SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libgcrypt11-1.5.4-22.1.i586.rpm :
Tue Sep 8 14:00:00 2015 vcizekAATTsuse.com
- add countermeassures for Lenstra\'s fault attack on RSA chinese
remainder theorem optimization

* added 0001-rsa-Add-verify-after-sign-to-avoid-Lenstra-s-CRT-att.patch

Fri Aug 14 14:00:00 2015 vcizekAATTsuse.com
- fixes for two security vulnerabilities (bsc#920057)

* Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.

* Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical]

* added patches:
libgcrypt-CVE-2014-3591.patch
libgcrypt-CVE-2015-0837-1.patch
libgcrypt-CVE-2015-0837-2.patch
libgcrypt-CVE-2015-0837-3.patch

Fri Aug 8 14:00:00 2014 andreas.stiegerAATTgmx.de
- update to 1.5.4 [bnc#891018]

* Improved performance of RSA, DSA, and Elgamal by using a new
exponentiation algorithm.

* Fixed a subtle bug in mpi_set_bit which could set spurious bits.

* Fixed a bug in an internal division function.

Fri Jul 26 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.5.3 [bnc#831359] CVE-2013-4242

* Mitigate the Yarom/Falkner flush+reload side-channel attack on
RSA secret keys. See .

Thu Jul 25 14:00:00 2013 mvyskocilAATTsuse.com
- port SLE enhancenments to Factory (bnc#831028)

* add libgcrypt-unresolved-dladdr.patch (bnc#701267)

* add libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff (bnc#724841)

* add libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff
- install .hmac256.hmac (bnc#704068)
- enable varuous new options in configure (m-guard, hmac binary check and
random device linux)
- build with all ciphers, pubkeys and digest by default as whitelist
simply allowed them all

Mon Jun 17 14:00:00 2013 cooloAATTsuse.com
- avoid gpg-offline in bootstrap packages

Sun Jun 16 14:00:00 2013 crrodriguezAATTopensuse.org
- Library must be built with large file support in
32 bit archs.

Thu Apr 18 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.5.2

* The upstream sources now contain the IDEA algorithm, dropping:
idea.c.gz
libgcrypt-1.5.0-idea.patch
libgcrypt-1.5.0-idea_codecleanup.patch

* Made the Padlock code work again (regression since 1.5.0).

* Fixed alignment problems for Serpent.

* Fixed two bugs in ECC computations.

Fri Mar 22 13:00:00 2013 mvyskocilAATTsuse.com
- add GPL3.0+ to License tag because of dumpsexp (bnc#810759)

Mon Mar 18 13:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.5.1

* Allow empty passphrase with PBKDF2.

* Do not abort on an invalid algorithm number in
gcry_cipher_get_algo_keylen and gcry_cipher_get_algo_blklen.

* Fixed some Valgrind warnings.

* Fixed a problem with select and high fd numbers.

* Improved the build system

* Various minor bug fixes.

* Interface changes relative to the 1.5.0 release:
GCRYCTL_SET_ENFORCED_FIPS_FLAG NEW.
GCRYPT_VERSION_NUMBER NEW.
- add verification of source code signatures
- now requires automake 1.11 to build

Sat Feb 2 13:00:00 2013 cooloAATTsuse.com
- update license to new format

Tue Jun 12 14:00:00 2012 chrisAATTcomputersalat.de
- fix deps

* libgpg-error-devel >= 1.8
- add libsoname macro

Sun Feb 12 13:00:00 2012 crrodriguezAATTopensuse.org
- Libraries back into %{_libdir}, /usr merge project

Sat Dec 24 13:00:00 2011 opensuseAATTdstoecker.de
- add the missing IDEA algorithm after the patent is no longer relevant

Sun Nov 13 13:00:00 2011 jengelhAATTmedozas.de
- Remove redundant/unwanted tags/section (cf. specfile guidelines)

Sun Nov 13 13:00:00 2011 cooloAATTsuse.com
- add libtool as explicit buildrequire to avoid implicit dependency from prjconf

Sun Oct 2 14:00:00 2011 crrodriguezAATTopensuse.org
- Update to version 1.5.0, most important changes

* Uses the Intel AES-NI instructions if available

* Support ECDH.

Fri Nov 19 13:00:00 2010 mvyskocilAATTsuse.cz
- update to 1.4.6

* Fixed minor memory leak in DSA key generation.

* No more switching to FIPS mode if /proc/version is not readable.

* Fixed a sigill during Padlock detection on old CPUs.

* Boosted SHA-512 performance by 30% on ia32 boxes and gcc 4.3;
SHA-256 went up by 25%.

* New variants of the TIGER algorithm.

* New cipher algorithm mode for AES-WRAP.

* Interface changes relative to the 1.4.2 release:
GCRY_MD_TIGER1 NEW
GCRY_MD_TIGER2 NEW
GCRY_CIPHER_MODE_AESWRAP NEW

Sun Jul 4 14:00:00 2010 jengelhAATTmedozas.de
- add missing definition of udiv_qrnnd for sparcv9:32
- use %_smp_mflags

Sat Dec 19 13:00:00 2009 jengelhAATTmedozas.de
- add baselibs.conf as a source
- disable the use of hand-coded assembler functions on sparc -
this is giving me an infinite loop with ./tests/prime
(specifically ./sparc32v8/mpih-mul1.S:_gcry_mpih_mul_1.
Fedora disables this too.

Tue Apr 7 14:00:00 2009 crrodriguezAATTsuse.de
- update to version 1.4.4

* Publish GCRY_MODULE_ID_USER and GCRY_MODULE_ID_USER_LAST constants.
This functionality has been in Libgcrypt since 1.3.0.

* MD5 may now be used in non-enforced fips mode.

* Fixed HMAC for SHA-384 and SHA-512 with keys longer than 64 bytes.

* In fips mode, RSA keys are now generated using the X9.31 algorithm
and DSA keys using the FIPS 186-2 algorithm.

* The transient-key flag is now also supported for DSA key
generation. DSA domain parameters may be given as well.


 
ICM