:A C++ Crypto Library License:BSD-2-Clause @@ -37,9 +37,9 @@ Patch7: dont-set-mach-value.diff Patch8: aarch64-support.patch Patch9: ppc64le-support.patch +Patch10:no-cpuid-header.patch BuildRequires: bzip2 >= 1.0.2 BuildRequires: gcc-c++ -BuildRequires: gmp-devel BuildRequires: gmp-devel >= 4.1 BuildRequires: libbz2-devel BuildRequires: openssl-devel @@ -71,7 +71,7 @@ %define botan_docdir %{_docdir}/%{name}-%{version} Summary:Development files for Botan Group: Development/Libraries/C and C++ -Requires: gmp-devel +Requires: gmp-devel >= 4.1 Requires: libbotan-%{version_suffix} = %{version} Requires: libbz2-devel Provides: Botan-devel = %{version} @@ -91,6 +91,9 @@ %patch7 -p1 %patch8 %patch9 +%if 0%{?suse_version} == 1110 +%patch10 -p1 +%endif %build export RPM_OPT_FLAGS ++ Botan-1.10.14.tgz -> Botan-1.10.16.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.14/botan_version.py new/Botan-1.10.16/botan_version.py --- old/Botan-1.10.14/botan_version.py 2016-11-28 11:53:22.0 +0100 +++ new/Botan-1.10.16/botan_version.py 2017-04-05 03:07:02.0 +0200 @@ -1,11 +1,11 @@ release_major = 1 release_minor = 10 -release_patch = 14 +release_patch = 16 release_so_abi_rev = 1 # These are set by the distribution script -release_vc_rev = 'git:c0d847b20cbc1b7d8b29705072e1f9c4715d48ae' -release_datestamp = 20161128 +release_vc_rev = 'git:3756c97d295d06ac19cec6736e05003afb10623e' +release_datestamp = 20170404 release_type = 'released' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.14/doc/log.txt new/Botan-1.10.16/doc/log.txt --- old/Botan-1.10.14/doc/log.txt 2016-11-28 11:52:20.0 +0100 +++ new/Botan-1.10.16/doc/log.txt 2017-04-05 03:06:45.0 +0200 @@ -7,6 +7,25 @@ Series 1.10 --
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2016-11-16 13:46:17 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2016-05-19 12:04:19.0 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2016-11-16 13:46:17.0 +0100 @@ -1,0 +2,8 @@ +Sun Nov 13 01:32:18 UTC 2016 - netsr...@opensuse.org + +- Update to 1.10.13 + * Use constant time modular inverse algorithm to avoid possible side channel attack against ECDSA (CVE-2016-2849) + * Use constant time PKCS #1 unpadding to avoid possible side channel attack against RSA decryption (CVE-2015-7827) + * Avoid a compilation problem in OpenSSL engine when ECDSA was disabled. Gentoo bug 542010 + +--- Old: Botan-1.10.12.tgz Botan-1.10.12.tgz.asc New: Botan-1.10.13.tgz Botan-1.10.13.tgz.asc Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.xBzXLH/_old 2016-11-16 13:46:19.0 +0100 +++ /var/tmp/diff_new_pack.xBzXLH/_new 2016-11-16 13:46:19.0 +0100 @@ -19,7 +19,7 @@ %define version_suffix 1_10-1 %define short_version 1.10 Name: Botan -Version:1.10.12 +Version:1.10.13 Release:0 Summary:A C++ Crypto Library License:BSD-2-Clause ++ Botan-1.10.12.tgz -> Botan-1.10.13.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.12/botan_version.py new/Botan-1.10.13/botan_version.py --- old/Botan-1.10.12/botan_version.py 2016-02-03 09:05:05.0 +0100 +++ new/Botan-1.10.13/botan_version.py 2016-04-28 16:20:15.0 +0200 @@ -1,11 +1,11 @@ release_major = 1 release_minor = 10 -release_patch = 12 +release_patch = 13 release_so_abi_rev = 1 # These are set by the distribution script -release_vc_rev = 'git:94a3fa8ae0dc4df67f6e9ba780427e651baa9dfd' -release_datestamp = 20160203 +release_vc_rev = 'git:a4b5f14b6ceac859eec9a0e5825f89ee45eec11c' +release_datestamp = 20160428 release_type = 'released' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.12/doc/log.txt new/Botan-1.10.13/doc/log.txt --- old/Botan-1.10.12/doc/log.txt 2016-02-03 08:57:06.0 +0100 +++ new/Botan-1.10.13/doc/log.txt 2016-04-28 15:27:08.0 +0200 @@ -7,6 +7,18 @@ Series 1.10 +Version 1.10.13, 2016-04-23 + + +* Use constant time modular inverse algorithm to avoid possible + side channel attack against ECDSA (CVE-2016-2849) + +* Use constant time PKCS #1 unpadding to avoid possible side channel + attack against RSA decryption (CVE-2015-7827) + +* Avoid a compilation problem in OpenSSL engine when ECDSA was + disabled. Gentoo bug 542010 + Version 1.10.12, 2016-02-03 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.12/src/engine/openssl/ossl_pk.cpp new/Botan-1.10.13/src/engine/openssl/ossl_pk.cpp --- old/Botan-1.10.12/src/engine/openssl/ossl_pk.cpp2016-02-03 08:57:06.0 +0100 +++ new/Botan-1.10.13/src/engine/openssl/ossl_pk.cpp2016-04-28 15:27:08.0 +0200 @@ -12,17 +12,23 @@ #include #endif +#if defined(BOTAN_HAS_DIFFIE_HELLMAN) + #include +#endif + #if defined(BOTAN_HAS_DSA) #include #endif #if defined(BOTAN_HAS_ECDSA) #include + + #include + +#if !defined(OPENSSL_NO_ECDSA) #include #endif -#if defined(BOTAN_HAS_DIFFIE_HELLMAN) - #include #endif namespace Botan { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.12/src/math/mp/mp_asm.cpp new/Botan-1.10.13/src/math/mp/mp_asm.cpp --- old/Botan-1.10.12/src/math/mp/mp_asm.cpp2016-02-03 08:57:06.0 +0100 +++ new/Botan-1.10.13/src/math/mp/mp_asm.cpp2016-04-28 15:27:08.0 +0200 @@ -9,6 +9,7 @@ #include #include #include +#include #include #include @@ -17,6 +18,76 @@ extern "C" { /* +* If cond == 0, does nothing. +* If cond > 0, swaps x[0:size] with y[0:size] +* Runs in constant time +*/ +void bigint_cnd_swap(word cnd, word x[], word y[], size_t size) + { + const word mask = CT::expand_mask(cnd); + + for(size_t i = 0; i != size; ++i) + { + word a = x[i]; + word b = y[i]; + x[i] = CT::select(mask, b, a); + y[i] = CT::select(mask, a, b); + } + } + +/* +* If cond > 0 adds x[0:size] to y[0:size] and r
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2016-05-19 12:04:18 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2016-02-11 12:32:25.0 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2016-05-19 12:04:19.0 +0200 @@ -1,0 +2,6 @@ +Fri May 13 07:31:21 UTC 2016 - fa...@kde.org + +- Remove Qt5 dependency, since nothing is using it anymore. +- Fix double-prefix in botan-config and pkgconfig file. + +--- Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.nTDPWr/_old 2016-05-19 12:04:20.0 +0200 +++ /var/tmp/diff_new_pack.nTDPWr/_new 2016-05-19 12:04:20.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package Botan # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -42,7 +42,6 @@ BuildRequires: gmp-devel BuildRequires: gmp-devel >= 4.1 BuildRequires: libbz2-devel -BuildRequires: libqt5-qtbase-devel BuildRequires: openssl-devel BuildRequires: pkg-config BuildRequires: python @@ -96,7 +95,6 @@ %build export RPM_OPT_FLAGS -%define common_config_flags --libdir=%{_lib} --with-bzip2 --with-zlib --with-gnump --with-openssl ./configure.py \ --prefix=%{_prefix} \ --libdir=%{_libdir} \ @@ -106,10 +104,9 @@ --with-zlib \ --with-gnump \ --with-openssl \ - --enable-modules=qt_mutex \ --with-tr1-implementation=system \ --cpu=%{_target_cpu} -make %{?_smp_mflags} WARN_FLAGS="%{optflags} -I/usr/include/Qt" +make %{?_smp_mflags} WARN_FLAGS="%{optflags}" %install make DESTDIR=%{buildroot} install %{?_smp_mflags} ++ Botan-fix_install_paths.patch ++ --- /var/tmp/diff_new_pack.nTDPWr/_old 2016-05-19 12:04:20.0 +0200 +++ /var/tmp/diff_new_pack.nTDPWr/_new 2016-05-19 12:04:20.0 +0200 @@ -42,3 +42,20 @@ PKGCONF_DIR = $(LIBDIR)/pkgconfig CONFIG_SCRIPT = %{botan_config} +--- src/build-data/botan-config.in.orig2016-05-13 00:45:07.618245779 +0200 src/build-data/botan-config.in 2016-05-13 00:45:38.386439746 +0200 +@@ -32,12 +32,12 @@ while test $# -gt 0; do + exit 0 + ;; + --cflags) +-echo -I$prefix/$includedir ++echo -I$includedir + ;; + --libs) + if [ $prefix != "/usr" ] + then +- echo -L$prefix/$libdir -lbotan-%{version_major}.%{version_minor} %{link_to} ++ echo -L$libdir -lbotan-%{version_major}.%{version_minor} %{link_to} + else +echo -lbotan-%{version_major}.%{version_minor} %{link_to} + fi ++ Botan-fix_pkgconfig.patch ++ --- /var/tmp/diff_new_pack.nTDPWr/_old 2016-05-19 12:04:20.0 +0200 +++ /var/tmp/diff_new_pack.nTDPWr/_new 2016-05-19 12:04:20.0 +0200 @@ -1,12 +1,10 @@ -Index: src/build-data/botan.pc.in -=== src/build-data/botan.pc.in.orig2011-06-20 15:52:09.0 +0200 -+++ src/build-data/botan.pc.in 2011-06-21 18:17:45.434985232 +0200 +--- src/build-data/botan.pc.in.orig2016-05-13 00:48:09.219402555 +0200 src/build-data/botan.pc.in 2016-05-13 00:48:57.479714720 +0200 @@ -1,6 +1,6 @@ prefix=%{prefix} exec_prefix=${prefix} -libdir=${prefix}/%{libdir} -+libdir=${prefix}%{libdir} ++libdir=%{libdir} includedir=${prefix}/include/botan-%{version_major}.%{version_minor} Name: Botan
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2016-02-11 12:32:24 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2015-12-27 01:58:47.0 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2016-02-11 12:32:25.0 +0100 @@ -1,0 +2,20 @@ +Wed Feb 3 10:52:19 UTC 2016 - mich...@stroeder.com + +- Update to 1.10.12 + +- Version 1.10.12, 2016-02-03 + * In 1.10.11, the check in PointGFp intended to check the affine y +argument actually checked the affine x again. Reported by Remi Gacogne + * The CVE-2016-2195 overflow is not exploitable in 1.10.11 due to an +additional check in the multiplication function itself which was also +added in that release, so there are no security implications from the +missed check. However to avoid confusion the change was pushed in a new +release immediately. + * The 1.10.11 release notes incorrectly identified CVE-2016-2195 as +CVE-2016-2915 +- Version 1.10.11, 2016-02-01 + * Resolve heap overflow in ECC point decoding. CVE-2016-2195 +Resolve infinite loop in modular square root algorithm. CVE-2016-2194 +Correct BigInt::to_u32bit to not fail on integers of exactly 32 bits. GH #239 + +--- Old: Botan-1.10.10.tgz Botan-1.10.10.tgz.asc New: Botan-1.10.12.tgz Botan-1.10.12.tgz.asc Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.9gjhMo/_old 2016-02-11 12:32:26.0 +0100 +++ /var/tmp/diff_new_pack.9gjhMo/_new 2016-02-11 12:32:26.0 +0100 @@ -19,7 +19,7 @@ %define version_suffix 1_10-1 %define short_version 1.10 Name: Botan -Version:1.10.10 +Version:1.10.12 Release:0 Summary:A C++ Crypto Library License:BSD-2-Clause ++ Botan-1.10.10.tgz -> Botan-1.10.12.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.10/botan_version.py new/Botan-1.10.12/botan_version.py --- old/Botan-1.10.10/botan_version.py 2015-08-03 06:37:55.0 +0200 +++ new/Botan-1.10.12/botan_version.py 2016-02-03 09:05:05.0 +0100 @@ -1,11 +1,11 @@ release_major = 1 release_minor = 10 -release_patch = 10 +release_patch = 12 release_so_abi_rev = 1 # These are set by the distribution script -release_vc_rev = 'git:077c55bac2503fa3c9f8f8b13204f41af1b5c6e6' -release_datestamp = 20150803 +release_vc_rev = 'git:94a3fa8ae0dc4df67f6e9ba780427e651baa9dfd' +release_datestamp = 20160203 release_type = 'released' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.10/checks/ec_tests.cpp new/Botan-1.10.12/checks/ec_tests.cpp --- old/Botan-1.10.10/checks/ec_tests.cpp 2015-08-03 06:36:03.0 +0200 +++ new/Botan-1.10.12/checks/ec_tests.cpp 2016-02-03 08:57:06.0 +0100 @@ -784,6 +784,49 @@ CurveGFp curve(dom_pars.get_curve()); } +size_t test_cve_2016_2195() + { + EC_Group dom_pars("secp256r1"); + CurveGFp curve(dom_pars.get_curve()); + + size_t fail = 0; + + const BigInt p = curve.get_p(); + + try { + PointGFp point(curve, p, p - 1); + std::cout << "Accepted PointGFp x == p\n"; + ++fail; + } + catch(...) {} + + try { + PointGFp point(curve, p + 1, p - 1); + std::cout << "Accepted PointGFp x > p\n"; + ++fail; + } + catch(...) {} + + try { + PointGFp point(curve, p - 1, p); + std::cout << "Accepted PointGFp y == p\n"; + ++fail; + } + catch(...) {} + + try { + PointGFp point(curve, p - 1, p + 1); + std::cout << "Accepted PointGFp y > p\n"; + ++fail; + } + catch(...) {} + + // this is allowed (though not on the curve) + PointGFp point(curve, p - 1, p - 1); + + return fail; + } + } void do_ec_tests(RandomNumberGenerator& rng) @@ -814,6 +857,7 @@ test_point_swap(rng); test_mult_sec_mass(rng); test_curve_cp_ctor(); + test_cve_2016_2195(); std::cout << std::endl; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-1.10.10/doc/log.txt new/Botan-1.10.12/doc/log.txt --- old/Botan-1.10.10/doc/log.txt 2015-08-03 06:36:03.0 +0200 +++ new/Botan-1.10.12/doc/log.txt 2016-02-03 08:57:06.0 +0100 @@ -7,6 +7,31 @@ Series 1.10 +Version 1.10.12, 2016-02-03 + + +* In 1.10.11, the check in PointGFp intended to check the affine y +
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2015-12-27 01:58:45 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2015-08-15 11:38:56.0 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2015-12-27 01:58:47.0 +0100 @@ -1,0 +2,6 @@ +Thu Dec 24 10:48:11 UTC 2015 - mplus...@suse.com + +- Add gpg signature +- Cleanup spec file with spec-cleaner + +--- New: Botan-1.10.10.tgz.asc Botan.keyring Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.00xkMA/_old 2015-12-27 01:58:49.0 +0100 +++ /var/tmp/diff_new_pack.00xkMA/_new 2015-12-27 01:58:49.0 +0100 @@ -18,16 +18,17 @@ %define version_suffix 1_10-1 %define short_version 1.10 - Name: Botan Version:1.10.10 Release:0 -Url:http://botan.randombit.net Summary:A C++ Crypto Library License:BSD-2-Clause Group: Development/Libraries/C and C++ +Url:http://botan.randombit.net Source0:http://botan.randombit.net/releases/%{name}-%{version}.tgz -Source2:baselibs.conf +Source1:http://botan.randombit.net/releases/%{name}-%{version}.tgz.asc +Source2:%{name}.keyring +Source3:baselibs.conf Patch0: Botan-inttypes.patch Patch1: Botan-ull_constants.patch.bz2 Patch2: Botan-fix_install_paths.patch @@ -36,10 +37,6 @@ Patch7: dont-set-mach-value.diff Patch8: aarch64-support.patch Patch9: ppc64le-support.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build -Requires: bzip2 >= 1.0.2 -Requires: gmp >= 4.1 -Requires: zlib BuildRequires: bzip2 >= 1.0.2 BuildRequires: gcc-c++ BuildRequires: gmp-devel @@ -50,6 +47,10 @@ BuildRequires: pkg-config BuildRequires: python BuildRequires: zlib-devel +Requires: bzip2 >= 1.0.2 +Requires: gmp >= 4.1 +Requires: zlib +BuildRoot: %{_tmppath}/%{name}-%{version}-build %description Botan is a C++ library that provides support for many common @@ -68,15 +69,14 @@ supported, including RSA, DSA, DES, AES, MD5, and SHA-1. %package-n libbotan-devel +%define botan_docdir %{_docdir}/%{name}-%{version} Summary:Development files for Botan Group: Development/Libraries/C and C++ Requires: gmp-devel +Requires: libbotan-%{version_suffix} = %{version} Requires: libbz2-devel Provides: Botan-devel = %{version} Obsoletes: Botan-devel < %{version} -Requires: libbotan-%{version_suffix} = %{version} - -%define botan_docdir %{_datadir}/doc/packages/%{name}-%{version} %description-n libbotan-devel This package contains the header files and libraries needed to develop @@ -95,8 +95,11 @@ %build export RPM_OPT_FLAGS + %define common_config_flags --libdir=%{_lib} --with-bzip2 --with-zlib --with-gnump --with-openssl -./configure.py --prefix=%_prefix --libdir=%{_libdir} \ +./configure.py \ + --prefix=%{_prefix} \ + --libdir=%{_libdir} \ --docdir=%{_defaultdocdir} \ --includedir=%{_includedir} \ --with-bzip2 \ @@ -105,11 +108,11 @@ --with-openssl \ --enable-modules=qt_mutex \ --with-tr1-implementation=system \ - --cpu=%_target_cpu -make %{?_smp_mflags} WARN_FLAGS="$RPM_OPT_FLAGS -I/usr/include/Qt" + --cpu=%{_target_cpu} +make %{?_smp_mflags} WARN_FLAGS="%{optflags} -I/usr/include/Qt" %install -%makeinstall +make DESTDIR=%{buildroot} install %{?_smp_mflags} rm -f %{buildroot}/%{_libdir}/libbotan*.a %post -n libbotan-%{version_suffix} -p /sbin/ldconfig
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2015-08-15 11:38:55 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2015-07-14 17:20:29.0 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2015-08-15 11:38:56.0 +0200 @@ -1,0 +2,40 @@ +Fri Aug 14 08:54:09 UTC 2015 - mvysko...@opensuse.org + +- Fix Source0 URL + +--- +Tue Aug 11 22:49:31 UTC 2015 - netsr...@opensuse.org + +- bump SONAME to libbotan-1_10-1 +- Update to 1.10.10 + * SECURITY: The BER decoder would crash due to reading from offset 0 +of an empty vector if it encountered a BIT STRING which did not +contain any data at all. As the type requires a 1 byte field this +is not valid BER but could occur in malformed data. Found with +afl. CVE-2015-5726 + * SECURITY: The BER decoder would allocate a fairly arbitrary amount +of memory in a length field, even if there was no chance the read +request would succeed. This might cause the process to run out of +memory or invoke the OOM killer. Found with afl. CVE-2015-5727 + * Due to an ABI incompatible (though not API incompatible) change in +this release, the version number of the shared object has been +increased. + * The default TLS policy no longer allows RC4. + * Fix a signed integer overflow in Blue Midnight Wish that may cause +incorrect computations or undefined behavior. + +- Update to 1.10.9 + * Fixed EAX tag verification to run in constant time + * The default TLS policy now disables SSLv3. + * A crash could occur when reading from a blocking random device if +the device initially indicated that entropy was available but a +concurrent process drained the entropy pool before the read was +initiated. + * Fix decoding indefinite length BER constructs that contain a +context sensitive tag of zero. Github pull 26 from Janusz Chorko. + * The botan-config script previously tried to guess its prefix from +the location of the binary. However this was error prone, and now +the script assumes the final installation prefix matches the value +set during the build. Github issue 29. + +--- Old: Botan-1.10.8.tbz New: Botan-1.10.10.tgz Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.zgluQ3/_old 2015-08-15 11:38:57.0 +0200 +++ /var/tmp/diff_new_pack.zgluQ3/_new 2015-08-15 11:38:57.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package Botan # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,17 +16,17 @@ # -%define version_suffix 1_10-0 +%define version_suffix 1_10-1 %define short_version 1.10 Name: Botan -Version:1.10.8 +Version:1.10.10 Release:0 Url:http://botan.randombit.net Summary:A C++ Crypto Library License:BSD-2-Clause Group: Development/Libraries/C and C++ -Source: https://files.randombit.net/botan/%{name}-%{version}.tbz +Source0:http://botan.randombit.net/releases/%{name}-%{version}.tgz Source2:baselibs.conf Patch0: Botan-inttypes.patch Patch1: Botan-ull_constants.patch.bz2 ++ baselibs.conf ++ --- /var/tmp/diff_new_pack.zgluQ3/_old 2015-08-15 11:38:57.0 +0200 +++ /var/tmp/diff_new_pack.zgluQ3/_new 2015-08-15 11:38:57.0 +0200 @@ -1,4 +1,4 @@ -libbotan-1_10-0 +libbotan-1_10-1 libbotan-devel requires -libbotan- = - requires "libbotan-1_10-0- = " + requires "libbotan-1_10-1- = "
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2015-07-14 17:20:28 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2014-05-11 14:16:48.0 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2015-07-14 17:20:29.0 +0200 @@ -1,0 +2,5 @@ +Wed Jun 24 16:19:12 UTC 2015 - liujianfeng1...@gmail.com + +- Change build dependence "libqt4-devel" to "libqt5-qtbase-devel". + +--- Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.S6y54w/_old 2015-07-14 17:20:30.0 +0200 +++ /var/tmp/diff_new_pack.S6y54w/_new 2015-07-14 17:20:30.0 +0200 @@ -45,7 +45,7 @@ BuildRequires: gmp-devel BuildRequires: gmp-devel >= 4.1 BuildRequires: libbz2-devel -BuildRequires: libqt4-devel +BuildRequires: libqt5-qtbase-devel BuildRequires: openssl-devel BuildRequires: pkg-config BuildRequires: python
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2014-05-11 14:16:33 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2014-03-04 13:20:44.0 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2014-05-11 14:16:48.0 +0200 @@ -1,0 +2,19 @@ +Fri May 8 18:00:00 CET 2014 - tbehr...@suse.com + +- Update to 1.10.8 + * Fix a bug in primality testing introduced in 1.8.3 which caused +only a single random base, rather than a sequence of random bases, +to be used in the Miller-Rabin test. This increased the +probability that a non-prime would be accepted, for instance a +1024 bit number would be incorrectly classed as prime with +probability around 2^-40. Reported by Jeff Marrison. + * The key length limit on HMAC has been raised to 512 bytes, +allowing the use of very long passphrases with PBKDF2. + +- Update to 1.10.7 + * OAEP had two bugs, one of which allowed it to be used even if the +key was too small, and the other of which would cause a crash +during decryption if the EME data was too large for the associated +key. + +--- Old: Botan-1.10.6.tbz New: Botan-1.10.8.tbz Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.WmammK/_old 2014-05-11 14:16:49.0 +0200 +++ /var/tmp/diff_new_pack.WmammK/_new 2014-05-11 14:16:49.0 +0200 @@ -20,13 +20,13 @@ %define short_version 1.10 Name: Botan -Version:1.10.6 +Version:1.10.8 Release:0 Url:http://botan.randombit.net Summary:A C++ Crypto Library License:BSD-2-Clause Group: Development/Libraries/C and C++ -Source: http://botan.randombit.net/files/%{name}-%{version}.tbz +Source: https://files.randombit.net/botan/%{name}-%{version}.tbz Source2:baselibs.conf Patch0: Botan-inttypes.patch Patch1: Botan-ull_constants.patch.bz2 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2014-03-04 13:20:42 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2013-12-11 11:28:15.0 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2014-03-04 13:20:44.0 +0100 @@ -1,0 +2,5 @@ +Mon Mar 3 13:57:13 CET 2014 - r...@suse.de + +- change license to BSD-2-Clause as requested by legal + +--- Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.fKclsU/_old 2014-03-04 13:20:44.0 +0100 +++ /var/tmp/diff_new_pack.fKclsU/_new 2014-03-04 13:20:44.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package Botan # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ Release:0 Url:http://botan.randombit.net Summary:A C++ Crypto Library -License:BSD-3-Clause +License:BSD-2-Clause Group: Development/Libraries/C and C++ Source: http://botan.randombit.net/files/%{name}-%{version}.tbz Source2:baselibs.conf -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2013-12-11 11:28:14 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2013-11-12 15:03:31.0 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2013-12-11 11:28:15.0 +0100 @@ -1,0 +2,7 @@ +Sun Dec 8 23:46:27 UTC 2013 - dval...@suse.com + +- Add ppc64le architecture + +- added patches: + * ppc64le-support.patch +--- New: ppc64le-support.patch Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.3FxBRH/_old 2013-12-11 11:28:15.0 +0100 +++ /var/tmp/diff_new_pack.3FxBRH/_new 2013-12-11 11:28:15.0 +0100 @@ -35,6 +35,7 @@ Patch6: Botan-fix_pkgconfig.patch Patch7: dont-set-mach-value.diff Patch8: aarch64-support.patch +Patch9: ppc64le-support.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: bzip2 >= 1.0.2 Requires: gmp >= 4.1 @@ -90,6 +91,7 @@ %patch6 %patch7 -p1 %patch8 +%patch9 %build export RPM_OPT_FLAGS ++ ppc64le-support.patch ++ --- /dev/null 2013-11-30 20:09:56.08808 +0100 +++ src/build-data/arch/ppc64le.txt 2013-12-08 23:56:25.46551 +0100 @@ -0,0 +1,15 @@ +endian little + +family ppc + + +powerpc64le + + + +power7 + + + +altivec:power7 + -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2013-11-12 15:03:29 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2013-03-19 12:10:55.0 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2013-11-12 15:03:31.0 +0100 @@ -1,0 +2,44 @@ +Mon Nov 11 20:11:43 UTC 2013 - tbehr...@suse.com + +- Update to 1.10.6 + * The device reading entropy source now attempts to read from all +available devices. Previously it would break out early if a +partial read from a blocking source occured, not continuing to +read from a non-blocking device. This would cause the library to +fall back on slower and less reliable techniques for collecting +PRNG seed material. Reported by Rickard Bellgrim. + * HMAC_RNG (the default PRNG implementation) now automatically +reseeds itself periodically. Previously reseeds only occured on +explicit application request. + * Fix an encoding error in EC_Group when encoding using +EC_DOMPAR_ENC_OID. Reported by fxdupont on github. + * In EMSA2 and Randpool, avoid calling name() on objects after +deleting them if the provided algorithm objects are not suitable +for use. Found by Clang analyzer, reported by Jeffrey Walton. + * If X509_Store was copied, the u32bit containing how long to cache +validation results was not initialized, potentially causing +results to be cached for significant amounts of time. This could +allow a certificate to be considered valid after its issuing CA’s +cert expired. Expiration of the end-entity cert is always checked, +and reading a CRL always causes the status to be reset, so this +issue does not affect revocation. Found by Coverity scanner. + * Avoid off by one causing a potentially unterminated string to be +passed to the connect system call if the library was configured to +use a very long path name for the EGD socket. Found by Coverity +Scanner. + * In PK_Encryptor_EME, PK_Decryptor_EME, PK_Verifier, and +PK_Key_Agreement, avoid dereferencing an unitialized pointer if no +engine supported operations on the key object given. Found by +Coverity scanner. + * Avoid leaking a file descriptor in the /dev/random and EGD entropy +sources if stdin (file descriptor 0) was closed. Found by Coverity +scanner. + * Avoid a potentially undefined operation in the bit rotation +operations. Not known to have caused problems under any existing +compiler, but might have caused problems in the future. Caught by +Clang sanitizer, reported by Jeffrey Walton. + * Increase default hash iterations from 1 to 5 in PBES1 and +PBES2 + * Add a fix for mips64el builds from Brad Smith. + +--- Old: Botan-1.10.5.tbz New: Botan-1.10.6.tbz Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.lLA48s/_old 2013-11-12 15:03:32.0 +0100 +++ /var/tmp/diff_new_pack.lLA48s/_new 2013-11-12 15:03:32.0 +0100 @@ -20,7 +20,7 @@ %define short_version 1.10 Name: Botan -Version:1.10.5 +Version:1.10.6 Release:0 Url:http://botan.randombit.net Summary:A C++ Crypto Library -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2013-03-19 12:10:52 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan", Maintainer is "p...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2013-03-12 11:06:37.0 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2013-03-19 12:10:55.0 +0100 @@ -1,0 +2,9 @@ +Sat Mar 16 13:44:43 UTC 2013 - cgiboude...@gmx.com + +- Update to 1.10.5 + * A potential crash in the AES-NI implementation of the AES-192 key schedule +(caused by misaligned loads) has been fixed. + * A previously conditional operation in Montgomery multiplication and +squaring is now always performed, removing a possible timing channel. + +--- Old: Botan-1.10.3.tar.bz2 New: Botan-1.10.5.tbz Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.bwBG50/_old 2013-03-19 12:10:58.0 +0100 +++ /var/tmp/diff_new_pack.bwBG50/_new 2013-03-19 12:10:58.0 +0100 @@ -20,13 +20,13 @@ %define short_version 1.10 Name: Botan -Version:1.10.3 +Version:1.10.5 Release:0 Url:http://botan.randombit.net Summary:A C++ Crypto Library License:BSD-3-Clause Group: Development/Libraries/C and C++ -Source: Botan-%{version}.tar.bz2 +Source: http://botan.randombit.net/files/%{name}-%{version}.tbz Source2:baselibs.conf Patch0: Botan-inttypes.patch Patch1: Botan-ull_constants.patch.bz2 @@ -88,7 +88,7 @@ %patch2 %patch4 %patch6 -%patch7 +%patch7 -p1 %patch8 %build ++ dont-set-mach-value.diff ++ --- /var/tmp/diff_new_pack.bwBG50/_old 2013-03-19 12:10:58.0 +0100 +++ /var/tmp/diff_new_pack.bwBG50/_new 2013-03-19 12:10:58.0 +0100 @@ -1,8 +1,8 @@ -We don't want any fiddling with -march, our flags via %optflags are always right - configure.py -+++ configure.py -@@ -1081,7 +1081,7 @@ +diff --git a/configure.py b/configure.py +index b606e06..f184939 100755 +--- a/configure.py b/configure.py +@@ -1135,7 +1135,7 @@ def create_template_vars(build_config, options, modules, cc, arch, osinfo): options.cpu, options.debug_build), 'lib_opt': cc.library_opt_flags(options), -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2013-03-12 11:06:36 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan", Maintainer is "p...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2012-09-20 16:00:08.0 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2013-03-12 11:06:37.0 +0100 @@ -1,0 +2,5 @@ +Sun Mar 10 21:35:25 UTC 2013 - sch...@suse.de + +- aarch64-support.patch: add support for aarch64 + +--- New: aarch64-support.patch Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.ekGDdM/_old 2013-03-12 11:08:26.0 +0100 +++ /var/tmp/diff_new_pack.ekGDdM/_new 2013-03-12 11:08:26.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package Botan # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -34,6 +34,7 @@ Patch4: Botan-no-buildtime.patch Patch6: Botan-fix_pkgconfig.patch Patch7: dont-set-mach-value.diff +Patch8: aarch64-support.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: bzip2 >= 1.0.2 Requires: gmp >= 4.1 @@ -88,6 +89,7 @@ %patch4 %patch6 %patch7 +%patch8 %build export RPM_OPT_FLAGS ++ aarch64-support.patch ++ Index: src/build-data/arch/aarch64.txt === --- /dev/null +++ src/build-data/arch/aarch64.txt @@ -0,0 +1,6 @@ +endian little + + +arm64 +armv8 + -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2012-09-20 15:59:55 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan", Maintainer is "p...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2012-08-22 14:36:04.0 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2012-09-20 16:00:08.0 +0200 @@ -1,0 +2,12 @@ +Fri Sep 14 20:08:15 UTC 2012 - p.drou...@gmail.com + +- update to 1.10.3: + * A change in 1.10.2 accidentally broke ABI compatibility with +1.10.1 and earlier versions, causing programs compiled against +1.10.1 to crash if linked with 1.10.2 at runtime. + * Recent versions of OpenSSL include extra information in ECC +private keys, the presence of which caused an exception when such +a key was loaded by botan. The decoding of ECC private keys has been +changed to ignore these fields if they are set. +- remove Botan-qt_thread_support.patch no needed anymore +--- Old: Botan-1.10.0.tar.bz2 Botan-qt_thread_support.patch New: Botan-1.10.3.tar.bz2 Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.c5KNIG/_old 2012-09-20 16:00:11.0 +0200 +++ /var/tmp/diff_new_pack.c5KNIG/_new 2012-09-20 16:00:11.0 +0200 @@ -20,19 +20,18 @@ %define short_version 1.10 Name: Botan -Version:1.10.0 +Version:1.10.3 Release:0 Url:http://botan.randombit.net Summary:A C++ Crypto Library License:BSD-3-Clause Group: Development/Libraries/C and C++ -Source: Botan-1.10.0.tar.bz2 +Source: Botan-%{version}.tar.bz2 Source2:baselibs.conf Patch0: Botan-inttypes.patch Patch1: Botan-ull_constants.patch.bz2 Patch2: Botan-fix_install_paths.patch Patch4: Botan-no-buildtime.patch -Patch5: Botan-qt_thread_support.patch Patch6: Botan-fix_pkgconfig.patch Patch7: dont-set-mach-value.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -87,7 +86,6 @@ %patch1 %patch2 %patch4 -%patch5 %patch6 %patch7 ++ Botan-1.10.0.tar.bz2 -> Botan-1.10.3.tar.bz2 ++ 6387 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2012-08-22 14:36:00 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan", Maintainer is "p...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2012-02-08 15:37:08.0 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2012-08-22 14:36:04.0 +0200 @@ -1,0 +2,6 @@ +Thu Aug 16 09:06:44 UTC 2012 - dmuel...@suse.com + +- don't fiddle with march settings, we want the distro defaults + (fixes build on ARM) + +--- New: dont-set-mach-value.diff Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.8omLhi/_old 2012-08-22 14:36:06.0 +0200 +++ /var/tmp/diff_new_pack.8omLhi/_new 2012-08-22 14:36:06.0 +0200 @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + %define version_suffix 1_10-0 %define short_version 1.10 @@ -33,8 +34,11 @@ Patch4: Botan-no-buildtime.patch Patch5: Botan-qt_thread_support.patch Patch6: Botan-fix_pkgconfig.patch +Patch7: dont-set-mach-value.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build -Requires: zlib, bzip2 >= 1.0.2, gmp >= 4.1 +Requires: bzip2 >= 1.0.2 +Requires: gmp >= 4.1 +Requires: zlib BuildRequires: bzip2 >= 1.0.2 BuildRequires: gcc-c++ BuildRequires: gmp-devel @@ -65,7 +69,8 @@ %package-n libbotan-devel Summary:Development files for Botan Group: Development/Libraries/C and C++ -Requires: gmp-devel libbz2-devel +Requires: gmp-devel +Requires: libbz2-devel Provides: Botan-devel = %{version} Obsoletes: Botan-devel < %{version} Requires: libbotan-%{version_suffix} = %{version} @@ -84,6 +89,7 @@ %patch4 %patch5 %patch6 +%patch7 %build export RPM_OPT_FLAGS ++ dont-set-mach-value.diff ++ We don't want any fiddling with -march, our flags via %optflags are always right --- configure.py +++ configure.py @@ -1081,7 +1081,7 @@ options.cpu, options.debug_build), 'lib_opt': cc.library_opt_flags(options), -'mach_opt': cc.mach_opts(options.arch, options.cpu), +'mach_opt': '', 'check_opt': '' if options.no_optimizations else cc.check_opt_flags, 'lang_flags': cc.lang_flags + options.extra_flags, 'warn_flags': warning_flags(cc.warning_flags, -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2012-02-08 15:37:06 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan", Maintainer is "p...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2011-09-23 01:50:32.0 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2012-02-08 15:37:08.0 +0100 @@ -1,0 +2,5 @@ +Tue Feb 7 08:04:05 UTC 2012 - co...@suse.com + +- little spec cleanup + +--- Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.yufnYC/_old 2012-02-08 15:37:09.0 +0100 +++ /var/tmp/diff_new_pack.yufnYC/_new 2012-02-08 15:37:09.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package Botan # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,13 +15,12 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # - %define version_suffix 1_10-0 %define short_version 1.10 Name: Botan Version:1.10.0 -Release:3 +Release:0 Url:http://botan.randombit.net Summary:A C++ Crypto Library License:BSD-3-Clause @@ -36,9 +35,16 @@ Patch6: Botan-fix_pkgconfig.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: zlib, bzip2 >= 1.0.2, gmp >= 4.1 -BuildRequires: bzip2 >= 1.0.2 gmp-devel >= 4.1 zlib-devel -BuildRequires: gcc-c++ gmp-devel libbz2-devel openssl-devel python -BuildRequires: libqt4-devel pkg-config +BuildRequires: bzip2 >= 1.0.2 +BuildRequires: gcc-c++ +BuildRequires: gmp-devel +BuildRequires: gmp-devel >= 4.1 +BuildRequires: libbz2-devel +BuildRequires: libqt4-devel +BuildRequires: openssl-devel +BuildRequires: pkg-config +BuildRequires: python +BuildRequires: zlib-devel %description Botan is a C++ library that provides support for many common @@ -46,15 +52,7 @@ X.509v3 certificates and CRLs. A wide variety of algorithms is supported, including RSA, DSA, DES, AES, MD5, and SHA-1. - - -Authors: - -Jack Lloyd - %package -nlibbotan-%{version_suffix} - -License:BSD-3-Clause Summary:A C++ Crypto Library Group: Development/Libraries/C and C++ @@ -64,14 +62,7 @@ X.509v3 certificates and CRLs. A wide variety of algorithms is supported, including RSA, DSA, DES, AES, MD5, and SHA-1. - - -Authors: - -Jack Lloyd - %package-n libbotan-devel -License:BSD-3-Clause Summary:Development files for Botan Group: Development/Libraries/C and C++ Requires: gmp-devel libbz2-devel @@ -85,12 +76,6 @@ This package contains the header files and libraries needed to develop programs that use the Botan library. - - -Authors: - -Name: Jack Lloyd - %prep %setup -q %patch0 @@ -103,7 +88,7 @@ %build export RPM_OPT_FLAGS %define common_config_flags --libdir=%{_lib} --with-bzip2 --with-zlib --with-gnump --with-openssl -./configure.py --prefix=/usr --libdir=%{_libdir} \ +./configure.py --prefix=%_prefix --libdir=%{_libdir} \ --docdir=%{_defaultdocdir} \ --includedir=%{_includedir} \ --with-bzip2 \ -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2011-12-06 18:01:30 Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) Package is "Botan", Maintainer is "p...@suse.com" Changes: Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.bv0OXy/_old 2011-12-06 18:03:42.0 +0100 +++ /var/tmp/diff_new_pack.bv0OXy/_new 2011-12-06 18:03:42.0 +0100 @@ -24,7 +24,7 @@ Release:3 Url:http://botan.randombit.net Summary:A C++ Crypto Library -License:BSD3c +License:BSD-3-Clause Group: Development/Libraries/C and C++ Source: Botan-1.10.0.tar.bz2 Source2:baselibs.conf @@ -54,7 +54,7 @@ %package -nlibbotan-%{version_suffix} -License:BSD3c +License:BSD-3-Clause Summary:A C++ Crypto Library Group: Development/Libraries/C and C++ @@ -71,7 +71,7 @@ Jack Lloyd %package-n libbotan-devel -License:BSD3c +License:BSD-3-Clause Summary:Development files for Botan Group: Development/Libraries/C and C++ Requires: gmp-devel libbz2-devel -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at Mon Sep 19 15:23:38 CEST 2011. --- Botan/Botan.changes 2011-07-04 17:14:52.0 +0200 +++ /mounts/work_src_done/STABLE/Botan/Botan.changes2011-09-16 21:09:56.0 +0200 @@ -1,0 +2,6 @@ +Fri Sep 16 17:36:04 UTC 2011 - jeng...@medozas.de + +- Implement baselibs.conf for package +- Remove obsolete/redundant tags + +--- calling whatdependson for head-i586 New: baselibs.conf Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.XXVNqr/_old 2011-09-19 15:23:33.0 +0200 +++ /var/tmp/diff_new_pack.XXVNqr/_new 2011-09-19 15:23:33.0 +0200 @@ -15,7 +15,6 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# norootforbuild %define version_suffix 1_10-0 %define short_version 1.10 @@ -26,10 +25,9 @@ Url:http://botan.randombit.net Summary:A C++ Crypto Library License:BSD3c -AutoReqProv:on -Prefix: /usr Group: Development/Libraries/C and C++ Source: Botan-1.10.0.tar.bz2 +Source2:baselibs.conf Patch0: Botan-inttypes.patch Patch1: Botan-ull_constants.patch.bz2 Patch2: Botan-fix_install_paths.patch @@ -56,7 +54,6 @@ %package -nlibbotan-%{version_suffix} - License:BSD3c Summary:A C++ Crypto Library Group: Development/Libraries/C and C++ ++ baselibs.conf ++ libbotan-1_10-0 libbotan-devel requires -libbotan- = requires "libbotan-1_10-0- = " Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at Tue Jul 5 10:38:01 CEST 2011. --- Botan/Botan.changes 2011-06-22 16:10:56.0 +0200 +++ /mounts/work_src_done/STABLE/Botan/Botan.changes2011-07-04 17:14:52.0 +0200 @@ -1,0 +2,11 @@ +Mon Jul 4 17:14:21 CEST 2011 - p...@suse.de + +- Make package own its docdir. + +--- +Thu Jun 23 14:43:48 CEST 2011 - dmuel...@suse.de + +- rename the devel package back to libbotan-devel as the main + package allows to build only one -devel package + +--- calling whatdependson for head-i586 Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.KOdnfo/_old 2011-07-05 10:36:48.0 +0200 +++ /var/tmp/diff_new_pack.KOdnfo/_new 2011-07-05 10:36:48.0 +0200 @@ -22,7 +22,7 @@ Name: Botan Version:1.10.0 -Release:1 +Release:3 Url:http://botan.randombit.net Summary:A C++ Crypto Library License:BSD3c @@ -73,19 +73,18 @@ Jack Lloyd -%package%{short_version}-devel - +%package-n libbotan-devel License:BSD3c Summary:Development files for Botan Group: Development/Libraries/C and C++ Requires: gmp-devel libbz2-devel -Provides: Botan-devel = %{version}, libbotan-devel = %{version} -Obsoletes: Botan-devel < %{version}, libbotan-devel < %{version} +Provides: Botan-devel = %{version} +Obsoletes: Botan-devel < %{version} Requires: libbotan-%{version_suffix} = %{version} %define botan_docdir %{_datadir}/doc/packages/%{name}-%{version} -%description%{short_version}-devel +%description-n libbotan-devel This package contains the header files and libraries needed to develop programs that use the Botan library. @@ -130,10 +129,10 @@ %files -n libbotan-%{version_suffix} %defattr(-,root,root) %docdir %{botan_docdir} -%{botan_docdir}/* +%{botan_docdir} %{_libdir}/libbotan-%{short_version}.so.* -%files %{short_version}-devel +%files -n libbotan-devel %defattr(-,root,root) %{_libdir}/libbotan-%{short_version}.so %{_libdir}/pkgconfig/botan-%{short_version}.pc Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit Botan for openSUSE:Factory
Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at Thu Jun 23 11:44:10 CEST 2011. --- Botan/Botan.changes 2010-09-02 12:07:49.0 +0200 +++ /mounts/work_src_done/STABLE/Botan/Botan.changes2011-06-22 16:10:56.0 +0200 @@ -1,0 +2,41 @@ +Wed Jun 22 16:10:32 CEST 2011 - p...@suse.de + +- Fix Requires for devel package. + +--- +Tue Jun 21 16:53:15 CEST 2011 - p...@suse.de + +- Devel package now is versioned so multiple devel packages may + be installed in parallel. +- Devel package renamed back to Botan-devel to keep rpmlint from + thinking it is a library package ... + +- Update to 1.10.0: + New Features: + * SSL (SSLv3, TLS 1.0, and TLS 1.1 are currently supported) + * GOST 34.10-2001 signature scheme (a Russian ECC signature standard +analogous to ECDSA) + * The SHA-3 candidates Keccak and Blue Midnight Wish + * Bcrypt password hashing + * XSalsa20 + * AES key wrapping + * Comb4P hash combinator. + + Other Changes: + * The block cipher interface now exposes any possible parallelism +available to the implementation, and XTS, CTR, and CBC modes have been +changed to use them. + + * SIMD implementations of Serpent, XTEA, Noekeon, and IDEA have been +added, as has an implementation of AES using SSSE3 which runs both in +constant time and, on recent processors, significantly faster than the +usual table based implementation. There have also been numerous +optimizations to elliptic curves. + + * The documentation, previously written in LaTeX, is now in +reStructuredText, which is converted into HTML with Sphinx. This new +format is significantly easier to write, encouraging more documentation +to be written and updated. And, indeed, a number of features never +before documented are now described in the manual. + +--- calling whatdependson for head-i586 Old: Botan-1.8.10.tar.bz2 New: Botan-1.10.0.tar.bz2 Botan-fix_pkgconfig.patch Other differences: -- ++ Botan.spec ++ --- /var/tmp/diff_new_pack.QKfJJN/_old 2011-06-23 11:42:33.0 +0200 +++ /var/tmp/diff_new_pack.QKfJJN/_new 2011-06-23 11:42:33.0 +0200 @@ -1,7 +1,7 @@ # -# spec file for package Botan (Version 1.8.10) +# spec file for package Botan # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,10 +17,11 @@ # norootforbuild -%define version_suffix 1_8_2 +%define version_suffix 1_10-0 +%define short_version 1.10 Name: Botan -Version:1.8.10 +Version:1.10.0 Release:1 Url:http://botan.randombit.net Summary:A C++ Crypto Library @@ -28,12 +29,13 @@ AutoReqProv:on Prefix: /usr Group: Development/Libraries/C and C++ -Source: %{name}-%{version}.tar.bz2 +Source: Botan-1.10.0.tar.bz2 Patch0: Botan-inttypes.patch Patch1: Botan-ull_constants.patch.bz2 Patch2: Botan-fix_install_paths.patch Patch4: Botan-no-buildtime.patch Patch5: Botan-qt_thread_support.patch +Patch6: Botan-fix_pkgconfig.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: zlib, bzip2 >= 1.0.2, gmp >= 4.1 BuildRequires: bzip2 >= 1.0.2 gmp-devel >= 4.1 zlib-devel @@ -54,6 +56,7 @@ %package -nlibbotan-%{version_suffix} + License:BSD3c Summary:A C++ Crypto Library Group: Development/Libraries/C and C++ @@ -70,18 +73,19 @@ Jack Lloyd -%package -nlibbotan-devel +%package%{short_version}-devel + License:BSD3c Summary:Development files for Botan Group: Development/Libraries/C and C++ -Requires: libbotan-1_8_2 = %{version} Requires: gmp-devel libbz2-devel -Provides: Botan-devel = %{version} -Obsoletes: Botan-devel < %{version} +Provides: Botan-devel = %{version}, libbotan-devel = %{version} +Obsoletes: Botan-devel < %{version}, libbotan-devel < %{version} Requires: libbotan-%{version_suffix} = %{version} -%define botan_docdir %{_defaultdocdir}/%{name} -%description -n libbotan-devel +%define botan_docdir %{_datadir}/doc/packages/%{name}-%{version} + +%description%{short_version}-devel This package contains the header files and libraries needed to develop programs that use the Botan library. @@ -98,12 +102,13 @@ %patch2 %patch4 %patch5 +%patch6 %build export RPM_OPT_FLAGS %define common_config_flags --libdir=%{_lib} --with-bzip2 --with-zlib