|
|
|
|
Changelog for libcrypt1-4.4.27-1.5.x86_64.rpm :
* Mon Dec 20 2021 Dirk Müller - update to 4.4.27: * Limit the maximum amount of rbytes to 64 bytes (512 bits) for yescrypt, gost-yescrypt, and scrypt * Sun Nov 28 2021 Andreas Stieger - update to 4.4.26: * fix compilation on system with gcc >= 10 that do not support declarations with __attribute__((symver))- switch to bootstrapped tarball, add upstream signing key and verify source signature * Wed Aug 18 2021 Andreas Schwab - Update to 4.4.25 * Fix several issues found by Covscan in the testsuite. These include: - CWE-170: String not null terminated (STRING_NULL) - CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST) - CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) - CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH) - CWE-573: Missing varargs init or cleanup (VARARGS) - CWE-687: Argument cannot be negative (NEGATIVE_RETURNS) * Stricter checking of invalid salt characters (issue #135). * Thu Jun 24 2021 Paolo Stivanin - Update to 4.4.23 * Fix output calculation for gensalt_yescrypt_rn(). * Fix -Werror=conversion in lib/crypt-des-obsolete.c, test/des-obsolete.c, and test/des-obsolete_r.c. * The crypt_checksalt() function has been fixed to correctly return with \'CRYPT_SALT_INVALID\', in case the setting, that is passed to be checked, represents an empty passphrase or an uncomputed setting for descrypt without any salt characters. * The crypt_checksalt() function will now return the value \'CRYPT_SALT_METHOD_LEGACY\' in case the setting, that is passed to be checked, uses a hashing method, which is considered to be too weak for use with new passphrases. * Fix build when the CFLAGS variable, that is passed into the configure script, has a leading whitespace character in it (issue #123). * Tue Apr 13 2021 Paolo Stivanin - Update to 4.4.19 * Improve fallback implementation of explicit_bzero. * Add glibc-on-CSKY, ARC, and RISCV-32 entries to libcrypt.minver. These were added in GNU libc 2.29, 2.32, and 2.33 respectively * Do not build xcrypt.h if we’re not going to install it. * Do not apply --enable-obsolete-api-enosys mode to fcrypt. * Compilation fix for NetBSD. NetBSD’s declares encrypt and setkey to return int, contrary to POSIX (which says they return void). Rename those declarations out of the way with macros. * Compilation fixes for building with GCC 11. Basically fixes for explicit type-casting. * Force update of existing symlinks during installation * Mon Feb 22 2021 Andreas Schwab - Update to version 4.4.18 * Fix conversion error in lib/alg-gost3411-core.c * Tue Sep 01 2020 Andreas Schwab - Add compatibility provides for SLE15- Update to version 4.4.17 * Salt string compatibility with generic implementations * Mon Mar 02 2020 Andreas Schwab - Update to version 4.4.15 * The compatibility symbols crypt_gensalt_r, xcrypt, xcrypt_r, xcrypt_gensalt, and xcrypt_gensalt_r are deprecated further * Speed up ka-sunmd5 by skipping most of the test phrases- Package README.md and TODO.md (bsc#1165389) * Thu Jan 30 2020 Andreas Schwab - Update to version 4.4.12 * Another fix for GCC v10.x, which occurs on s390 architectures only. * Wed Jan 22 2020 Andreas Schwab - Update to version 4.4.11 * Fixes for GCC v10.x * Change how the known-answer tests are parallelized- gcc10.patch: remove * Thu Dec 12 2019 Andreas Schwab - gcc10.patch: fix build with gcc10 (bsc#1158192) * Sat Dec 07 2019 Andreas Schwab - Update to version 4.4.10 * Fix alignment problem for GOST 34.11 (Streebog) in gost-yestcrypt. * The crypt_ * functions will now all fail and set errno to ERANGE if their \'phrase\' argument is longer than CRYPT_MAX_PASSPHRASE_SIZE characters (this is currently 512) * The NT hashing method no longer truncates passphrases at 128 characters; Windows does not do this.- format-overflow.patch: remove * Thu Jun 20 2019 Martin Liška - Disable LTO due to symbol versioning (boo#1138833). * Tue Feb 19 2019 schwabAATTsuse.de- format-overflow.patch: Fix -Werror=format-overflow * Thu Feb 14 2019 Martin Liška - Update to version 4.4.3: * Add libxcrypt.so, libxcrypt.a and xcrypt.h. * Add new man3 manual pages. * Tue Oct 09 2018 schwabAATTsuse.de- Set compatibility level to suse * Wed Aug 08 2018 schwabAATTsuse.de- Add conflicts with glibc-devel < 2.28 * Mon Aug 06 2018 jengelhAATTinai.de- Fix RPM groups for Factory. * Wed Aug 01 2018 schwabAATTsuse.de- Update to libxcrypt 4.1.0 * Fix spelling of SUSE. * Lower the minimum required automake version to 1.14. * Fix build with USE_SWAPCONTEXT turned off. * Extend --enable-weak-hashes configure option to accept optional \"glibc\" parameter. * Fix the leak of obtained random bytes. * Check expected output strings for deterministic methods. * Fix memory leak in crypt_sha1_rn. * Fix read of random bytes out of bounds in gensalt_sha1_rn. * Make it possible to disable individual hashes at configure time. * Make salt validation pickier. * Replace crypt-sunmd5.c with BSD-licensed cleanroom reimplementation. * Make crypt_gensalt for $sha1 deterministic. * Fix incorrect output-size computation in crypt_sha1_rn. * Add docs for SHA1, MD5/Sun, NTHASH. * Introduce CRYPT_GENSALT_IMPLEMENTS_ * feature test macros. * Install libcrypt.pc symlink along with libxcrypt.pc. * Extend --enable-obsolete-api configure option. * Extend overall test coverage. * Wed May 23 2018 schwabAATTsuse.de- Update to libxcrypt 4.0.1 * Wed May 09 2018 schwabAATTsuse.de- ABI compatible replacement for libcypt from glibc
|
|
|