Overview

Request 593756 accepted

- Update to Botan 2.5
* Fix error in certificate wildcard matching (CVE-2018-9127), where a
wildcard cert for b*.example.com would be accepted as a match for any host
with name *b*.example.com (GH #1519)
* Add support for RSA-PSS signatures in TLS (GH #1285)
* Ed25519 certificates are now supported (GH #1501)
* Many optimizations in ECC operations. ECDSA signatures are 8-10 times
faster. ECDSA verification is about twice as fast. ECDH key agreement is
3-4 times faster. (GH #1457 #1478)
* Implement product scanning Montgomery reduction, which improves
Diffie-Hellman and RSA performance by 10 to 20% on most platforms. (GH
#1472)
* DSA signing and verification performance has improved by 30-50%.
* Add a new Credentials_Manager callback that specifies which CAs the server
has indicated it trusts (GH #1395 fixing #1261)
* Add new TLS::Callbacks methods that allow creating or removing extensions,
as well as examining extensions sent by the peer (GH #1394 #1186)
* Add new TLS::Callbacks methods that allow an application to negotiate use
of custom elliptic curves. (GH #1448)
* Add ability to create custom elliptic curves (GH #1441 #1444)
* Add support for POWER8 AES instructions (GH #1459 #1393 #1206)
* Fix DSA/ECDSA handling of hashes longer than the group order (GH #1502
#986)
* The default encoding of ECC public keys has changed from compressed to
uncompressed point representation. This improves compatability with some
common software packages including Golang’s standard library. (GH #1480
#1483)
* It is now possible to create DNs with custom components. (GH #1490 #1492)
* It is now possible to specify the serial number of created certificates,
instead of using the default 128-bit random integer. (GH #1489 #1491)

Loading...
Request History
Marcus Meissner's avatar

msmeissn created request

- Update to Botan 2.5
* Fix error in certificate wildcard matching (CVE-2018-9127), where a
wildcard cert for b*.example.com would be accepted as a match for any host
with name *b*.example.com (GH #1519)
* Add support for RSA-PSS signatures in TLS (GH #1285)
* Ed25519 certificates are now supported (GH #1501)
* Many optimizations in ECC operations. ECDSA signatures are 8-10 times
faster. ECDSA verification is about twice as fast. ECDH key agreement is
3-4 times faster. (GH #1457 #1478)
* Implement product scanning Montgomery reduction, which improves
Diffie-Hellman and RSA performance by 10 to 20% on most platforms. (GH
#1472)
* DSA signing and verification performance has improved by 30-50%.
* Add a new Credentials_Manager callback that specifies which CAs the server
has indicated it trusts (GH #1395 fixing #1261)
* Add new TLS::Callbacks methods that allow creating or removing extensions,
as well as examining extensions sent by the peer (GH #1394 #1186)
* Add new TLS::Callbacks methods that allow an application to negotiate use
of custom elliptic curves. (GH #1448)
* Add ability to create custom elliptic curves (GH #1441 #1444)
* Add support for POWER8 AES instructions (GH #1459 #1393 #1206)
* Fix DSA/ECDSA handling of hashes longer than the group order (GH #1502
#986)
* The default encoding of ECC public keys has changed from compressed to
uncompressed point representation. This improves compatability with some
common software packages including Golang’s standard library. (GH #1480
#1483)
* It is now possible to create DNs with custom components. (GH #1490 #1492)
* It is now possible to specify the serial number of created certificates,
instead of using the default 128-bit random integer. (GH #1489 #1491)


Factory Auto's avatar

factory-auto added opensuse-review-team as a reviewer

Please review sources


Factory Auto's avatar

factory-auto added repo-checker as a reviewer

Please review build success


Factory Auto's avatar

factory-auto accepted review

Check script succeeded


Saul Goodman's avatar

licensedigger accepted review

ok


Staging Bot's avatar

staging-bot added as a reviewer

Being evaluated by staging project "openSUSE:Factory:Staging:adi:43"


Staging Bot's avatar

staging-bot accepted review

Picked openSUSE:Factory:Staging:adi:43


Repo Checker's avatar

repo-checker accepted review

cycle and install check passed


Jan Engelhardt's avatar

jengelh accepted review


Staging Bot's avatar

staging-bot accepted review

ready to accept


Staging Bot's avatar

staging-bot approved review

ready to accept


Dominique Leuenberger's avatar

dimstar_suse accepted request

Accept to openSUSE:Factory

openSUSE Build Service is sponsored by