Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libgcrypt20-1.6.1-26.1 RPM for x86_64

From OpenSuSE Leap 42.1 updates for x86_64

Name: libgcrypt20 Distribution: openSUSE Leap 42.1
Version: 1.6.1 Vendor: openSUSE
Release: 26.1 Build date: Mon Apr 18 10:10:17 2016
Group: Development/Libraries/C and C++ Build host: cloud126
Size: 967376 Source RPM: libgcrypt-1.6.1-26.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://directory.fsf.org/wiki/Libgcrypt
Summary: The GNU Crypto Library
Libgcrypt is a general purpose crypto library based on the code used in
GnuPG (alpha version).

Provides

Requires

License

GPL-2.0+ and LGPL-2.1+

Changelog

* Mon Apr 04 2016 pjanouch@suse.de
  - Add libgcrypt-CVE-2015-7511.patch (bsc#965902),
    fixing side-channel attack on ECDH with Weierstrass curves
* Tue Mar 15 2016 hpj@suse.com
  - Update libgcrypt-bsc932232-avoid-drbg-crash-with-fips.patch
    (bsc#970882). Fixes crashes with GPG key generation.
* Thu Nov 26 2015 hpj@suse.com
  - Add libgcrypt-bsc932232-avoid-drbg-crash-with-fips.patch
    (bsc#932232).
* Fri Aug 14 2015 vcizek@suse.com
  - fix for CVE-2015-0837 (bsc#920057)
    * Fixed data-dependent timing variations in modular exponentiation
      [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
      are Practical]
    * added patches:
      libgcrypt-CVE-2015-0837-1.patch
      libgcrypt-CVE-2015-0837-2.patch
      libgcrypt-CVE-2015-0837-3.patch
* Tue Aug 04 2015 vcizek@suse.com
  - don't drop privileges when locking secure memory (bsc#938343)
    * added libgcrypt-secmem_dont_drop_privilege.patch
* Thu May 28 2015 vcizek@suse.com
  - the RSA decryption needs p < q for CRT to work
    (bnc#929919)
    * added libgcrypt-fips_rsa_p_less_than_q.patch
  - minor changes to the testsuite
    * modified libgcrypt-fips_testsuite.patch
* Fri May 22 2015 abergmann@suse.com
  - remove obsolete drbg_test.patch added Aug 22 2014, now covered by
    libgcrypt-fips_add_drbg_cavs_test.patch
    * removed drbg_test.patch
* Fri May 22 2015 abergmann@suse.com
  - update local cavs_driver.pl copy to the latest version
* Fri May 22 2015 abergmann@suse.com
  - enable DRBG reseeding
    * added libgcrypt-1.6.1-drbg-reseeding.patch
    * added drbg_test-reseeding.patch
* Thu May 21 2015 vcizek@suse.com
  - add possibility to specify salt length for RSASSA-PSS verification
    * added libgcrypt-fips_pss.patch
* Mon Apr 27 2015 vcizek@suse.com
  - perform selftests if the module is complete (checksum files are
    installed) (bnc#928740)
    * changed libgcrypt-fips_run_selftest_at_constructor.patch
* Mon Mar 16 2015 jmatejek@suse.com
  - updated %post and %postun scripts with correct .info filenames
* Mon Mar 09 2015 vcizek@suse.com
  - fix CVE-2014-3591 (bnc#920057)
    * use ciphertext blinding for Elgamal decryption
    * added libgcrypt-CVE-2014-3591.patch
* Wed Feb 18 2015 vcizek@suse.com
  - handle priming error in DRBG continuous test (bnc#905483)
    * added libgcrypt-fips_handle_priming_error_in_drbg.patch
      from Jan Matejek
* Mon Feb 16 2015 vcizek@suse.com
  - fix a bug in FIPS 186-4 dsa generation
    * changed libgcrypt-fips-dsa.patch
  - testsuite adjustments to make it work in fips mode (bnc#899524)
    * added libgcrypt-fips_testsuite.patch
    * dropped FIXME-temporary-hack-to-make-some-tests-work.patch
* Mon Feb 02 2015 vcizek@suse.com
  - use the RSA keygen generator from Fedora that supports KAT tests
    * added libgcrypt-fips_rsa_keygen.patch
  - add gcrypt_rsagtest binary for CAVS testing of rsa keygen KAT
    * added libgcrypt-fips_KAT_keygen_test.patch
* Mon Jan 05 2015 vcizek@suse.com
  - merge in RSA keygen RPP and KAT tests from Fedora
    * fixes bnc#900275 and bnc#900276
    * added libgcrypt-fips_cavs_rsa_keygen.patch
* Mon Dec 15 2014 vcizek@suse.com
  - all the drbg patches were merged into
    v10-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
  - update drbg_test (libgcrypt-fips_add_drbg_cavs_test.patch)
  - add libgcrypt-fips_fipsdrv.patch
* Thu Oct 02 2014 vcizek@suse.com
  - address a potential integer issue
    * changed libgcrypt-fips_PKBKDF_missing_step1.patch
* Tue Sep 30 2014 vcizek@suse.com
  - enable HW support in fips mode (bnc#896435)
    * added libgcrypt-fips_enable_hardware_support.patch
* Mon Sep 29 2014 vcizek@suse.com
  - fixes from Jan Matejek:
    * make DSA selftest use 2048 bit keys (bnc#898003)
    * added ECDSA selftests and add support for it to the CAVS testing
      framework (bnc#896202)
    * fix a bug in fipsdrv
    * changed patches:
    - libgcrypt-1.6.1-fips-cavs.patch
    - libgcrypt-fips_ecdsa.patch
    - libgcrypt-fips-dsa.patch
* Fri Sep 26 2014 vcizek@suse.com
  - hide most of the fips patches behind a conditional, so they are
    not applied
* Fri Sep 26 2014 lnussel@suse.de
  - fix condition for minimal e_value (bnc#896201,
    RSA-FIPS-186-4-adjustments.patch)
  - more testsuite fixes (fix-test-suite-for-RSA-in-fips-mode.patch,
    FIXME-temporary-hack-to-make-some-tests-work.patch)
* Fri Sep 26 2014 vcizek@suse.com
  - don't apply libgcrypt-fips_run_selftest_at_constructor.patch
    * the system currently doesn't boot with it in FIPS mode (bnc#898253)
* Thu Sep 25 2014 lnussel@suse.de
  - update libgcrypt-1.6.1-use-fipscheck.patch to not require
    hardcoding library soname
  - FIPS 186-4 RSA adjustments (bnc#896201)
    Added patches:
    * calculate-fips-checksum-after-build.patch
    * disable-algorithms-that-are-not-allowed-in-fips.patch
    * RSA-FIPS-186-4-adjustments.patch
    * skip-GCM-for-FIPS.patch
    * fix-test-suite-for-RSA-in-fips-mode.patch
    * FIXME-temporary-hack-to-make-some-tests-work.patch
* Tue Sep 23 2014 vcizek@suse.com
  - add missing PKSC5v2.1 step 1 to PBKDF algorithm (bnc#898005)
* Sun Sep 21 2014 vcizek@suse.com
  - disabled curve P-192 in FIPS mode (bnc#896202)
    * added libgcrypt-fips_ecdsa.patch
  - don't use SHA-1 for ECDSA in FIPS mode
  - also run the fips self tests only in FIPS mode
* Tue Sep 16 2014 vcizek@suse.com
  - run the fips self tests at the constructor code
    * added libgcrypt-fips_run_selftest_at_constructor.patch
* Tue Sep 16 2014 vcizek@suse.com
  - rewrite the DSA-2 code to be FIPS 186-4 compliant (bnc#894216)
    * added libgcrypt-fips-dsa.patch
    * install fips186_dsa
  - use 2048 bit keys in selftests_dsa
* Mon Sep 01 2014 vcizek@suse.com
  - fix an issue in DRBG patchset
    * size_t type is 32-bit on 32-bit systems
  - added v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
  - added v9-0007-User-interface-to-DRBG.patch
  - removed v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
  - removed v7-0007-User-interface-to-DRBG.patch
  - update drbg_test.c to the latest release
* Fri Aug 22 2014 vcizek@suse.com
  - fix a potential NULL pointer deference in DRBG patchset
    * fixes from https://bugs.g10code.com/gnupg/issue1701
    * added v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
    * added v7-0007-User-interface-to-DRBG.patch
    * removed 0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2
    * removed 0007-User-interface-to-DRBG.patch
  - add a subpackage for CAVS testing
    * add cavs_driver.pl and cavs-test.sh from the kernel cavs package
    * added drbg_test.patch
* Tue Aug 12 2014 meissner@suse.com
  - split off the -hmac package that contains the checksums
* Mon May 26 2014 meissner@suse.com
  - libgcrypt-fix-rng.patch: make drbg work again in FIPS mode.
  - libgcrypt-1.6.1-use-fipscheck.patch: library to test is libgcrypt.so.20
    and not libgcrypt.so.11
  - libgcrypt-init-at-elf-load-fips.patch: initialize at ELF DSO
    load time.
* Tue May 13 2014 vcizek@suse.com
  - add new 0007-User-interface-to-DRBG.patch from upstream
    * fixes bnc#877233
* Tue May 06 2014 vcizek@suse.com
  - add support for SP800-90A DRBG (fate#316929, bnc#856312)
    * patches by Stephan Mueller (http://www.chronox.de/drbg.html):
      0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2
      0002-Compile-DRBG.patch
      0003-Function-definitions-of-interfaces-for-random.c.patch
      0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch
      0005-Function-definitions-for-gcry_control-callbacks.patch
      0006-DRBG-specific-gcry_control-requests.patch
      0007-User-interface-to-DRBG.patch
* Tue May 06 2014 vcizek@suse.com
  - FIPS changes (from Fedora):
    - replaced libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff by
      libgcrypt-1.6.1-fips-cfgrandom.patch
    - libgcrypt-fixed-sizet.patch: fixed an int type for -flto
    - libgcrypt-1.6.1-use-fipscheck.patch: use the fipscheck binary
    - libgcrypt-1.6.1-fips-cavs.patch: add CAVS tests
* Thu Jan 30 2014 idonmez@suse.com
  - Drop arm-missing-files.diff, fixed upstream
* Wed Jan 29 2014 andreas.stieger@gmx.de
  - libgcrypt 1.6.1, a bugfix release with the folloging fixes:
    * Added emulation for broken Whirlpool code prior to 1.6.0.
    * Improved performance of KDF functions.
    * Improved ECDSA compliance.
    * Fixed message digest lookup by OID (regression in 1.6.0).
    * Fixed memory leaks in ECC code.
    * Fixed some asm build problems and feature detection bugs.
    * Interface changes relative to the 1.6.0 release:
      GCRY_MD_FLAG_BUGEMU1            NEW (minor API change).
* Fri Jan 03 2014 dmueller@suse.com
  - add arm-missing-files.diff: Add missing files to fix build
* Fri Jan 03 2014 mvyskocil@suse.com
  - fix bnc#856915: can't open /dev/urandom
    * correct libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff
  - require libgpg-error 1.11 or higher
* Thu Dec 19 2013 mvyskocil@suse.com
  - fix dependency for 32bit devel package
  - name hmac files according soname
  - fix hmac subpackage dependency
* Thu Dec 19 2013 mvyskocil@suse.com
  - update to 1.6.
    * Removed the long deprecated gcry_ac interface.  Thus Libgcrypt is
    not anymore ABI compatible to previous versions if they used the ac
    interface. Check NEWS in libgcrypt-devel for removed interfaces.
    * Removed the module register subsystem.
    * The deprecated message digest debug macros have been removed.  Use
    gcry_md_debug instead.
    * Removed deprecated control codes.
    * Improved performance of most cipher algorithms as well as for the
    SHA family of hash functions.
    * Added support for the IDEA cipher algorithm.
    * Added support for the Salsa20 and reduced Salsa20/12 stream ciphers.
    * Added limited support for the GOST 28147-89 cipher algorithm.
    * Added support for the GOST R 34.11-94 and R 34.11-2012 (Stribog)
    hash algorithms.
    * Added a random number generator to directly use the system's RNG.
    Also added an interface to prefer the use of a specified RNG.
    * Added support for the SCRYPT algorithm.
    * Mitigated the Yarom/Falkner flush+reload side-channel attack on RSA
    secret keys.  See <http://eprint.iacr.org/2013/448> [CVE-2013-4242].
    * Added support for Deterministic DSA as per RFC-6969.
    * Added support for curve Ed25519.
    * Added a scatter gather hash convenience function.
    * Added several MPI amd SEXP helper functions.
    * Added support for negative numbers to gcry_mpi_print,
    gcry_mpi_aprint and gcry_mpi_scan.
    * The algorithm ids GCRY_PK_ECDSA and GCRY_PK_ECDH are now
    deprecated.  Use GCRY_PK_ECC if you need an algorithm id.
    * Changed gcry_pk_genkey for "ecc" to only include the curve name and
    not the parameters.  The flag "param" may be used to revert this.
    * Added a feature to globally disable selected hardware features.
    * Added debug helper functions.
  - rebased patches
    * libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff
    * libgcrypt-ppc64.patch
  - add libgcrypt-1.6.0-use-intenal-functions.patch to fix fips.c build
  - Move all documentation to -devel package
* Fri Jul 26 2013 andreas.stieger@gmx.de
  - update to 1.5.3 [bnc#831359] CVE-2013-4242
    * Mitigate the Yarom/Falkner flush+reload side-channel attack on
    RSA secret keys.  See <http://eprint.iacr.org/2013/448>.
* Thu Jul 25 2013 mvyskocil@suse.com
  - port SLE enhancenments to Factory (bnc#831028)
    * add libgcrypt-unresolved-dladdr.patch (bnc#701267)
    * add libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff (bnc#724841)
    * add libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff
  - install .hmac256.hmac (bnc#704068)
  - enable varuous new options in configure (m-guard, hmac binary check and
    random device linux)
  - build with all ciphers, pubkeys and digest by default as whitelist
    simply allowed them all
* Mon Jun 17 2013 coolo@suse.com
  - avoid gpg-offline in bootstrap packages
* Sun Jun 16 2013 crrodriguez@opensuse.org
  - Library must be built with large file support in
    32 bit archs.
* Thu Apr 18 2013 andreas.stieger@gmx.de
  - update to 1.5.2
    * The upstream sources now contain the IDEA algorithm, dropping:
    idea.c.gz
    libgcrypt-1.5.0-idea.patch
    libgcrypt-1.5.0-idea_codecleanup.patch
    * Made the Padlock code work again (regression since 1.5.0).
    * Fixed alignment problems for Serpent.
    * Fixed two bugs in ECC computations.
* Fri Mar 22 2013 mvyskocil@suse.com
  - add GPL3.0+ to License tag because of dumpsexp (bnc#810759)
* Mon Mar 18 2013 andreas.stieger@gmx.de
  - update to 1.5.1
    * Allow empty passphrase with PBKDF2.
    * Do not abort on an invalid algorithm number in
    gcry_cipher_get_algo_keylen and gcry_cipher_get_algo_blklen.
    * Fixed some Valgrind warnings.
    * Fixed a problem with select and high fd numbers.
    * Improved the build system
    * Various minor bug fixes.
    * Interface changes relative to the 1.5.0 release:
    GCRYCTL_SET_ENFORCED_FIPS_FLAG         NEW.
    GCRYPT_VERSION_NUMBER                  NEW.
  - add verification of source code signatures
  - now requires automake 1.11 to build
* Sat Feb 02 2013 coolo@suse.com
  - update license to new format
* Tue Jun 12 2012 chris@computersalat.de
  - fix deps
    * libgpg-error-devel >= 1.8
  - add libsoname macro
* Sun Feb 12 2012 crrodriguez@opensuse.org
  - Libraries back into %{_libdir}, /usr merge project
* Sat Dec 24 2011 opensuse@dstoecker.de
  - add the missing IDEA algorithm after the patent is no longer relevant
* Sun Nov 13 2011 jengelh@medozas.de
  - Remove redundant/unwanted tags/section (cf. specfile guidelines)
* Sun Nov 13 2011 coolo@suse.com
  - add libtool as explicit buildrequire to avoid implicit dependency from prjconf
* Sun Oct 02 2011 crrodriguez@opensuse.org
  - Update to version 1.5.0, most important changes
    * Uses the Intel AES-NI instructions if available
    * Support ECDH.
* Fri Nov 19 2010 mvyskocil@suse.cz
  - update to 1.4.6
    * Fixed minor memory leak in DSA key generation.
    * No more switching to FIPS mode if /proc/version is not readable.
    * Fixed a sigill during Padlock detection on old CPUs.
    * Boosted SHA-512 performance by 30% on ia32 boxes and gcc 4.3;
    SHA-256 went up by 25%.
    * New variants of the TIGER algorithm.
    * New cipher algorithm mode for AES-WRAP.
    * Interface changes relative to the 1.4.2 release:
      GCRY_MD_TIGER1             NEW
      GCRY_MD_TIGER2             NEW
      GCRY_CIPHER_MODE_AESWRAP   NEW
* Sun Jul 04 2010 jengelh@medozas.de
  - add missing definition of udiv_qrnnd for sparcv9:32
  - use %_smp_mflags
* Sat Dec 19 2009 jengelh@medozas.de
  - add baselibs.conf as a source
  - disable the use of hand-coded assembler functions on sparc -
    this is giving me an infinite loop with ./tests/prime
    (specifically ./sparc32v8/mpih-mul1.S:_gcry_mpih_mul_1.
    Fedora disables this too.
* Tue Apr 07 2009 crrodriguez@suse.de
  - update to version 1.4.4
    * Publish GCRY_MODULE_ID_USER and GCRY_MODULE_ID_USER_LAST constants.
    This functionality has been in Libgcrypt since 1.3.0.
    * MD5 may now be used in non-enforced fips mode.
    * Fixed HMAC for SHA-384 and SHA-512 with keys longer than 64 bytes.
    * In fips mode, RSA keys are now generated using the X9.31 algorithm
    and DSA keys using the FIPS 186-2 algorithm.
    * The transient-key flag is now also supported for DSA key
    generation.  DSA domain parameters may be given as well.

Files

/usr/lib64/libgcrypt.so.20
/usr/lib64/libgcrypt.so.20.0.1
/usr/share/doc/packages/libgcrypt20
/usr/share/doc/packages/libgcrypt20/COPYING.LIB


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Aug 10 10:44:58 2019