| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libnettle8 | Distribution: openSUSE:Factory:zSystems |
| Version: 3.7.3 | Vendor: obs://build.opensuse.org/openSUSE:Factory:zSystems |
| Release: 2.3 | Build date: Sat May 14 22:31:50 2022 |
| Group: System/Libraries | Build host: s390zl23 |
| Size: 374458 | Source RPM: libnettle-3.7.3-2.3.src.rpm |
| Url: https://www.lysator.liu.se/~nisse/nettle/ | |
| Summary: Cryptographic Library | |
Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages (C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel space.
LGPL-2.1-or-later
* Mon Jan 17 2022 Pedro Monreal <pmonreal@suse.com>
- Provide s390x CPACF/SHA/AES Support for Crypto Libraries
* Add libnettle-s390x-CPACF-SHA-AES-support.patch [jsc#SLE-20733]
* Wed Jun 09 2021 Paolo Stivanin <info@paolostivanin.com>
- GNU Nettle 3.7.3: [CVE-2021-3580, bsc#1187060]
* Fix crash for zero input to rsa_sec_decrypt and
rsa_decrypt_tr. Potential denial of service vector.
* Ensure that all of rsa_decrypt_tr and rsa_sec_decrypt return
failure for out of range inputs, instead of either crashing,
or silently reducing input modulo n. Potential denial of
service vector.
* Ensure that rsa_decrypt returns failure for out of range
inputs, instead of silently reducing input modulo n.
* Ensure that rsa_sec_decrypt returns failure if the message
size is too large for the given key. Unlike the other bugs,
this would typically be triggered by invalid local
configuration, rather than by processing untrusted remote
data.
* Sun Mar 21 2021 Andreas Stieger <andreas.stieger@gmx.de>
- GNU Nettle 3.7.2:
* fix a bug in ECDSA signature verification that could lead to a
denial of service attack (via an assertion failure) or possibly
incorrect results (CVE-2021-20305, boo#1184401)
* fix a few related problems where scalars are required to be
canonically reduced modulo the ECC group order, but in fact may
be slightly larger
* Thu Feb 18 2021 Andreas Stieger <andreas.stieger@gmx.de>
- GNU Nettle 3.7.1:
* Fix bug in chacha counter update logic (ppc64 and ppc64el)
* Restore support for big-endian ARM platforms
* Fix corner case bug in ECDSA verify, it would produce incorrect
result in the unlikely case of an all-zero message hash
* Support for pbkdf2_hmac_sha384 and pbkdf2_hmac_sha512
* Remove poorly performing ARM Neon code for doing single-block
Salsa20 and Chacha
* Mon Jan 04 2021 Andreas Stieger <andreas.stieger@gmx.de>
- GNU Nettle 3.7:
* add bcrypt password hashing
* add optimizations: PowerPC64 assembly
- remove deprecated texinfo packaing macros
* Sun May 10 2020 Andreas Stieger <andreas.stieger@gmx.de>
- GNU Nettle 3.6:
* removal of internal and undocumented poly1305 functions
* Support for Curve448 and ED448 signatures
* Support for SHAKE256, SIV-CMAC, CMAC64, "CryptoPro" variant of
the GOST hash (as gosthash94cp), GOST DSA signatures, including
GOST curves gc256b and gc512a
* Support for Intel CET in x86 and x86_64 assembly files, if
enabled via CFLAGS (gcc --fcf-protection=full)
* A few new functions to improve support for the Chacha
variant with 96-bit nonce and 32-bit block counter (the
existing functions use nonce and counter of 64-bit each),
and functions to set the counter.
* New interface, struct nettle_mac, for MAC (message
authentication code) algorithms. This abstraction is only
for MACs that don't require a per-message nonce. For HMAC,
the key size is fixed, and equal the digest size of the
underlying hash function
* multiple bug fixes
- drop nettle-respect-cflags.patch
- silence packaging warning raised by HMAC files
(bsc#1152692, jsc#SLE-9518)
* Tue Oct 01 2019 Vítězslav Čížek <vcizek@suse.com>
- Install checksums for binary integrity verification which are
required when running in FIPS mode (bsc#1152692, jsc#SLE-9518)
* Thu Aug 01 2019 Andreas Stieger <andreas.stieger@gmx.de>
- update to 3.5.1:
* correct upstream source packaging problems
- new in 3.5:
* gcm_crypt will now call the underlying block cipher to process
more than one block at a time
* Support for CFB8 (Cipher Feedback Mode, processing a single
octet per block cipher operation)
* Support for CMAC (RFC 4493)
* Support for XTS mode
* various improvements
* Wed Jan 02 2019 Vítězslav Čížek <vcizek@suse.com>
- Update to 3.4.1 release
* Fix CVE-2018-16869 (bsc#1118086)
All functions using RSA private keys are now side-channel
silent, meaning that they try hard to avoid any branches or
memory accesses depending on secret data. This applies both to
the bignum calculations, which now use GMP's mpn_sec_* family
of functions, and the processing of PKCS#1 padding needed for
RSA decryption.
* Changes in behavior:
The functions rsa_decrypt and rsa_decrypt_tr may now clobber
all of the provided message buffer, independent of the
actual message length. They are side-channel silent, in that
branches and memory accesses don't depend on the validity or
length of the message. Side-channel leakage from the
caller's use of length and return value may still provide an
oracle useable for a Bleichenbacher-style chosen ciphertext
attack. Which is why the new function rsa_sec_decrypt is
recommended.
* New features:
A new function rsa_sec_decrypt.
* Bug fixes:
- Fix bug in pkcs1-conv, missing break statements in the
parsing of PEM input files.
- Fix link error on the pss-mgf1-test test, affecting builds
without public key support.
* Thu Dec 06 2018 Jan Engelhardt <jengelh@inai.de>
- Adjust SRPM group.
/usr/lib64/.libnettle.so.8.hmac /usr/lib64/libnettle.so.8 /usr/lib64/libnettle.so.8.4 /usr/share/licenses/libnettle8 /usr/share/licenses/libnettle8/COPYING.LESSERv3 /usr/share/licenses/libnettle8/COPYINGv2 /usr/share/licenses/libnettle8/COPYINGv3
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Jun 15 00:17:47 2022