SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libgcrypt20-1.9.4-2.2.x86_64.rpm :

* Thu Sep 08 2022 Pedro Monreal - FIPS: Get most of the entropy from rndjent_poll [bsc#1202117]
* Add libgcrypt-FIPS-rndjent_poll.patch
* Rebase libgcrypt-jitterentropy-3.4.0.patch
* Wed Sep 07 2022 Pedro Monreal - FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700]
* Consider approved keylength greater or equal to 112 bits.
* Add libgcrypt-FIPS-kdf-leylength.patch
* Wed Sep 07 2022 Pedro Monreal - FIPS: Zeroize buffer and digest in check_binary_integrity()
* Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020]
* Tue Aug 23 2022 Pedro Monreal - FIPS: gpg/gpg2 gets out of core handler in FIPS mode while typing Tab key to Auto-Completion. [bsc#1182983]
* Add libgcrypt-out-of-core-handler.patch
* Mon Aug 08 2022 Pedro Monreal - FIPS: Port libgcrypt to use jitterentropy [bsc#1202117, jsc#SLE-24941]
* Enable the jitter based entropy generator by default in random.conf - Add libgcrypt-jitterentropy-3.3.0.patch
* Update the internal jitterentropy to version 3.4.0 - Add libgcrypt-jitterentropy-3.4.0.patch
* Mon Aug 01 2022 Stephan Kulow - Fix reproducible build problems: - Do not use %release in binaries (but use SOURCE_DATE_EPOCH) - Fix date call messed up by spec-cleaner
* Thu Apr 14 2022 Dennis Knorr - FIPS: extend the service indicator [bsc#1190700]
* introduced a pk indicator function
* adapted the approved and non approved ciphersuites
* Add libgcrypt_indicators_changes.patch
* Add libgcrypt-indicate-shake.patch
* Tue Mar 22 2022 Pedro Monreal - FIPS: Implement a service indicator for asymmetric ciphers [bsc#1190700]
* Mark RSA public key encryption and private key decryption with padding (e.g. OAEP, PKCS) as non-approved since RSA-OAEP lacks peer key assurance validation requirements per SP800-56Brev2.
* Mark ECC as approved only for NIST curves P-224, P-256, P-384 and P-521 with check for common NIST names and aliases.
* Mark DSA, ELG, EDDSA, ECDSA and ECDH as non-approved.
* Add libgcrypt-FIPS-SLI-pk.patch
* Rebase libgcrypt-FIPS-service-indicators.patch- Run the regression tests also in FIPS mode.
* Disable tests for non-FIPS approved algos.
* Rebase: libgcrypt-FIPS-verify-unsupported-KDF-test.patch
* Tue Feb 01 2022 Pedro Monreal - FIPS: Disable DSA in FIPS mode [bsc#1195385]
* Upstream task: https://dev.gnupg.org/T5710
* Add libgcrypt-FIPS-disable-DSA.patch
* Wed Jan 19 2022 Pedro Monreal - FIPS: Service level indicator [bsc#1190700]
* Provide an indicator to check wether the service utilizes an approved cryptographic algorithm or not.
* Add patches: - libgcrypt-FIPS-service-indicators.patch - libgcrypt-FIPS-verify-unsupported-KDF-test.patch - libgcrypt-FIPS-HMAC-short-keylen.patch
* Tue Dec 07 2021 Pedro Monreal - FIPS: Fix gcry_mpi_sub_ui subtraction [bsc#1193480]
* gcry_mpi_sub_ui: fix subtracting from negative value
* Add libgcrypt-FIPS-fix-gcry_mpi_sub_ui.patch
* Tue Nov 30 2021 Pedro Monreal - FIPS: Define an entropy source SP800-90B compliant [bsc#1185140]
* Disable jitter entropy by default in random.conf
* Disable only-urandom option by default in random.conf
* Fri Nov 26 2021 Pedro Monreal - FIPS: RSA KeyGen/SigGen fail with 4096 bit key sizes [bsc#1192240]
* rsa: Check RSA keylen constraints for key operations.
* rsa: Fix regression in not returning an error for prime generation.
* tests: Add 2k RSA key working in FIPS mode.
* tests: pubkey: Replace RSA key to one of 2k.
* tests: pkcs1v2: Skip tests with small keys in FIPS.
* Add patches: - libgcrypt-FIPS-RSA-keylen.patch - libgcrypt-FIPS-RSA-keylen-tests.patch
* Mon Nov 08 2021 Pedro Monreal - FIPS: Disable 3DES/Triple-DES in FIPS mode [bsc#1185138]
* Add libgcrypt-FIPS-disable-3DES.patch
* Tue Nov 02 2021 Pedro Monreal - FIPS: PBKDF requirements [bsc#1185137]
* The PBKDF2 selftests were introduced in libgcrypt version 1.9.1 in the function selftest_pbkdf2()
* Upstream task: https://dev.gnupg.org/T5182
* Thu Oct 28 2021 Pedro Monreal - FIPS: Fix regression tests in FIPS mode [bsc#1192131]
* Add libgcrypt-FIPS-fix-regression-tests.patch
* Upstream task: https://dev.gnupg.org/T5520
* Tue Sep 21 2021 Pedro Monreal - FIPS: Provide a module name/identifier and version that can be mapped to the validation records. [bsc#1190706]
* Add libgcrypt-FIPS-module-version.patch
* Upstream task: https://dev.gnupg.org/T5600
* Tue Sep 21 2021 Pedro Monreal - FIPS: Enable hardware support also in FIPS mode [bsc#1187110]
* Add libgcrypt-FIPS-hw-optimizations.patch
* Upstream task: https://dev.gnupg.org/T5508
* Mon Aug 23 2021 Pedro Monreal - Update to 1.9.4:
* Bug fixes: - Fix Elgamal encryption for other implementations. [CVE-2021-33560] - Fix alignment problem on macOS. - Check the input length of the point in ECDH. - Fix an abort in gcry_pk_get_param for \"Curve25519\".
* Other features: - Add GCM and CCM to OID mapping table for AES.
* Upstream libgcrypt-CVE-2021-33560-fix-ElGamal-enc.patch
* Mon Aug 23 2021 Pedro Monreal - Remove not needed patch libgcrypt-sparcv9.diff
* Thu Jul 15 2021 Pedro Monreal - Fix building test t-lock with pthread. [bsc#1189745]
* Explicitly add -lpthread to compile the t-lock test.
* Add libgcrypt-pthread-in-t-lock-test.patch
* Fri Jun 11 2021 Pedro Monreal - Security fix: [bsc#1187212, CVE-2021-33560]
* cipher: Fix ElGamal encryption for other implementations.
* Exponent blinding was added in version 1.9.3. This patch fixes ElGamal encryption, see: https://dev.gnupg.org/T5328- Add libgcrypt-CVE-2021-33560-fix-ElGamal-enc.patch
* Tue Apr 20 2021 Paolo Stivanin - libgcrypt 1.9.3:
* Bug fixes: - Fix build problems on i386 using gcc-4.7. - Fix checksum calculation in OCB decryption for AES on s390. - Fix a regression in gcry_mpi_ec_add related to certain usages of curve 25519. - Fix a symbol not found problem on Apple M1. - Fix for Apple iOS getentropy peculiarity. - Make keygrip computation work for compressed points.
* Performance: - Add x86_64 VAES/AVX2 accelerated implementation of Camellia. - Add x86_64 VAES/AVX2 accelerated implementation of AES. - Add VPMSUMD acceleration for GCM mode on PPC.
* Internal changes. - Harden MPI conditional code against EM leakage. - Harden Elgamal by introducing exponent blinding.
* Wed Feb 17 2021 Andreas Stieger - libgcrypt 1.9.2:
* Fix building with --disable-asm on x86
* Check public key for ECDSA verify operation
* Make sure gcry_get_config (NULL) returns a nul-terminated string
* Fix a memory leak in the ECDH code
* Fix a reading beyond end of input buffer in SHA2-avx2- remove obsolete texinfo packaging macros
* Tue Feb 02 2021 Pedro Monreal - Update to 1.9.1
*
*Fix exploitable bug
* in hash functions introduced with 1.9.0. [bsc#1181632, CVE-2021-3345]
* Return an error if a negative MPI is used with sexp scan functions.
* Check for operational FIPS in the random and KDF functions.
* Fix compile error on ARMv7 with NEON disabled.
* Fix self-test in KDF module.
* Improve assembler checks for better LTO support.
* Fix 32-bit cross build on x86.
* Fix non-NEON ARM assembly implementation for SHA512.
* Fix build problems with the cipher_bulk_ops_t typedef.
* Fix Ed25519 private key handling for preceding ZEROs.
* Fix overflow in modular inverse implementation.
* Fix register access for AVX/AVX2 implementations of Blake2.
* Add optimized cipher and hash functions for s390x/zSeries.
* Use hardware bit counting functionx when available.
* Update DSA functions to match FIPS 186-3.
* New self-tests for CMACs and KDFs.
* Add bulk cipher functions for OFB and GCM modes.- Update libgpg-error required version
* Mon Feb 01 2021 Pedro Monreal - Use the suffix variable correctly in get_hmac_path()- Rebase libgcrypt-fips_selftest_trigger_file.patch
* Mon Jan 25 2021 Pedro Monreal - Add the global config file /etc/gcrypt/random.conf
* This file can be used to globally change parameters of the random generator with the options: only-urandom and disable-jent.
* Thu Jan 21 2021 Pedro Monreal - Update to 1.9.0: New stable branch of Libgcrypt with full API and ABI compatibility to the 1.8 series. Release-info: https://dev.gnupg.org/T4294
* New and extended interfaces: - New curves Ed448, X448, and SM2. - New cipher mode EAX. - New cipher algo SM4. - New hash algo SM3. - New hash algo variants SHA512/224 and SHA512/256. - New MAC algos for Blake-2 algorithms, the new SHA512 variants, SM3, SM4 and for a GOST variant. - New convenience function gcry_mpi_get_ui. - gcry_sexp_extract_param understands new format specifiers to directly store to integers and strings. - New function gcry_ecc_mul_point and curve constants for Curve448 and Curve25519. - New function gcry_ecc_get_algo_keylen. - New control code GCRYCTL_AUTO_EXPAND_SECMEM to allow growing the secure memory area.
* Performance optimizations and bug fixes: See Release-info.
* Other features: - Add OIDs from RFC-8410 as aliases for Ed25519 and Curve25519. - Add mitigation against ECC timing attack CVE-2019-13627. - Internal cleanup of the ECC implementation. - Support reading EC point in compressed format for some curves.- Rebase patches:
* libgcrypt-1.4.1-rijndael_no_strict_aliasing.patch
* libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff
* libgcrypt-1.6.1-use-fipscheck.patch
* drbg_test.patch
* libgcrypt-fipsdrv-enable-algo-for-dsa-sign.patch
* libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch
* libgcrypt-1.8.4-fips-keygen.patch
* libgcrypt-1.8.4-getrandom.patch
* libgcrypt-fix-tests-fipsmode.patch
* libgcrypt-global_init-constructor.patch
* libgcrypt-ecc-ecdsa-no-blinding.patch
* libgcrypt-PCT-RSA.patch
* libgcrypt-PCT-ECC.patch- Remove patches:
* libgcrypt-unresolved-dladdr.patch
* libgcrypt-CVE-2019-12904-GCM-Prefetch.patch
* libgcrypt-CVE-2019-12904-GCM.patch
* libgcrypt-CVE-2019-12904-AES.patch
* libgcrypt-CMAC-AES-TDES-selftest.patch
* libgcrypt-1.6.1-fips-cfgrandom.patch
* libgcrypt-fips_rsa_no_enforced_mode.patch
* Sat Oct 24 2020 Andreas Stieger - libgcrypt 1.8.7:
* Support opaque MPI with gcry_mpi_print
* Fix extra entropy collection via clock_gettime, a fallback code path for legacy hardware
* Tue Jul 07 2020 Pedro Monreal Gonzalez - Update to 1.8.6
* mpi: Consider +0 and -0 the same in mpi_cmp
* mpi: Fix flags in mpi_copy for opaque MPI
* mpi: Fix the return value of mpi_invm_generic
* mpi: DSA,ECDSA: Fix use of mpi_invm - Call mpi_invm before _gcry_dsa_modify_k - Call mpi_invm before _gcry_ecc_ecdsa_sign
* mpi: Constant time mpi_inv with some conditions - mpi/mpi-inv.c (mpih_add_n_cond, mpih_sub_n_cond, mpih_swap_cond) - New: mpih_abs_cond, mpi_invm_odd - Rename from _gcry_mpi_invm: mpi_invm_generic - Use mpi_invm_odd for usual odd cases: _gcry_mpi_invm
* mpi: Abort on division by zero also in _gcry_mpi_tdiv_qr
* Fix wrong code execution in Poly1305 ARM/NEON implementation - Set r14 to -1 at function entry: (_gcry_poly1305_armv7_neon_init_ext)
* Set vZZ.16b register to zero before use in armv8 gcm implementation
* random: Fix include of config.h
* Fix declaration of internal function _gcry_mpi_get_ui: Don\'t use ulong
* ecc: Fix wrong handling of shorten PK bytes - Zeros are already recovered: (_gcry_ecc_mont_decodepoint)- Update libgcrypt-ecc-ecdsa-no-blinding.patch
* Tue May 19 2020 Pedro Monreal Gonzalez - FIPS: RSA/DSA/ECC test_keys() print out debug messages [bsc#1171872]
* Print the debug messages in test_keys() only in debug mode.- Update patches: libgcrypt-PCT-RSA.patch libgcrypt-PCT-DSA.patch libgcrypt-PCT-ECC.patch
* Mon Apr 27 2020 Pedro Monreal Gonzalez - FIPS: libgcrypt: Double free in test_keys() on failed signature verification [bsc#1169944]
* Use safer gcry_mpi_release() instead of mpi_free()- Update patches:
* libgcrypt-PCT-DSA.patch
* libgcrypt-PCT-RSA.patch
* libgcrypt-PCT-ECC.patch
* Thu Apr 16 2020 Vítězslav Čížek - Ship the FIPS checksum file in the shared library package and create a separate trigger file for the FIPS selftests (bsc#1169569)
* add libgcrypt-fips_selftest_trigger_file.patch
* refresh libgcrypt-global_init-constructor.patch- Remove libgcrypt-binary_integrity_in_non-FIPS.patch obsoleted by libgcrypt-global_init-constructor.patch
* Wed Apr 15 2020 Pedro Monreal Gonzalez - FIPS: Verify that the generated signature and the original input differ in test_keys function for RSA, DSA and ECC: [bsc#1165539]- Add zero-padding when qx and qy have different lengths when assembling the Q point from affine coordinates.- Refreshed patches:
* libgcrypt-PCT-DSA.patch
* libgcrypt-PCT-RSA.patch
* libgcrypt-PCT-ECC.patch
* Mon Mar 30 2020 Pedro Monreal Gonzalez - FIPS: Switch the PCT to use the new signature operation [bsc#1165539]
* Patches for DSA, RSA and ECDSA test_keys functions: - libgcrypt-PCT-DSA.patch - libgcrypt-PCT-RSA.patch - libgcrypt-PCT-ECC.patch- Update patch: libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch
* Thu Mar 26 2020 Pedro Monreal Gonzalez - FIPS: Run self-tests from constructor during power-on [bsc#1166748]
* Set up global_init as the constructor function: - libgcrypt-global_init-constructor.patch
* Relax the entropy requirements on selftest. This is especially important for virtual machines to boot properly before the RNG is available: - libgcrypt-random_selftests-testentropy.patch - libgcrypt-rsa-no-blinding.patch - libgcrypt-ecc-ecdsa-no-blinding.patch
* Fix benchmark regression test in FIPS mode: - libgcrypt-FIPS-GMAC_AES-benckmark.patch
* Thu Mar 12 2020 Pedro Monreal Gonzalez - Remove check not needed in _gcry_global_constructor [bsc#1164950]
* Update libgcrypt-Restore-self-tests-from-constructor.patch
* Tue Feb 25 2020 Pedro Monreal Gonzalez - FIPS: Run the self-tests from the constructor [bsc#1164950]
* Add libgcrypt-invoke-global_init-from-constructor.patch
* Fri Jan 17 2020 Pedro Monreal Gonzalez - FIPS: libgcrypt DSA PQG parameter generation: Missing value [bsc#1161219]- FIPS: libgcrypt DSA PQG verification incorrect results [bsc#1161215]- FIPS: libgcrypt RSA siggen/keygen: 4k not supported [bsc#1161220]
* Add patch from Fedora libgcrypt-1.8.4-fips-keygen.patch
* Wed Dec 11 2019 Pedro Monreal Gonzalez - FIPS: RSA/DSA/ECDSA are missing hashing operation [bsc#1155337]
* Add libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch
* Wed Nov 27 2019 Pedro Monreal Gonzalez - Fix tests in FIPS mode:
* Fix tests: basic benchmark bench-slope pubkey t-cv25519 t-secmem
* Add patch libgcrypt-fix-tests-fipsmode.patch
* Tue Nov 26 2019 Pedro Monreal Gonzalez - Fix test dsa-rfc6979 in FIPS mode:
* Disable tests in elliptic curves with 192 bits which are not recommended in FIPS mode
* Add patch libgcrypt-dsa-rfc6979-test-fix.patch
* Tue Nov 12 2019 Pedro Monreal Gonzalez - CMAC AES and TDES FIPS self-tests:
* CMAC AES self test missing [bsc#1155339]
* CMAC TDES self test missing [bsc#1155338]- Add libgcrypt-CMAC-AES-TDES-selftest.patch
* Fri Aug 30 2019 Andreas Stieger - libgcrypt 1.8.5:
* CVE-2019-13627: mitigation against an ECDSA timing attack (boo#1148987)
* Improve ECDSA unblinding
* Provide a pkg-config file
* Wed Jun 26 2019 Jason Sikes - Fixed redundant fips tests in some situations causing sudo to stop working when pam-kwallet is installed. bsc#1133808
* Added libgcrypt-1.8.4-fips_ctor_skip_integrity_check.patch
* Removed libgcrypt-fips_run_selftest_at_constructor.patch because it was obsoleted by libgcrypt-1.8.3-fips-ctor.patch
* Removed libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch because it was obsoleted by libgcrypt-1.8.4-fips_ctor_skip_integrity_check.patch
* Fri Jun 21 2019 Pedro Monreal Gonzalez - Fixed env-script-interpreter in cavs_driver.pl
* Fri Jun 21 2019 Pedro Monreal Gonzalez - Security fix: [bsc#1138939, CVE-2019-12904]
* The C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)
* Added patches: - libgcrypt-CVE-2019-12904-GCM-Prefetch.patch - libgcrypt-CVE-2019-12904-GCM.patch - libgcrypt-CVE-2019-12904-AES.patch
* Fri Apr 26 2019 Jason Sikes - do not try to open /dev/urandom if getrandom() works
* Added libgcrypt-1.8.4-getrandom.patch- Drop libgcrypt-init-at-elf-load-fips.patch obsoleted by libgcrypt-1.8.3-fips-ctor.patch
* Tue Apr 23 2019 Jason Sikes - Restored libgcrypt-binary_integrity_in_non-FIPS.patch sans section that was partially causing bsc#1131183.- Fixed race condition in multi-threaded applications by allowing a FSM state transition to the current state. This means some tests are run twice.
* Added libgcrypt-1.8.4-allow_FSM_same_state.patch- Fixed an issue in malloc/free wrappers so that memory created by the malloc() wrappers will be destroyed using the free() wrappers.
* Added libgcrypt-1.8.4-use_xfree.patch
* Fri Apr 05 2019 Jason Sikes - removed libgcrypt-binary_integrity_in_non-FIPS.patch since it was breaking libotr. bsc#1131183
* Tue Mar 26 2019 Vítězslav Čížek - libgcrypt-1.8.3-fips-ctor.patch changed the way the fips selftests are invoked as well as the state transition, adjust the code so a missing checksum file is not an issue in non-FIPS mode (bsc#1097073)
* update libgcrypt-binary_integrity_in_non-FIPS.patch
* Tue Mar 26 2019 Vítězslav Čížek - Enforce the minimal RSA keygen size in fips mode (bsc#1125740)
* add libgcrypt-fips_rsa_no_enforced_mode.patch
* Fri Mar 22 2019 Vítězslav Čížek - Don\'t run full self-tests from constructor (bsc#1097073)
* Don\'t call global_init() from the constructor, _gcry_global_constructor() from libgcrypt-1.8.3-fips-ctor.patch takes care of the binary integrity check instead.
* Only the binary checksum will be verified, the remaining self-tests will be run upon the library initialization- Add libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch- Drop libgcrypt-init-at-elf-load-fips.patch and libgcrypt-fips_run_selftest_at_constructor.patch obsoleted by libgcrypt-1.8.3-fips-ctor.patch
* Thu Mar 07 2019 Pedro Monreal Gonzalez - Skip all the self-tests except for binary integrity when called from the constructor (bsc#1097073)
* Added libgcrypt-1.8.3-fips-ctor.patch from Fedora
* Mon Nov 26 2018 Vítězslav Čížek - Fail selftests when checksum file is missing in FIPS mode only (bsc#1117355)
* add libgcrypt-binary_integrity_in_non-FIPS.patch
* Sun Oct 28 2018 astiegerAATTsuse.com- libgcrypt 1.8.4:
* Fix infinite loop with specific application implementations
* Fix possible leak of a few bits of secret primes to pageable memory
* Fix possible hang in the RNG (1.8.3)
* Always make use of getrandom if possible and then use its /dev/urandom behaviour
* Mon Jul 02 2018 schwabAATTsuse.de- libgcrypt-1.6.3-aliasing.patch, libgcrypt-ppc64.patch, libgcrypt-strict-aliasing.patch: Remove obsolete patches- libgcrypt-1.4.1-rijndael_no_strict_aliasing.patch: Rediff- Reenable testsuite
* Wed Jun 13 2018 kbabiochAATTsuse.com- Update to version 1.8.3: - Use blinding for ECDSA signing to mitigate a novel side-channel attack. (CVE-2018-0495 bsc#1097410) - Fix incorrect counter overflow handling for GCM when using an IV size other than 96 bit. - Fix incorrect output of AES-keywrap mode for in-place encryption on some platforms. - Fix the gcry_mpi_ec_curve_point point validation function. - Fix rare assertion failure in gcry_prime_check.- Applied spec-cleaner
* Wed May 02 2018 pmonrealgonzalezAATTsuse.com- Suggest libgcrypt20-hmac for package libgcrypt20 to ensure they are installed in the right order. [bsc#1090766]
* Thu Mar 29 2018 pmonrealgonzalezAATTsuse.com- Extended the fipsdrv dsa-sign and dsa-verify commands with the - -algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455).
* Added libgcrypt-fipsdrv-enable-algo-for-dsa-sign.patch
* Added libgcrypt-fipsdrv-enable-algo-for-dsa-verify.patch
* Thu Feb 22 2018 fvogtAATTsuse.com- Use %license (boo#1082318)
  
ICM