Next | Query returned 164 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:


   2023-11-15 16:26:49 by Nia Alarie | Files touched by this commit (1)
Log message:
libgcrypt: Fix building on Darwin/ppc.
   2023-11-15 11:35:26 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
libgcrypt: update patch comment
   2023-11-15 11:06:12 by Adam Ciarcinski | Files touched by this commit (4) | Package updated
Log message:
libgcrypt: updated to 1.10.3

Noteworthy changes in version 1.10.3 (2023-11-14)
-------------------------------------------------

* Bug fixes:

  - Fix public key computation for other EdDSA curves.
  - Remove out of core handler diagnostic in FIPS mode.
  - Check that the digest size is not zero in gcry_pk_sign_md and
    gcry_pk_verify_md.
  - Make store an s-exp with \0 is considered to be binary.
  - Various constant-time improvements.

* Portability:
  - Use getrandom call only when supported by the platform.
  - Change the default for --with-libtool-modification to never.
   2023-06-16 01:41:41 by Taylor R Campbell | Files touched by this commit (1)
Log message:
security/libgcrypt: Make this cross-compile.
   2023-04-07 11:15:55 by Adam Ciarcinski | Files touched by this commit (7) | Package updated
Log message:
libgcrypt: updated to 1.10.2

Noteworthy changes in version 1.10.2 (2023-04-06)  [C24/A4/R2]
-------------------------------------------------

* Bug fixes:

  - Fix Argon2 for the case output > 64.  [rC13b5454d26]

  - Fix missing HWF_PPC_ARCH_3_10 in HW feature.  [rCe073f0ed44]

  - Fix RSA key generation failure in forced FIPS mode.  [T5919]

  - Fix gcry_pk_hash_verify for explicit hash.  [T6066]

  - Fix a wrong result of gcry_mpi_invm.  [T5970]

  - Allow building with --disable-asm for HPPA.  [T5976]

  - Fix Jitter RNG for building native on Windows.  [T5891]

  - Allow building with -Oz.  [T6432]

  - Enable the fast path to ChaCha20 only when supported.  [T6384]

  - Use size_t to avoid counter overflow in Keccak when directly
    feeding more than 4GiB.  [T6217]

* Other:

  - Do not use secure memory for a DRBG instance.  [T5933]

  - Do not allow PKCS#1.5 padding for encryption in FIPS mode.
    [T5918]

  - Fix the behaviour for child process re-seeding in the DRBG.
    [rC019a40c990]

  - Allow verification of small RSA signatures in FIPS mode.  [T5975]

  - Allow the use of a shorter salt for KDFs in FIPS mode.  [T6039]

  - Run digest+sign self tests for RSA and ECC in FIPS mode.
    [rC06c9350165]

  - Add function-name based FIPS indicator function.
    GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION.  This is not considered
    an ABI changes because the new FIPS features were not yet
    approved.  [rC822ee57f07]

  - Improve PCT in FIPS mode.  [rC285bf54b1a, rC4963c127ae, T6397]

  - Use getrandom (GRND_RANDOM) in FIPS mode.  [rCcf10c74bd9]

  - Disable RSA-OAEP padding in FIPS mode.  [rCe5bfda492a]

  - Check minimum allowed key size in PBKDF in FIPS mode.
    [T6039,T6219]

  - Get maximum 32B of entropy at once in FIPS mode.  [rCce0df08bba]

  - Prefer gpgrt-config when available.  [T5034]

  - Mark AESWRAP as approved FIPS algorithm.  [T5512]

  - Prevent usage of long salt for PSS in FIPS mode.  [rCfdd2a8b332]

  - Prevent usage of X9.31 keygen in FIPS mode.  [rC392e0ccd25]

  - Remove GCM mode from the allowed FIPS indicators.  [rC1540698389]

  - Add explicit FIPS indicators for hash and MAC algorithms. [T6376]
   2022-09-18 10:50:59 by Niclas Rosenvik | Files touched by this commit (1)
Log message:
Add missing pkg-config override for libgcrypt
   2022-09-18 10:42:46 by Niclas Rosenvik | Files touched by this commit (2)
Log message:
Fix usage of -O and -Oz compiling options

The sed options that clear out optimization
options for rndjent.c, that must be compiled
without optimization, did not take away -O
as reported by Jason Bacon on pkgsrc-users.
While here also make it take away the -Oz
optimization option supported by gcc 12
and later.
   2022-03-29 09:16:00 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
libgcrypt: updated to 1.10.1

Noteworthy changes in version 1.10.1 (2022-03-28)
-------------------------------------------------

 * Bug fixes:
   - Fix minor memory leaks in FIPS mode.
   - Build fixes for MUSL libc.

 * Other:
   - More portable integrity check in FIPS mode.
   - Add X9.62 OIDs to sha256 and sha512 modules.
   2022-02-15 10:30:17 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
libgcrypt: update to 1.10.0.

Noteworthy changes in version 1.10.0 (2022-02-01)  [C24/A4/R0]
-------------------------------------------------

 * New and extended interfaces:

   - New control codes to check for FIPS 140-3 approved algorithms.

   - New control code to switch into non-FIPS mode.

   - New cipher modes SIV and GCM-SIV as specified by RFC-5297.

   - Extended cipher mode AESWRAP with padding as specified by
     RFC-5649.  [T5752]

   - New set of KDF functions.

   - New KDF modes Argon2 and Balloon.

   - New functions for combining hashing and signing/verification.  [T4894]

 * Performance:

   - Improved support for PowerPC architectures.

   - Improved ECC performance on zSeries/s390x by using accelerated
     scalar multiplication.

   - Many more assembler performance improvements for several
     architectures.

 * Bug fixes:

   - Fix Elgamal encryption for other implementations.
     [R5328,CVE-2021-40528]

   - Fix alignment problem on macOS.  [T5440]

   - Check the input length of the point in ECDH.  [T5423]

   - Fix an abort in gcry_pk_get_param for "Curve25519".  [T5490]

 * Other features:

   - The control code GCRYCTL_SET_ENFORCED_FIPS_FLAG is ignored
     because it is useless with the FIPS 140-3 related changes.

   - Update of the jitter entropy RNG code.  [T5523]

   - Simplification of the entropy gatherer when using the getentropy
     system call.
   2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605)
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2

Next | Query returned 164 messages, browsing 1 to 10 | Previous