Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2018-07-31 16:04:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "Botan" Tue Jul 31 16:04:14 2018 rev:51 rq:626674 version:2.7.0 Changes: -------- --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2018-04-13 12:52:59.136562750 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new/Botan.changes 2018-07-31 16:04:27.568062808 +0200 @@ -1,0 +2,102 @@ +Tue Jul 31 10:44:02 UTC 2018 - daniel.molkentin@suse.com + +- Fix version in baselibs.conf + +------------------------------------------------------------------- +Tue Jul 10 09:27:35 UTC 2018 - daniel.molkentin@suse.com + +- Update to Botan 2.7 + + * CVE-2018-12435 Avoid a side channel in ECDSA signature generation (GH + #1604) + + * Avoid a side channel in RSA key generation due to use of a non-constant + time gcd algorithm. (GH #1542 #1556) + + * Optimize prime generation, especially improving RSA key generation. (GH + #1542) + + * Make Karatsuba multiplication, Montgomery field operations, Barrett + reduction and Montgomery exponentiation const time (GH #1540 #1606 #1609 + #1610) + + * Optimizations for elliptic curve operations especially improving reductions + and inversions modulo NIST primes (GH #1534 #1538 #1545 #1546 #1547 #1550) + + * Add 24 word wide Comba multiplication, improving 3072-bit RSA and DH by + ~25%. (GH #1564) + + * Unroll Montgomery reduction for specific sizes (GH #1603) + + * Improved performance of signature verification in ECGDSA, ECKCDSA, SM2 and + GOST by 10-15%. + + * XMSS optimizations (GH #1583 #1585) + + * Fix an error that meant XMSS would only sign half as many signatures as is + allowed (GH #1582) + + * Add support for base32 encoding/decoding (GH #1541) + + * Add BMI2 optimized version of SHA-256, 40% faster on Skylake (GH #1584) + + * Allow the year to be up to 2200 in ASN.1 time objects. Previously this was + limited to 2100. (GH #1536) + + * Add support for Scrypt password hashing (GH #1570) + + * Add support for using Scrypt for private key encryption (GH #1574) + + * Optimizations for DES/3DES, approx 50% faster when used in certain modes + such as CBC decrypt or CTR. + + * XMSS signature verification did not check that the signature was of the + expected length which could lead to a crash. (GH #1537) + + * The bcrypt variants 2b and 2y are now supported. + + * Support for 192-bit Suite B TLS profile is now implemented, as the 128-bit + Suite B is since 2015 not allowed anymore. + + * Previously botan allowed GCM to be used with an empty nonce, which is not + allowed by the specification. Now such nonces are rejected. + + * Avoid problems on Windows when compiling in Unicode mode (GH #1615 #1616) + + * Previously for ASN.1 encoded signatures (eg ECDSA) Botan would accept any + valid BER encoding. Now only the single valid DER encoding is accepted. + + * Correct an error that could in rare cases cause an internal error exception + when doing computations with the P-224 curve. + + * Optimizations to reduce allocations/copies during DER encoding and BER + decoding (GH #1571 #1572 #1600) + + * Botan generates X.509 subject key IDs by hashing the public key with + whatever hash function is being used to sign the certificate. However + especially for SHA-512 this caused SKIDs that were far longer than + necessary. Now all SKIDs are truncated to 192 bits. + + * In the test suite use mkstemp to create temporary files instead of creating + them in the current working directory. (GH #1533 #1530) + + * It is now possible to safely override CXX when invoking make in addition to + when configure.py is run. (GH #1579) + + * OIDs for Camellia and SM4 in CBC and GCM mode are now defined, making it + possible to use this algorithms for private key encryption. + + * Avoid creating symlinks to the shared object on OpenBSD (#1535) + + * The factor command runs much faster on larger inputs now. + + * Support for Windows Phone/UWP was deprecated starting in 2.5. This + deprecation has been reversed as it seems UWP is still actively used. (GH + #1586 #1587) + + * Support for Visual C++ 2013 is deprecated, and will be removed in Jan 2019. + + * Added support for GCC’s –sysroot option to configure.py for + cross-compiling. + +------------------------------------------------------------------- Old: ---- Botan-2.6.0.tgz Botan-2.6.0.tgz.asc New: ---- Botan-2.7.0.tgz Botan-2.7.0.tgz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ Botan.spec ++++++ --- /var/tmp/diff_new_pack.jKArC2/_old 2018-07-31 16:04:28.600064568 +0200 +++ /var/tmp/diff_new_pack.jKArC2/_new 2018-07-31 16:04:28.604064574 +0200 @@ -16,10 +16,10 @@ # -%define version_suffix 2-5 +%define version_suffix 2-7 %define short_version 2 Name: Botan -Version: 2.6.0 +Version: 2.7.0 Release: 0 Summary: A C++ Crypto Library License: BSD-2-Clause ++++++ Botan-2.6.0.tgz -> Botan-2.7.0.tgz ++++++ /work/SRC/openSUSE:Factory/Botan/Botan-2.6.0.tgz /work/SRC/openSUSE:Factory/.Botan.new/Botan-2.7.0.tgz differ: char 5, line 1 ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.jKArC2/_old 2018-07-31 16:04:28.668064684 +0200 +++ /var/tmp/diff_new_pack.jKArC2/_new 2018-07-31 16:04:28.668064684 +0200 @@ -1,4 +1,4 @@ -libbotan-2-5 +libbotan-2-7 libbotan-devel requires -libbotan-<targettype> = <version> - requires "libbotan-2-5-<targettype> = <version>" + requires "libbotan-2-7-<targettype> = <version>"