./security/botan, Portable, easy to use, and efficient C++ crypto library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.10.17, Package name: botan-1.10.17, Maintainer: pkgsrc-users

Botan is a crypto library written in C++. It provides a variety of
cryptographic algorithms, including common ones such as AES, MD5, SHA,
HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that
are more obscure or specialized. It also offers X.509v3 certificates
and CRLs, and PKCS #10 certificate requests. A message processing
system that uses a filter/pipeline metaphor allows for many common
cryptographic tasks to be completed with just a few lines of code.
Assembly optimizations for common CPUs, including x86, x86-64, and
PowerPC, offers further speedups for critical tasks such as SHA-1
hashing and multiple precision integer operations.

Botan is licensed under the same permissive terms as NetBSD itself.


Required to build:
[lang/python27] [pkgtools/cwrappers]

Master sites:

SHA1: b36541b441fb116caf068b6157ad7d01d71ecd2e
RMD160: 77336d0c9a10c03e86ad5946f1e357ec70cee9e7
Filesize: 2643.24 KB

Version history: (Expand)


CVS history: (Expand)


   2018-09-04 02:02:03 by Min Sik Kim | Files touched by this commit (2)
Log message:
security/botan{,-devel}: Designate doc dir explicitly

Before this change, botan{,-devel} installed documents in
${PREFIX}/doc, not ${PREFIX}/share/doc, on Darwin.
   2018-07-18 02:06:25 by Joerg Sonnenberger | Files touched by this commit (168)
Log message:
Mark packages that require C++03 (or the GNU variants) if they fail with
C++14 default language.
   2018-07-03 07:03:44 by Adam Ciarcinski | Files touched by this commit (495)
Log message:
extend PYTHON_VERSIONS_ for Python 3.7
   2018-07-01 19:23:43 by Joerg Sonnenberger | Files touched by this commit (3) | Package updated
Log message:
Update to botan-1.10.17:
- Fix for CVE-2017-14737 (side channel)
- workaround a gcc7 bug on i386
- improve forward API compatibility
   2017-11-26 11:39:37 by Thomas Klausner | Files touched by this commit (1)
Log message:
botan: follow redirects
   2017-04-10 22:26:31 by Joerg Sonnenberger | Files touched by this commit (3) | Package updated
Log message:
Update Botan to 1.10.16:
    Fix a bug in X509 DN string comparisons that could result in out of
    bound reads. This could result in information leakage, denial of
    service, or potentially incorrect certificate validation results.
    (CVE-2017-2801)

    Avoid throwing during a destructor since this is undefined in
    C++11 and rarely a good idea. (GH #930)

    Fix a bug causing modular exponentiations done modulo even numbers
    to almost always be incorrect, unless the values were small. This
    bug is not known to affect any cryptographic operation in Botan. (GH
    #754)

    Avoid use of C++11 std::to_string in some code added in 1.10.14
    (GH #747 #834)

    Fix integer overflow during BER decoding, found by Falko Strenzke.
    This bug is not thought to be directly exploitable but upgrading ASAP
    is advised. (CVE-2016-9132)

    Fix two cases where (in error situations) an exception would be thrown
    from a destructor, causing a call to std::terminate.

    When RC4 is disabled in the build, also prevent it from being included
    in the OpenSSL provider. (GH #638)
   2017-01-01 15:44:09 by Thomas Klausner | Files touched by this commit (577)
Log message:
Add python-3.6 to incompatible versions.
   2016-11-11 20:46:48 by Joerg Sonnenberger | Files touched by this commit (3) | Package updated
Log message:
Update to Botan-1.10.13:
- Use constant time modular inverse algorithm to avoid possible side
  channel attack against ECDSA (CVE-2016-2849)
- Use constant time PKCS #1 unpadding to avoid possible side channel
  attack against RSA decryption (CVE-2015-7827)