Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
libcryptopp
libcryptopp.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libcryptopp.changes of Package libcryptopp
------------------------------------------------------------------- Thu Jan 4 09:29:41 UTC 2024 - pgajdos@suse.com - security update - added patches fix CVE-2023-50981 [bsc#1218222], issue on ModularSquareRoot function leads to potential DoS https://github.com/weidai11/cryptopp/pull/1255 + libcryptopp-CVE-2023-50981.patch ------------------------------------------------------------------- Thu Dec 21 13:48:35 UTC 2023 - pgajdos@suse.com - version update to 8.9.0 * Crypto++ 8.9 was released on October 1, 2023. The 8.9 release was a minor, unplanned release. There were no CVEs and one memory error. * The 8.9 release was driven by the fix for `ProcessData`, and the failures when `inString==outString`. Also see GH #1231, Rabbit Produces null Keystream When inString == outString. * Release notes * =========== * minor release, recompile of programs required * expanded community input and support * 88 unique contributors as of this release * add additional tests to datatest.cpp * fix SIMON128 Asan finding on POWER8 * fix AES/CFB and AES/CTR modes self test failures when using Cryptogams AES on ARMv7 * fix ARIA/CTR mode self test failures when inString==outString * fix HIGHT/CTR mode self test failures when inString==outString * fix Rabbit/CTR mode self test failures when inString==outString * fix HC128/CTR and HC256/CTR mode self test failures when inString==outString * fix Prime Table and dangling reference to a temporary * fix Singleton::Ref() when using C++11 memory fences * remove unneeded call to Crop() in Randomize() - modified patches % libcryptopp-shared.patch (refreshed) - modified sources % baselibs.conf - added patches fix CVE-2023-50980 [bsc#1218219], DoS via malformed DER public key file + libcryptopp-CVE-2023-50980.patch ------------------------------------------------------------------- Sun Jul 16 18:55:10 UTC 2023 - Dirk Müller <dmueller@suse.com> - update to 8.8.0: * minor release, recompile of programs required * expanded community input and support * 88 unique contributors as of this release * fix crash in cryptest.exe when invoked with no options * fix crash in library due to GCC removing live code * fix RSA with key size 16 may provide an invalid key * fix failure to build on 32-bit x86 * fix failure to build on iPhone Simulator for arm64 * fix failure to build on Windows arm64 * test for SSSE3 before using the ISA * fix include of when using MSVC * improve performance of CRC32C_Update_SSE42 for x86-64 * update documentation ------------------------------------------------------------------- Wed Aug 10 04:17:28 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com> - Enable SSE2 to fix i586 build ------------------------------------------------------------------- Tue Aug 9 07:18:25 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com> - Update to 8.7.0 - https://cryptopp.com/release870.html * fix RSA key generation for small moduli (GH #1136) * fix AES-GCM with AESNI but without CLMUL (GH #1132) * rework CFB_CipherTemplate::ProcessData and AdditiveCipherTemplate::ProcessData (GH #1088, GH #1103) + restored performance and avoided performance penalty of a temp buffer * fix undersized SecBlock buffer in Integer bit operations (GH #1072) * work around several GCC 11 & 12 problems ------------------------------------------------------------------- Sat Sep 25 08:00:47 UTC 2021 - Dave Plater <davejplater@gmail.com> - Update to 8.6.0 -upstream changes: *This release clears CVE-2021-40530 and fixes a problem with ChaCha20 AVX2 implementation. *The CVE was due to ElGamal encryption using a work estimate to size encryption exponents instead subgroup order. *The ChaCha20 issue was due to mishandling a carry in the AVX2 code path. The ChaCha20 issue was difficult to duplicate, so most users should not experience it. ------------------------------------------------------------------- Wed Mar 17 20:03:35 UTC 2021 - Dirk Müller <dmueller@suse.com> - update to 8.5.0: * minor release, no recompile of programs required * expanded community input and support * 70 unique contributors as of this release * port to Apple M1 hardware ------------------------------------------------------------------- Sat Jan 2 10:34:52 UTC 2021 - Dave Plater <davejplater@gmail.com> - Update to version 8.4.0 and remove obsolete patches: 0001-Fix-TCXXFLAGS-using-openSUSE-standard-flags-GH-865.patch, 0001-Fix-missing-if-statement.patch and cve-2019-14318.patch - Upstream changes: *fix use of macro CRYPTOPP_ALIGN_DATA *fix potential out-of-bounds read in ECDSA *fix std::bad_alloc when using ByteQueue in pipeline *fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang *fix potential out-of-bounds read in GCM mode *add configure.sh when preprocessor macros fail *fix potential out-of-bounds read in SipHash *fix compile error on POWER9 due to vec_xl_be *fix K233 curve on POWER8 *add Cirrus CI testing *fix broken encryption for some 64-bit ciphers *disable RDRAND and RDSEED for some AMD processors *fix BLAKE2 hash calculation using Salt and Personalization *add XTS mode *fix circular dependency between misc.h and secblock.h *add Certificate interface *fix recursion in AES::Encryption without AESNI *add missing OID for ElGamal encryption *fix missing override in KeyDerivationFunction-derived classes *fix RDSEED assemble under MSVC *fix elliptic curve timing leaks (CVE-2019-14318) *add link-library variable to Makefiles *fix SIZE_MAX definition in misc.h *add GetWord64 and PutWord64 to BufferedTransformation *use HKDF in AutoSeededX917RNG::Reseed *fix Asan finding in VMAC on i686 in inline asm *fix undeclared identifier _mm_roti_epi64 on Gentoo *fix ECIES and GetSymmetricKeyLength *fix possible divide by zero in PKCS5_PBKDF2_HMAC *refine ASN.1 encoders and decoders *disable BMI2 code paths in Integer class *fix use of CRYPTOPP_CLANG_VERSION *add NEON SHA1, SHA256 and SHA512 from Cryptogams *add ARM SHA1, SHA256 and SHA512 from Cryptogams *fix reference binding to misaligned address in xed25519 *clear asserts in TestDataNameValuePairs *fix SIGILL on POWER8 when compiling with GCC 10 *fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup *revert changes for constant-time elliptic curve algorithms ------------------------------------------------------------------- Thu Jul 2 11:40:59 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com> - Simplify the baselibs creation - Do not BR unzip as the tarball is tar.gz - Generate the pc file with cat not bunch of echos ------------------------------------------------------------------- Sun Aug 11 12:48:14 UTC 2019 - Dave Plater <davejplater@gmail.com> - Added cve-2019-14318.patch which fixes (1)leak in ECDSA nonce length; and (2) leak in prime fields (ECP class). - See boo#1145187 - Disabled LTO for i586 to fix build failure. ------------------------------------------------------------------- Sat Jul 20 09:34:46 UTC 2019 - Dave Plater <davejplater@gmail.com> - Update to major version 8.2.0 - Filter out -flto= flag for arm7 see cryptopp issue#865 - Remove 0001-disable_os_rng_test.patch which is no longer needed. - Rebase libcryptopp-shared.patch - Added patchs from git which is indicated in cryptopp issue#865: 0001-Fix-TCXXFLAGS-using-openSUSE-standard-flags-GH-865.patch and 0001-Fix-missing-if-statement.patch. Upstream changes since 7.0.0: *use PowerPC unaligned loads and stores with Power8 *add SKIPJACK test vectors *fix SHAKE-128 and SHAKE-256 compile *removed IS_NEON from Makefile *fix Aarch64 build on Fedora 29 *fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL *add missing BLAKE2 constructors *fix missing BlockSize() in BLAKE2 classes *add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE *add carryless multiplies for NIST b233 and k233 curves *fix OpenMP build due to use of OpenMP 4 with down-level compilers *add SignStream and VerifyStream for ed25519 and large files *fix missing AlgorithmProvider in PanamaHash *add SHAKE-128 and SHAKE-256 *fix AVX2 build due to _mm256_broadcastsi128_si256 *add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305 *add x25519 key exchange and ed25519 signature scheme *add limited Asymmetric Key Package support from RFC 5958 *add Power9 DARN random number generator support *add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck *fix FixedSizeAllocatorWithCleanup may be unaligned on some platforms *cutover to GNU Make-based cpu feature tests *rename files with dashes to underscores *fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC *avoid Singleton<T> when possible, avoid std::call_once completely *fix SPARC alignment problems due to GetAlignmentOf<T>() on word64 *add ARM AES asm implementation from Cryptogams *remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support ------------------------------------------------------------------- Sat Nov 17 14:27:33 UTC 2018 - Adam Mizerski <adam@mizerski.pl> - update to v7.0.0 * changelog available at https://cryptopp.com/release700.html and in packaged Readme.txt - Refreshed patches * 0001-disable_os_rng_test.patch * libcryptopp-shared.patch - Dropped patch reproducible.patch - merged upstream ------------------------------------------------------------------- Sat May 20 19:45:06 UTC 2017 - bwiedemann@suse.com - Add reproducible.patch to sort input files to make build fully reproducible ------------------------------------------------------------------- Fri Mar 3 05:58:37 UTC 2017 - davejplater@gmail.com - Added patch field to soname due to library not following proper API/ABI versioning to fix boo#1027192. - Removed crypto.pc and generate it in the spec file to ensure proper version and directories. - Changed libcryptopp-shared.patch. - Renamed library package and obsoleted old name. - added precheckin_baselibs.sh and updated baselibs.conf ------------------------------------------------------------------- Thu Feb 23 23:16:02 UTC 2017 - adam@mizerski.pl - update to 5.6.5 * Rebase libcryptopp-shared.patch * Rebase 0001-disable_os_rng_test.patch - enable openmp usage ------------------------------------------------------------------- Thu Feb 2 02:03:34 UTC 2017 - jengelh@inai.de - Add obsoletes tag for dropped static lib ------------------------------------------------------------------- Sat Jan 28 20:58:04 UTC 2017 - jengelh@inai.de - Remove libcryptoo-devel-static, this seems unused in Factory. ------------------------------------------------------------------- Sat Jan 28 09:32:22 UTC 2017 - jengelh@inai.de - Update descriptions ------------------------------------------------------------------- Mon Sep 12 08:50:44 UTC 2016 - bwiedemann@suse.com - Update to 5.6.4 * Use proper openSUSE-style library naming * Drop upstream libcryptopp-s390.patch * Drop upstream libcryptopp-m68k.patch * Drop upstream libcryptopp-CVE-2015-2141.patch * Drop upstream cryptopp-gcc6.patch * Rebase libcryptopp-shared.patch * Rebase 0001-disable_os_rng_test.patch ------------------------------------------------------------------- Mon Jun 20 11:09:05 UTC 2016 - i@marguerite.su - add patch cryptopp-gcc6.patch * fix boo#985143 * fix narrowing conversion from unsigned int to int inside {} ------------------------------------------------------------------- Wed Jul 8 08:01:11 UTC 2015 - bwiedemann@suse.com - prevent timing attack to get secret key (bnc#936435, CVE-2015-2141) add libcryptopp-CVE-2015-2141.patch ------------------------------------------------------------------- Fri Aug 15 01:39:59 UTC 2014 - sfalken@opensuse.org - Added 0001-disable_os_rng_test.patch Fixes buildfailure on openSUSE_Factory x86_64 within OBS environment, due to OS supplied Random Number Generator taking too long to respond ------------------------------------------------------------------- Thu Apr 3 13:21:06 UTC 2014 - schwab@suse.de - libcryptopp-m68k.patch: define IS_LITTLE_ENDIAN on m68k ------------------------------------------------------------------- Wed Dec 18 02:40:17 CET 2013 - ro@suse.de - define as big endian on s390/s390x (libcryptopp-s390.patch) ------------------------------------------------------------------- Wed Aug 28 08:29:36 UTC 2013 - dmueller@suse.com - remove noninstallable 32bit -devel baselibs ------------------------------------------------------------------- Fri Mar 1 17:02:43 UTC 2013 - adam@mizerski.pl - update to 5.6.2 - changed license to Boost Software License 1.0 - added SHA-3 (Keccak) - updated DSA to FIPS 186-3 (see DSA2 class) - fixed Blowfish minimum keylength to be 4 bytes (32 bits) - fixed Salsa validation failure when compiling with GCC 4.6 - fixed infinite recursion when on x64, assembly disabled, and no AESNI - ported to MSVC 2012, GCC 4.7, Clang 3.2, Solaris Studio 12.3, Intel C++ Compiler 13.0 - removed libcryptopp-gcc47.patch - fixed upstream - rebased libcryptopp-shared.patch - added devel-static subpackage - updated license tag ------------------------------------------------------------------- Sun Oct 14 10:58:07 UTC 2012 - adam@mizerski.pl - added baselibs.conf - spec file improved ------------------------------------------------------------------- Sat Mar 17 14:25:26 UTC 2012 - dimstar@opensuse.org - Add libcryptopp-gcc47.patch: Fix build with gcc 4.7. ------------------------------------------------------------------- Sun Feb 5 16:39:49 UTC 2012 - jengelh@medozas.de - Proper shared library versioning ------------------------------------------------------------------- Mon Oct 17 14:33:16 UTC 2011 - jengelh@medozas.de - Remove bogus Conflict against libcrypto++0 (cf. shlib guidelines) ------------------------------------------------------------------- Sat Oct 14 13:37:59 UTC 2011 - toddrme2178@gmail.com - Added pkg-config file from fedora project - Cleaned up spec file formatting ------------------------------------------------------------------- Sun Jul 10 23:43:05 CEST 2011 - meissner@suse.de - add -lpthread for tests ------------------------------------------------------------------- Thu Dec 16 14:40:17 UTC 2010 - andreas.hanke@gmx-topmail.de - Update to version 5.6.1: - added support for AES-NI and CLMUL instruction sets in AES and GMAC/GCM - removed WAKE-CFB - fixed several bugs in the SHA-256 x86/x64 assembly code: * incorrect hash on non-SSE2 x86 machines on non-aligned input * incorrect hash on x86 machines when input crosses 0x80000000 * incorrect hash on x64 when compiled with GCC with optimizations enabled - fixed bugs in AES x86 and x64 assembly causing crashes in some MSVC build configurations - switched to a public domain implementation of MARS - ported to MSVC 2010, GCC 4.5.1, Sun Studio 12u1, C++Builder 2010, Intel C++ Compiler 11.1 - renamed the MSVC DLL project to "cryptopp" for compatibility with MSVC 2010 - Changes to library packaging: - update the interface number because there were ABI changes, now matching the Debian package - introduce a conflict with the PackMan package - ship License.txt and Readme.txt - drop the static library ------------------------------------------------------------------- Mon Aug 9 22:29:54 UTC 2010 - pascal.bleser@opensuse.org - initial package (5.6.0)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor