Navigation:
Browse pkgsrc
(this page)| 2018-07-18 02:06:25 by Joerg Sonnenberger | Files touched by this commit (168) |
Log message: Mark packages that require C++03 (or the GNU variants) if they fail with C++14 default language. |
| 2018-07-03 07:03:44 by Adam Ciarcinski | Files touched by this commit (495) |
Log message: extend PYTHON_VERSIONS_ for Python 3.7 |
| 2018-07-01 19:23:43 by Joerg Sonnenberger | Files touched by this commit (3) |
Log message: Update to botan-1.10.17: - Fix for CVE-2017-14737 (side channel) - workaround a gcc7 bug on i386 - improve forward API compatibility |
| 2017-11-26 11:39:37 by Thomas Klausner | Files touched by this commit (1) |
Log message: botan: follow redirects |
| 2017-04-10 22:26:31 by Joerg Sonnenberger | Files touched by this commit (3) |
Log message:
Update Botan to 1.10.16:
Fix a bug in X509 DN string comparisons that could result in out of
bound reads. This could result in information leakage, denial of
service, or potentially incorrect certificate validation results.
(CVE-2017-2801)
Avoid throwing during a destructor since this is undefined in
C++11 and rarely a good idea. (GH #930)
Fix a bug causing modular exponentiations done modulo even numbers
to almost always be incorrect, unless the values were small. This
bug is not known to affect any cryptographic operation in Botan. (GH
#754)
Avoid use of C++11 std::to_string in some code added in 1.10.14
(GH #747 #834)
Fix integer overflow during BER decoding, found by Falko Strenzke.
This bug is not thought to be directly exploitable but upgrading ASAP
is advised. (CVE-2016-9132)
Fix two cases where (in error situations) an exception would be thrown
from a destructor, causing a call to std::terminate.
When RC4 is disabled in the build, also prevent it from being included
in the OpenSSL provider. (GH #638)
|
| 2017-01-01 15:44:09 by Thomas Klausner | Files touched by this commit (577) |
Log message: Add python-3.6 to incompatible versions. |
| 2016-11-11 20:46:48 by Joerg Sonnenberger | Files touched by this commit (3) |
Log message: Update to Botan-1.10.13: - Use constant time modular inverse algorithm to avoid possible side channel attack against ECDSA (CVE-2016-2849) - Use constant time PKCS #1 unpadding to avoid possible side channel attack against RSA decryption (CVE-2015-7827) |
| 2016-07-09 15:04:18 by Thomas Klausner | Files touched by this commit (599) |
Log message: Remove python33: adapt all packages that refer to it. |
| 2016-06-19 07:26:37 by Mark Davies | Files touched by this commit (1) |
Log message: Don't try to use sphinx if found. |
| 2016-06-09 10:20:44 by Havard Eidnes | Files touched by this commit (4) |
Log message: Follow joerg's advice, use i386 as PLIST variable and revert to just one PLIST. Installs cleanly on NetBSD/i386 and NetBSD/amd64. |
New packages: