Changelog for
libgcrypt11-1.5.4-22.1.i586.rpm :
Tue Sep 8 14:00:00 2015 vcizekAATTsuse.com
- add countermeassures for Lenstra\'s fault attack on RSA chinese
remainder theorem optimization
* added 0001-rsa-Add-verify-after-sign-to-avoid-Lenstra-s-CRT-att.patch
Fri Aug 14 14:00:00 2015 vcizekAATTsuse.com
- fixes for two security vulnerabilities (bsc#920057)
* Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
* Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical]
* added patches:
libgcrypt-CVE-2014-3591.patch
libgcrypt-CVE-2015-0837-1.patch
libgcrypt-CVE-2015-0837-2.patch
libgcrypt-CVE-2015-0837-3.patch
Fri Aug 8 14:00:00 2014 andreas.stiegerAATTgmx.de
- update to 1.5.4 [bnc#891018]
* Improved performance of RSA, DSA, and Elgamal by using a new
exponentiation algorithm.
* Fixed a subtle bug in mpi_set_bit which could set spurious bits.
* Fixed a bug in an internal division function.
Fri Jul 26 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.5.3 [bnc#831359] CVE-2013-4242
* Mitigate the Yarom/Falkner flush+reload side-channel attack on
RSA secret keys. See
.
Thu Jul 25 14:00:00 2013 mvyskocilAATTsuse.com
- port SLE enhancenments to Factory (bnc#831028)
* add libgcrypt-unresolved-dladdr.patch (bnc#701267)
* add libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff (bnc#724841)
* add libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff
- install .hmac256.hmac (bnc#704068)
- enable varuous new options in configure (m-guard, hmac binary check and
random device linux)
- build with all ciphers, pubkeys and digest by default as whitelist
simply allowed them all
Mon Jun 17 14:00:00 2013 cooloAATTsuse.com
- avoid gpg-offline in bootstrap packages
Sun Jun 16 14:00:00 2013 crrodriguezAATTopensuse.org
- Library must be built with large file support in
32 bit archs.
Thu Apr 18 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.5.2
* The upstream sources now contain the IDEA algorithm, dropping:
idea.c.gz
libgcrypt-1.5.0-idea.patch
libgcrypt-1.5.0-idea_codecleanup.patch
* Made the Padlock code work again (regression since 1.5.0).
* Fixed alignment problems for Serpent.
* Fixed two bugs in ECC computations.
Fri Mar 22 13:00:00 2013 mvyskocilAATTsuse.com
- add GPL3.0+ to License tag because of dumpsexp (bnc#810759)
Mon Mar 18 13:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.5.1
* Allow empty passphrase with PBKDF2.
* Do not abort on an invalid algorithm number in
gcry_cipher_get_algo_keylen and gcry_cipher_get_algo_blklen.
* Fixed some Valgrind warnings.
* Fixed a problem with select and high fd numbers.
* Improved the build system
* Various minor bug fixes.
* Interface changes relative to the 1.5.0 release:
GCRYCTL_SET_ENFORCED_FIPS_FLAG NEW.
GCRYPT_VERSION_NUMBER NEW.
- add verification of source code signatures
- now requires automake 1.11 to build
Sat Feb 2 13:00:00 2013 cooloAATTsuse.com
- update license to new format
Tue Jun 12 14:00:00 2012 chrisAATTcomputersalat.de
- fix deps
* libgpg-error-devel >= 1.8
- add libsoname macro
Sun Feb 12 13:00:00 2012 crrodriguezAATTopensuse.org
- Libraries back into %{_libdir}, /usr merge project
Sat Dec 24 13:00:00 2011 opensuseAATTdstoecker.de
- add the missing IDEA algorithm after the patent is no longer relevant
Sun Nov 13 13:00:00 2011 jengelhAATTmedozas.de
- Remove redundant/unwanted tags/section (cf. specfile guidelines)
Sun Nov 13 13:00:00 2011 cooloAATTsuse.com
- add libtool as explicit buildrequire to avoid implicit dependency from prjconf
Sun Oct 2 14:00:00 2011 crrodriguezAATTopensuse.org
- Update to version 1.5.0, most important changes
* Uses the Intel AES-NI instructions if available
* Support ECDH.
Fri Nov 19 13:00:00 2010 mvyskocilAATTsuse.cz
- update to 1.4.6
* Fixed minor memory leak in DSA key generation.
* No more switching to FIPS mode if /proc/version is not readable.
* Fixed a sigill during Padlock detection on old CPUs.
* Boosted SHA-512 performance by 30% on ia32 boxes and gcc 4.3;
SHA-256 went up by 25%.
* New variants of the TIGER algorithm.
* New cipher algorithm mode for AES-WRAP.
* Interface changes relative to the 1.4.2 release:
GCRY_MD_TIGER1 NEW
GCRY_MD_TIGER2 NEW
GCRY_CIPHER_MODE_AESWRAP NEW
Sun Jul 4 14:00:00 2010 jengelhAATTmedozas.de
- add missing definition of udiv_qrnnd for sparcv9:32
- use %_smp_mflags
Sat Dec 19 13:00:00 2009 jengelhAATTmedozas.de
- add baselibs.conf as a source
- disable the use of hand-coded assembler functions on sparc -
this is giving me an infinite loop with ./tests/prime
(specifically ./sparc32v8/mpih-mul1.S:_gcry_mpih_mul_1.
Fedora disables this too.
Tue Apr 7 14:00:00 2009 crrodriguezAATTsuse.de
- update to version 1.4.4
* Publish GCRY_MODULE_ID_USER and GCRY_MODULE_ID_USER_LAST constants.
This functionality has been in Libgcrypt since 1.3.0.
* MD5 may now be used in non-enforced fips mode.
* Fixed HMAC for SHA-384 and SHA-512 with keys longer than 64 bytes.
* In fips mode, RSA keys are now generated using the X9.31 algorithm
and DSA keys using the FIPS 186-2 algorithm.
* The transient-key flag is now also supported for DSA key
generation. DSA domain parameters may be given as well.