SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for nettle-3.3-lp154.2.6.x86_64.rpm :

* Thu Feb 09 2017 dimstarAATTopensuse.org- Explicitly BuildRequire m4
* Fri Oct 28 2016 astiegerAATTsuse.com- libnettle 3.3:
* Invalid private RSA keys, with an even modulo, are now rejected by rsa_private_key_prepare. (Earlier versions allowed such keys, even if results of using them were bogus). Nettle applications are required to call rsa_private_key_prepare and check the return value, before using any other RSA private key functions; failing to do so may result in crashes for invalid private keys.
* Ignore bit 255 of the x coordinate of the input point to curve25519_mul, as required by RFC 7748. To differentiate at compile time, curve25519.h defines the constant NETTLE_CURVE25519_RFC7748.
* RSA and DSA now use side-channel silent modular exponentiation, to defend against attacks on the private key from evil processes sharing the same processor cache. This attack scenario is of particular relevance when running an HTTPS server on a virtual machine, where you don\'t know who you share the cache hardware with. bsc#991464 CVE-2016-6489
* Fix sexp-conv crashes on invalid input
* Fix out-of-bounds read in des_weak_p
* Fix a couple of formally undefined shift operations
* Fix compilation with c89
* New function memeql_sec, for side-channel silent comparison of two memory areas.
* Building the public key support of nettle now requires GMP version 5.0 or later (unless --enable-mini-gmp is used).
* Tue Feb 23 2016 tchvatalAATTsuse.com- Fix postun->preun on info packages regenerating
* Thu Jan 28 2016 tchvatalAATTsuse.com- Version update to 3.2 release bnc#964849 CVE-2015-8805 bnc#964847 CVE-2015-8804 bnc#964845 CVE-2015-8803:
* New functions for RSA private key operations, identified by the \"_tr\" suffix, with better resistance to side channel attacks and to hardware or software failures which could break the CRT optimization
* SHA3 implementation is updated according to the FIPS 202 standard
* New ARM Neon implementation of the chacha stream cipher
* Should be compatible binary with 3.1 series- Add patch to fix build with cflags:
* nettle-respect-cflags.patch
* Mon Jun 22 2015 tchvatalAATTsuse.com- Remove off-by-one-test-suite.patch as it was fixed by upstream differently
* Sun Apr 26 2015 astiegerAATTsuse.com- nettle 3.1.1 Non-critical bugfix release, binary compatible to 3.1
* By accident, nettle-3.1 disabled the assembly code for the secp_224r1 and secp_521r1 elliptic curves on all x86_64 configurations, making signature operations on those curves 10%-30% slower. This code is now re-enabled.
* The x86_64 assembly implementation of gcm hashing has been fixed to work with the Sun/Oracle assembler.
* Thu Apr 23 2015 vpereiraAATTsuse.comadded patch: off-by-one-test-suite.patch- Address Sanitizer, found a off-by-one error in the test suite (bnc#928328)
* Sat Apr 11 2015 astiegerAATTsuse.com- nettle 3.1 (libnettle6, libhogweed4)- bug fixes in 3.1:
* Fixed a missing include of , which made the camellia implementation fail on all 64-bit non-x86 platforms.
* Eliminate out-of-bounds reads in the C implementation of memxor (related to valgrind\'s --partial-loads-ok flag). [bso#926745)- interface changes in 3.1:
* Declarations of many internal functions are moved from ecc.h to ecc-internal.h.- interface changes in 3.0:
* contains developer relevant incompatible interface changes- Removed features:
* nettle_next_prime, use GMP\'s mpz_nextprime
* Deleted the RSAREF compatibility- New features in 3.1:
* Support for curve25519 and for EdDSA25519 signatures.
* Support for \"fat builds\" on x86_64 and arm (not enabled)
* Support for building the hogweed library (public key support) using \"mini-gmp\" (not enabled)
* The shared libraries are now built with versioned symbols.
* Support for \"URL-safe\" base64 encoding and decoding- New features in 3.0:
* new DSA, AES, Camellia interfaces
* Support for Poly1305-AES MAC.
* Support for the ChaCha stream cipher and EXPERIMENTAL support for the ChaCha-Poly1305 AEAD mode.
* Support for EAX mode.
* Support for CCM mode.
* Additional variants of SHA512 with output size of 224 and 256 bits
* New interface, struct nettle_aead, for mechanisms providing authenticated encryption with associated data (AEAD).
* DSA: Support a wider range for the size of q and a wider range for the digest size.
* New command line tool nettle-pbkdf2.- Optimizations in 3.1:
* New x86_64 implementation of AES, using the \"aesni\" instructions- Optimizations in 3.0:
* New x86_64 assembly for GCM and MD5. Modest speedups on the order of 10%-20%.
* Fri Mar 13 2015 tchvatalAATTsuse.com- Add url to the spec
* Thu Mar 05 2015 mpluskalAATTsuse.com- Revert back to 2.7
  
ICM