Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:GA
libgcrypt.22247
libgcrypt.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libgcrypt.changes of Package libgcrypt.22247
------------------------------------------------------------------- Tue Dec 7 09:41:01 UTC 2021 - Pedro Monreal <pmonreal@suse.com> - FIPS: Fix gcry_mpi_sub_ui subtraction [bsc#1193480] * gcry_mpi_sub_ui: fix subtracting from negative value * Add libgcrypt-FIPS-fix-gcry_mpi_sub_ui.patch ------------------------------------------------------------------- Fri Jun 11 13:17:54 UTC 2021 - Pedro Monreal <pmonreal@suse.com> - Security fix: [bsc#1187212, CVE-2021-33560] * Libgcrypt mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm - Add patches: * libgcrypt-CVE-2021-33560-ElGamal-exponent-blinding.patch * libgcrypt-CVE-2021-33560-fix-ElGamal-enc.patch ------------------------------------------------------------------- Thu Apr 16 17:04:17 UTC 2020 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> - Relax the entropy requirements on selftest during boot [bsc#1162879] * Add patches: - libgcrypt-rsa-no-blinding.patch - libgcrypt-ecc-ecdsa-no-blinding.patch ------------------------------------------------------------------- Tue Nov 12 11:05:02 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> - CMAC AES and TDES FIPS self-tests: * CMAC AES self test missing [bsc#1155339] * CMAC TDES self test missing [bsc#1155338] - Add libgcrypt-CMAC-AES-TDES-selftest.patch ------------------------------------------------------------------- Mon Sep 2 10:25:30 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> - Security fix: [bsc#1148987,CVE-2019-13627] * Mitigation against an ECDSA timing attack * Added libgcrypt-CVE-2019-13627.patch ------------------------------------------------------------------- Wed Nov 28 16:00:55 UTC 2018 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> - Fail selftests when checksum file is missing in FIPS mode only (bsc#1117355) * add libgcrypt-binary_integrity_in_non-FIPS.patch ------------------------------------------------------------------- Wed Jun 20 08:48:03 UTC 2018 - psimons@suse.com - Apply "CVE-2018-0495.patch" from upstream to enable blinding for ECDSA signing. This change mitigates a novel side-channel attack. [CVE-2018-0495, bsc#1097410] ------------------------------------------------------------------- Wed May 2 12:02:26 UTC 2018 - pmonrealgonzalez@suse.com - Suggest libgcrypt20-hmac for package libgcrypt20 to ensure they are installed in the right order. [bsc#1090766] ------------------------------------------------------------------- Thu Mar 29 06:37:44 UTC 2018 - pmonrealgonzalez@suse.com - Extended the fipsdrv dsa-sign and dsa-verify commands with the --algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455). * Added libgcrypt-fipsdrv-enable-algo-for-dsa-sign.patch * Added libgcrypt-fipsdrv-enable-algo-for-dsa-verify.patch ------------------------------------------------------------------- Mon Nov 20 15:22:39 UTC 2017 - vcizek@suse.com - Fix a regression in the fix for bsc#1043333 which caused libgcrypt to leak file descriptors (bsc#1059723) * add libgcrypt-fips_avoid_clash_with_gkd.patch * drop libgcrypt-fips_no_static_fd_random.patch ------------------------------------------------------------------- Wed Jul 26 11:34:51 UTC 2017 - vcizek@suse.com - libgcrypt stored an open file descriptor to the random device in a static variable between invocations. gnome-keyring-daemon on initialization reopens descriptors 0-2 with /dev/null which caused an infinite loop when libgcrypt attempted to read from the random device (bsc#1043333) add libgcrypt-fips_no_static_fd_random.patch ------------------------------------------------------------------- Thu Jul 13 11:30:33 UTC 2017 - vcizek@suse.com - Avoid seeding the DRBG during FIPS power-up selftests (bsc#1046659) * don't call gcry_drbg_instantiate() in healthcheck sanity test to save entropy * turn off blinding for RSA decryption in selftests_rsa to avoid allocation of a random integer * add libgcrypt-fips_dont_seed_drbg_in_selftests.patch - fix a bug in gcry_drbg_healthcheck_sanity() which caused skipping some of the tests * libgcrypt-fips_drbg_healthcheck_sanity_bug.patch (bsc#1046659#c4) ------------------------------------------------------------------- Tue Jul 4 12:48:40 UTC 2017 - vcizek@suse.com - dlsym returns PLT address on s390x, dlopen libgcrypt20.so before calling dlsym (bsc#1047008) * add libgcrypt-fips-use_dlopen_to_get_hmac_path.patch ------------------------------------------------------------------- Fri Jun 30 09:29:29 UTC 2017 - pmonrealgonzalez@suse.com - Security fix [CVE-2017-7526, bsc#1046607] * libgcrypt-CVE-2017-7526-1.6.1-2.patch - Hardening against local side-channel attack * libgcrypt-CVE-2017-7526-1.6.1-1.patch - Factored code for function (secret) and added new functions (secret_core_std, secret_core_crt) in cipher/rsa.c ------------------------------------------------------------------- Fri Jun 9 09:47:04 UTC 2017 - vcizek@suse.com - Don't require secure memory for the fips selftests (bsc#931932) * prevents "Oops, secure memory pool already initialized" warning - modified libgcrypt-fips_run_selftest_at_constructor.patch ------------------------------------------------------------------- Fri Jun 2 10:05:18 UTC 2017 - pmonrealgonzalez@suse.com - Added libgcrypt-secure-EdDSA-session-key.patch [bsc#1042326] * Store the session key in secure memory to ensure that constant time point operations are used in the MPI library. ------------------------------------------------------------------- Tue Aug 23 14:36:16 UTC 2016 - pjanouch@suse.de - Add libgcrypt-CVE-2016-6313-1.patch and libgcrypt-CVE-2016-6313-2.patch (bsc#994157 CVE-2016-6313) ------------------------------------------------------------------- Tue May 17 16:11:43 UTC 2016 - pjanouch@suse.de - make the -hmac package depend on the same version of the library, fixing bsc#979629 FIPS: system fails to reboot after installing fips pattern ------------------------------------------------------------------- Mon Apr 4 13:29:04 UTC 2016 - pjanouch@suse.de - Add libgcrypt-CVE-2015-7511.patch (bsc#965902), fixing side-channel attack on ECDH with Weierstrass curves ------------------------------------------------------------------- Tue Mar 15 01:35:23 CET 2016 - hpj@suse.com - Update libgcrypt-bsc932232-avoid-drbg-crash-with-fips.patch (bsc#970882). Fixes crashes with GPG key generation. ------------------------------------------------------------------- Thu Nov 26 03:00:00 CET 2015 - hpj@suse.com - Add libgcrypt-bsc932232-avoid-drbg-crash-with-fips.patch (bsc#932232). ------------------------------------------------------------------- Fri Aug 14 12:46:12 UTC 2015 - vcizek@suse.com - fix for CVE-2015-0837 (bsc#920057) * Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks are Practical] * added patches: libgcrypt-CVE-2015-0837-1.patch libgcrypt-CVE-2015-0837-2.patch libgcrypt-CVE-2015-0837-3.patch ------------------------------------------------------------------- Tue Aug 4 12:26:39 UTC 2015 - vcizek@suse.com - don't drop privileges when locking secure memory (bsc#938343) * added libgcrypt-secmem_dont_drop_privilege.patch ------------------------------------------------------------------- Thu May 28 12:04:50 UTC 2015 - vcizek@suse.com - the RSA decryption needs p < q for CRT to work (bnc#929919) * added libgcrypt-fips_rsa_p_less_than_q.patch - minor changes to the testsuite * modified libgcrypt-fips_testsuite.patch ------------------------------------------------------------------- Fri May 22 15:15:22 UTC 2015 - abergmann@suse.com - remove obsolete drbg_test.patch added Aug 22 2014, now covered by libgcrypt-fips_add_drbg_cavs_test.patch * removed drbg_test.patch ------------------------------------------------------------------- Fri May 22 15:08:06 UTC 2015 - abergmann@suse.com - update local cavs_driver.pl copy to the latest version ------------------------------------------------------------------- Fri May 22 15:04:02 UTC 2015 - abergmann@suse.com - enable DRBG reseeding * added libgcrypt-1.6.1-drbg-reseeding.patch * added drbg_test-reseeding.patch ------------------------------------------------------------------- Thu May 21 18:24:03 UTC 2015 - vcizek@suse.com - add possibility to specify salt length for RSASSA-PSS verification * added libgcrypt-fips_pss.patch ------------------------------------------------------------------- Mon Apr 27 12:06:07 UTC 2015 - vcizek@suse.com - perform selftests if the module is complete (checksum files are installed) (bnc#928740) * changed libgcrypt-fips_run_selftest_at_constructor.patch ------------------------------------------------------------------- Mon Mar 16 15:52:56 UTC 2015 - jmatejek@suse.com - updated %post and %postun scripts with correct .info filenames ------------------------------------------------------------------- Mon Mar 9 12:58:32 UTC 2015 - vcizek@suse.com - fix CVE-2014-3591 (bnc#920057) * use ciphertext blinding for Elgamal decryption * added libgcrypt-CVE-2014-3591.patch ------------------------------------------------------------------- Wed Feb 18 14:00:22 UTC 2015 - vcizek@suse.com - handle priming error in DRBG continuous test (bnc#905483) * added libgcrypt-fips_handle_priming_error_in_drbg.patch from Jan Matejek ------------------------------------------------------------------- Mon Feb 16 16:18:14 UTC 2015 - vcizek@suse.com - fix a bug in FIPS 186-4 dsa generation * changed libgcrypt-fips-dsa.patch - testsuite adjustments to make it work in fips mode (bnc#899524) * added libgcrypt-fips_testsuite.patch * dropped FIXME-temporary-hack-to-make-some-tests-work.patch ------------------------------------------------------------------- Mon Feb 2 12:30:37 UTC 2015 - vcizek@suse.com - use the RSA keygen generator from Fedora that supports KAT tests * added libgcrypt-fips_rsa_keygen.patch - add gcrypt_rsagtest binary for CAVS testing of rsa keygen KAT * added libgcrypt-fips_KAT_keygen_test.patch ------------------------------------------------------------------- Mon Jan 5 16:01:13 UTC 2015 - vcizek@suse.com - merge in RSA keygen RPP and KAT tests from Fedora * fixes bnc#900275 and bnc#900276 * added libgcrypt-fips_cavs_rsa_keygen.patch ------------------------------------------------------------------- Mon Dec 15 16:56:41 UTC 2014 - vcizek@suse.com - all the drbg patches were merged into v10-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch - update drbg_test (libgcrypt-fips_add_drbg_cavs_test.patch) - add libgcrypt-fips_fipsdrv.patch ------------------------------------------------------------------- Thu Oct 2 14:05:41 UTC 2014 - vcizek@suse.com - address a potential integer issue * changed libgcrypt-fips_PKBKDF_missing_step1.patch ------------------------------------------------------------------- Tue Sep 30 13:20:21 UTC 2014 - vcizek@suse.com - enable HW support in fips mode (bnc#896435) * added libgcrypt-fips_enable_hardware_support.patch ------------------------------------------------------------------- Mon Sep 29 13:28:33 UTC 2014 - vcizek@suse.com - fixes from Jan Matejek: * make DSA selftest use 2048 bit keys (bnc#898003) * added ECDSA selftests and add support for it to the CAVS testing framework (bnc#896202) * fix a bug in fipsdrv * changed patches: - libgcrypt-1.6.1-fips-cavs.patch - libgcrypt-fips_ecdsa.patch - libgcrypt-fips-dsa.patch ------------------------------------------------------------------- Fri Sep 26 13:22:23 UTC 2014 - vcizek@suse.com - hide most of the fips patches behind a conditional, so they are not applied ------------------------------------------------------------------- Fri Sep 26 09:13:34 UTC 2014 - lnussel@suse.de - fix condition for minimal e_value (bnc#896201, RSA-FIPS-186-4-adjustments.patch) - more testsuite fixes (fix-test-suite-for-RSA-in-fips-mode.patch, FIXME-temporary-hack-to-make-some-tests-work.patch) ------------------------------------------------------------------- Fri Sep 26 09:02:13 UTC 2014 - vcizek@suse.com - don't apply libgcrypt-fips_run_selftest_at_constructor.patch * the system currently doesn't boot with it in FIPS mode (bnc#898253) ------------------------------------------------------------------- Thu Sep 25 08:39:16 UTC 2014 - lnussel@suse.de - update libgcrypt-1.6.1-use-fipscheck.patch to not require hardcoding library soname - FIPS 186-4 RSA adjustments (bnc#896201) Added patches: * calculate-fips-checksum-after-build.patch * disable-algorithms-that-are-not-allowed-in-fips.patch * RSA-FIPS-186-4-adjustments.patch * skip-GCM-for-FIPS.patch * fix-test-suite-for-RSA-in-fips-mode.patch * FIXME-temporary-hack-to-make-some-tests-work.patch ------------------------------------------------------------------- Tue Sep 23 19:20:19 UTC 2014 - vcizek@suse.com - add missing PKSC5v2.1 step 1 to PBKDF algorithm (bnc#898005) ------------------------------------------------------------------- Sun Sep 21 10:08:39 UTC 2014 - vcizek@suse.com - disabled curve P-192 in FIPS mode (bnc#896202) * added libgcrypt-fips_ecdsa.patch - don't use SHA-1 for ECDSA in FIPS mode - also run the fips self tests only in FIPS mode ------------------------------------------------------------------- Tue Sep 16 13:56:01 UTC 2014 - vcizek@suse.com - run the fips self tests at the constructor code * added libgcrypt-fips_run_selftest_at_constructor.patch ------------------------------------------------------------------- Tue Sep 16 12:17:17 UTC 2014 - vcizek@suse.com - rewrite the DSA-2 code to be FIPS 186-4 compliant (bnc#894216) * added libgcrypt-fips-dsa.patch * install fips186_dsa - use 2048 bit keys in selftests_dsa ------------------------------------------------------------------- Mon Sep 1 10:57:06 UTC 2014 - vcizek@suse.com - fix an issue in DRBG patchset * size_t type is 32-bit on 32-bit systems - added v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch - added v9-0007-User-interface-to-DRBG.patch - removed v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch - removed v7-0007-User-interface-to-DRBG.patch - update drbg_test.c to the latest release ------------------------------------------------------------------- Fri Aug 22 08:54:55 UTC 2014 - vcizek@suse.com - fix a potential NULL pointer deference in DRBG patchset * fixes from https://bugs.g10code.com/gnupg/issue1701 * added v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch * added v7-0007-User-interface-to-DRBG.patch * removed 0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2 * removed 0007-User-interface-to-DRBG.patch - add a subpackage for CAVS testing * add cavs_driver.pl and cavs-test.sh from the kernel cavs package * added drbg_test.patch ------------------------------------------------------------------- Tue Aug 12 07:43:19 UTC 2014 - meissner@suse.com - split off the -hmac package that contains the checksums ------------------------------------------------------------------- Mon May 26 12:05:17 UTC 2014 - meissner@suse.com - libgcrypt-fix-rng.patch: make drbg work again in FIPS mode. - libgcrypt-1.6.1-use-fipscheck.patch: library to test is libgcrypt.so.20 and not libgcrypt.so.11 - libgcrypt-init-at-elf-load-fips.patch: initialize at ELF DSO load time. ------------------------------------------------------------------- Tue May 13 10:47:51 UTC 2014 - vcizek@suse.com - add new 0007-User-interface-to-DRBG.patch from upstream * fixes bnc#877233 ------------------------------------------------------------------- Tue May 6 14:34:39 UTC 2014 - vcizek@suse.com - add support for SP800-90A DRBG (fate#316929, bnc#856312) * patches by Stephan Mueller (http://www.chronox.de/drbg.html): 0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2 0002-Compile-DRBG.patch 0003-Function-definitions-of-interfaces-for-random.c.patch 0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch 0005-Function-definitions-for-gcry_control-callbacks.patch 0006-DRBG-specific-gcry_control-requests.patch 0007-User-interface-to-DRBG.patch ------------------------------------------------------------------- Tue May 6 14:32:33 UTC 2014 - vcizek@suse.com - FIPS changes (from Fedora): - replaced libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff by libgcrypt-1.6.1-fips-cfgrandom.patch - libgcrypt-fixed-sizet.patch: fixed an int type for -flto - libgcrypt-1.6.1-use-fipscheck.patch: use the fipscheck binary - libgcrypt-1.6.1-fips-cavs.patch: add CAVS tests ------------------------------------------------------------------- Thu Jan 30 13:29:49 UTC 2014 - idonmez@suse.com - Drop arm-missing-files.diff, fixed upstream ------------------------------------------------------------------- Wed Jan 29 18:40:49 UTC 2014 - andreas.stieger@gmx.de - libgcrypt 1.6.1, a bugfix release with the folloging fixes: * Added emulation for broken Whirlpool code prior to 1.6.0. * Improved performance of KDF functions. * Improved ECDSA compliance. * Fixed message digest lookup by OID (regression in 1.6.0). * Fixed memory leaks in ECC code. * Fixed some asm build problems and feature detection bugs. * Interface changes relative to the 1.6.0 release: GCRY_MD_FLAG_BUGEMU1 NEW (minor API change). ------------------------------------------------------------------- Fri Jan 3 16:36:21 UTC 2014 - dmueller@suse.com - add arm-missing-files.diff: Add missing files to fix build ------------------------------------------------------------------- Fri Jan 3 09:43:39 UTC 2014 - mvyskocil@suse.com - fix bnc#856915: can't open /dev/urandom * correct libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff - require libgpg-error 1.11 or higher ------------------------------------------------------------------- Thu Dec 19 13:53:21 UTC 2013 - mvyskocil@suse.com - fix dependency for 32bit devel package - name hmac files according soname - fix hmac subpackage dependency ------------------------------------------------------------------- Thu Dec 19 09:03:21 UTC 2013 - mvyskocil@suse.com - update to 1.6. * Removed the long deprecated gcry_ac interface. Thus Libgcrypt is not anymore ABI compatible to previous versions if they used the ac interface. Check NEWS in libgcrypt-devel for removed interfaces. * Removed the module register subsystem. * The deprecated message digest debug macros have been removed. Use gcry_md_debug instead. * Removed deprecated control codes. * Improved performance of most cipher algorithms as well as for the SHA family of hash functions. * Added support for the IDEA cipher algorithm. * Added support for the Salsa20 and reduced Salsa20/12 stream ciphers. * Added limited support for the GOST 28147-89 cipher algorithm. * Added support for the GOST R 34.11-94 and R 34.11-2012 (Stribog) hash algorithms. * Added a random number generator to directly use the system's RNG. Also added an interface to prefer the use of a specified RNG. * Added support for the SCRYPT algorithm. * Mitigated the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See <http://eprint.iacr.org/2013/448> [CVE-2013-4242]. * Added support for Deterministic DSA as per RFC-6969. * Added support for curve Ed25519. * Added a scatter gather hash convenience function. * Added several MPI amd SEXP helper functions. * Added support for negative numbers to gcry_mpi_print, gcry_mpi_aprint and gcry_mpi_scan. * The algorithm ids GCRY_PK_ECDSA and GCRY_PK_ECDH are now deprecated. Use GCRY_PK_ECC if you need an algorithm id. * Changed gcry_pk_genkey for "ecc" to only include the curve name and not the parameters. The flag "param" may be used to revert this. * Added a feature to globally disable selected hardware features. * Added debug helper functions. - rebased patches * libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff * libgcrypt-ppc64.patch - add libgcrypt-1.6.0-use-intenal-functions.patch to fix fips.c build - Move all documentation to -devel package ------------------------------------------------------------------- Fri Jul 26 22:05:46 UTC 2013 - andreas.stieger@gmx.de - update to 1.5.3 [bnc#831359] CVE-2013-4242 * Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See <http://eprint.iacr.org/2013/448>. ------------------------------------------------------------------- Thu Jul 25 09:15:43 UTC 2013 - mvyskocil@suse.com - port SLE enhancenments to Factory (bnc#831028) * add libgcrypt-unresolved-dladdr.patch (bnc#701267) * add libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff (bnc#724841) * add libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff - install .hmac256.hmac (bnc#704068) - enable varuous new options in configure (m-guard, hmac binary check and random device linux) - build with all ciphers, pubkeys and digest by default as whitelist simply allowed them all ------------------------------------------------------------------- Mon Jun 17 13:22:33 UTC 2013 - coolo@suse.com - avoid gpg-offline in bootstrap packages ------------------------------------------------------------------- Sun Jun 16 22:56:56 UTC 2013 - crrodriguez@opensuse.org - Library must be built with large file support in 32 bit archs. ------------------------------------------------------------------- Thu Apr 18 18:23:36 UTC 2013 - andreas.stieger@gmx.de - update to 1.5.2 * The upstream sources now contain the IDEA algorithm, dropping: idea.c.gz libgcrypt-1.5.0-idea.patch libgcrypt-1.5.0-idea_codecleanup.patch * Made the Padlock code work again (regression since 1.5.0). * Fixed alignment problems for Serpent. * Fixed two bugs in ECC computations. ------------------------------------------------------------------- Fri Mar 22 09:31:11 UTC 2013 - mvyskocil@suse.com - add GPL3.0+ to License tag because of dumpsexp (bnc#810759) ------------------------------------------------------------------- Mon Mar 18 20:41:00 UTC 2013 - andreas.stieger@gmx.de - update to 1.5.1 * Allow empty passphrase with PBKDF2. * Do not abort on an invalid algorithm number in gcry_cipher_get_algo_keylen and gcry_cipher_get_algo_blklen. * Fixed some Valgrind warnings. * Fixed a problem with select and high fd numbers. * Improved the build system * Various minor bug fixes. * Interface changes relative to the 1.5.0 release: GCRYCTL_SET_ENFORCED_FIPS_FLAG NEW. GCRYPT_VERSION_NUMBER NEW. - add verification of source code signatures - now requires automake 1.11 to build ------------------------------------------------------------------- Sat Feb 2 18:51:33 UTC 2013 - coolo@suse.com - update license to new format ------------------------------------------------------------------- Tue Jun 12 21:19:18 UTC 2012 - chris@computersalat.de - fix deps * libgpg-error-devel >= 1.8 - add libsoname macro ------------------------------------------------------------------- Sun Feb 12 15:23:56 UTC 2012 - crrodriguez@opensuse.org - Libraries back into %{_libdir}, /usr merge project ------------------------------------------------------------------- Sat Dec 24 23:51:26 UTC 2011 - opensuse@dstoecker.de - add the missing IDEA algorithm after the patent is no longer relevant ------------------------------------------------------------------ Sun Nov 13 14:37:29 UTC 2011 - jengelh@medozas.de - Remove redundant/unwanted tags/section (cf. specfile guidelines) ------------------------------------------------------------------- Sun Nov 13 09:16:36 UTC 2011 - coolo@suse.com - add libtool as explicit buildrequire to avoid implicit dependency from prjconf ------------------------------------------------------------------- Sun Oct 2 18:38:28 UTC 2011 - crrodriguez@opensuse.org - Update to version 1.5.0, most important changes * Uses the Intel AES-NI instructions if available * Support ECDH. ------------------------------------------------------------------- Fri Nov 19 09:59:41 UTC 2010 - mvyskocil@suse.cz - update to 1.4.6 * Fixed minor memory leak in DSA key generation. * No more switching to FIPS mode if /proc/version is not readable. * Fixed a sigill during Padlock detection on old CPUs. * Boosted SHA-512 performance by 30% on ia32 boxes and gcc 4.3; SHA-256 went up by 25%. * New variants of the TIGER algorithm. * New cipher algorithm mode for AES-WRAP. * Interface changes relative to the 1.4.2 release: GCRY_MD_TIGER1 NEW GCRY_MD_TIGER2 NEW GCRY_CIPHER_MODE_AESWRAP NEW ------------------------------------------------------------------- Sun Jul 4 19:07:16 UTC 2010 - jengelh@medozas.de - add missing definition of udiv_qrnnd for sparcv9:32 - use %_smp_mflags ------------------------------------------------------------------- Sat Dec 19 12:58:20 CET 2009 - jengelh@medozas.de - add baselibs.conf as a source - disable the use of hand-coded assembler functions on sparc - this is giving me an infinite loop with ./tests/prime (specifically ./sparc32v8/mpih-mul1.S:_gcry_mpih_mul_1. Fedora disables this too. ------------------------------------------------------------------- Tue Apr 7 15:45:06 CEST 2009 - crrodriguez@suse.de - update to version 1.4.4 * Publish GCRY_MODULE_ID_USER and GCRY_MODULE_ID_USER_LAST constants. This functionality has been in Libgcrypt since 1.3.0. * MD5 may now be used in non-enforced fips mode. * Fixed HMAC for SHA-384 and SHA-512 with keys longer than 64 bytes. * In fips mode, RSA keys are now generated using the X9.31 algorithm and DSA keys using the FIPS 186-2 algorithm. * The transient-key flag is now also supported for DSA key generation. DSA domain parameters may be given as well. ------------------------------------------------------------------- Thu Jan 29 10:57:01 CET 2009 - olh@suse.de - obsolete libgcrypt-error-XXbit in the library subpackage ------------------------------------------------------------------- Wed Dec 10 12:34:56 CET 2008 - olh@suse.de - use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade (bnc#437293) ------------------------------------------------------------------- Tue Nov 11 17:23:54 CET 2008 - mkoenig@suse.de - build rijndael.c with -fno-strict-aliasing [bnc#443693] ------------------------------------------------------------------- Thu Oct 30 12:34:56 CET 2008 - olh@suse.de - obsolete old -XXbit packages (bnc#437293) ------------------------------------------------------------------- Mon Jun 30 11:47:59 CEST 2008 - mkoenig@suse.de - update to version 1.4.1 * Fixed a bug which led to the comsumption of far too much entropy for the intial seeding * Improved AES performance for CFB and CBC modes ------------------------------------------------------------------- Sun May 11 11:54:39 CEST 2008 - coolo@suse.de - fix rename of xxbit packages ------------------------------------------------------------------- Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de - added baselibs.conf file to build xxbit packages for multilib support ------------------------------------------------------------------- Thu Jan 17 12:20:25 CET 2008 - mkoenig@suse.de - update to version 1.4.0: * The entire library is now under the LGPL. The helper programs and the manual are under the GPL * New control code GCRYCTL_PRINT_CONFIG * Experimental support for ECDSA * Assembler support for the AMD64 architecture * Non executable stack support is now used by default * New configure option --enable-random-daemon * The new function gcry_md_debug should be used instead of the gcry_md_start_debug and gcry_md_stop_debug macros. * Support for DSA2 * Reserved algorithm ranges for use by applications * gcry_mpi_rshift does not anymore truncate the shift count * Support for OFB encryption mode * Support for the Camellia cipher * Support for the SEED cipher * Support for SHA-224 and HMAC using SHA-384 and SHA-512 * Reading and writing the random seed file is now protected by a fcntl style file lock * Made the RNG immune against fork without exec * Changed the way the RNG gets initialized * The ASN.1 DER template for SHA-224 has been fixed * The ACE engine of VIA processors is now used for AES-128 - changed package layout to conform shlib policy: new subpackage libgcrypt11 - disable static library - for reference: bugzilla entry of last change #304749 ------------------------------------------------------------------- Thu Sep 13 01:28:53 CEST 2007 - ltinkl@suse.cz - add sanity check for mpi of size 0 (#304479) ------------------------------------------------------------------- Mon Feb 5 10:25:21 CET 2007 - mkoenig@suse.de - update to version 1.2.4: * Fixed a bug in the memory allocator which could have been the reason for some of non-duplicable bugs. * Other minor bug fixes. ------------------------------------------------------------------- Wed Dec 13 12:47:48 CET 2006 - mkoenig@suse.de - get rid of .la file and fix devel so link ------------------------------------------------------------------- Tue Dec 5 18:30:30 CET 2006 - mkoenig@suse.de - move shared lib to /%_lib ------------------------------------------------------------------- Thu Aug 31 14:29:56 CEST 2006 - mkoenig@suse.de - update to version 1.2.3: * Rewrote gcry_mpi_rshift to allow arbitrary shift counts. * Minor bug fixes. - added libgpg-error-devel and glibc-devel to Requires tag of devel subpackage ------------------------------------------------------------------- Wed Jan 25 21:37:28 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Wed Nov 2 16:44:48 CET 2005 - hvogel@suse.de - enable noexecstack - build ac.c with fno-strict-aliasing ------------------------------------------------------------------- Tue Oct 25 13:40:15 CEST 2005 - hvogel@suse.de - update to version 1.2.2 ------------------------------------------------------------------- Thu Jun 23 11:26:58 CEST 2005 - hvogel@suse.de - call install_info macro in post/postun of the devel package - depend on libgcrypt - add clean section ------------------------------------------------------------------- Tue Jan 18 11:51:51 CET 2005 - hvogel@suse.de - update to version 1.2.1 ------------------------------------------------------------------- Tue Jan 11 16:48:10 CET 2005 - schwab@suse.de - Fix info dir entry. ------------------------------------------------------------------- Wed Nov 17 11:22:44 CET 2004 - hvogel@suse.de - require libgpg-error-devel (Bug #48271) - get rid of the NLD parts ------------------------------------------------------------------- Wed Jul 14 11:12:54 CEST 2004 - adrian@suse.de - create -devel subpackage - prepare for nld ------------------------------------------------------------------- Wed May 19 14:57:45 CEST 2004 - hvogel@suse.de - update to version 1.2.0 ------------------------------------------------------------------- Mon Mar 22 16:48:53 CET 2004 - meissner@suse.de - disable make check, because it uses /dev/random whihc is not filled on some server machines. ------------------------------------------------------------------- Wed Mar 17 15:01:51 CET 2004 - meissner@suse.de - fixed too over enthusiastic powerpc switches to make it work on ppc64. (It compiled before, but did not work). - enabled make check. ------------------------------------------------------------------- Wed Feb 18 12:14:36 CET 2004 - kukuk@suse.de - Build against system pthread library, not pth. ------------------------------------------------------------------- Tue Feb 17 21:11:40 CET 2004 - hvogel@suse.de - update to version 1.1.91 - fix autoconf quotations ------------------------------------------------------------------- Sat Jan 10 19:20:41 CET 2004 - adrian@suse.de - add %run_ldconfig to %postun ------------------------------------------------------------------- Sun Jul 27 16:12:54 CEST 2003 - poeml@suse.de - add libgcrypt-1.1.12-sexp-valgrind-error.patch from SLEC ------------------------------------------------------------------- Thu Apr 24 12:20:23 CEST 2003 - ro@suse.de - fix install_info --delete call and move from preun to postun ------------------------------------------------------------------- Mon Feb 10 22:51:26 CET 2003 - mmj@suse.de - Use %install_info macro [#23433] ------------------------------------------------------------------- Mon Feb 10 16:11:55 CET 2003 - mc@suse.de - switch to version 1.1.12 - gcry_pk_sign, gcry_pk_verify and gcry_pk_encrypt can now handle an optional pkcs1 flags parameter in the S-expression. A similar flag may be passed to gcry_pk_decrypt but it is only syntactically implemented. - New convenience macro gcry_md_get_asnoid. - There is now some real stuff in the manual. - New algorithm: MD4 - Implemented ciphertext stealing. - Support for plain old DES - Smaller bugs fixes and a few new OIDs. ------------------------------------------------------------------- Tue Jan 14 14:03:27 CET 2003 - nadvornik@suse.cz - fixed multi-line string literals ------------------------------------------------------------------- Thu Aug 1 23:51:10 CEST 2002 - poeml@suse.de - create package
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor