Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

Botan-3.6.0-1.1 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

Name: Botan Distribution: openSUSE Tumbleweed
Version: 3.6.0 Vendor: openSUSE
Release: 1.1 Build date: Fri Oct 25 14:47:42 2024
Group: Development/Libraries/C and C++ Build host: reproducible
Size: 1015407 Source RPM: Botan-3.6.0-1.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://botan.randombit.net
Summary: A C++ Crypto Library
Botan is a C++ library that provides support for many common
cryptographic operations, including encryption, authentication, and
X.509v3 certificates and CRLs. A wide variety of algorithms is
supported, including RSA, DSA, DES, AES, MD5, and SHA-1.

Provides

Requires

License

BSD-2-Clause

Changelog

* Fri Oct 25 2024 Angel Yankov <angel.yankov@suse.com>
  - Botan 3.6.0, the latest stable release of the Botan 3 series
    * Fully integrate and further optimize the new ECC library first introduced in 3.5.0. For common curves, operations are 2 to 3 times faster. This also introduces a new API for low level EC operations, such a point multiplication, using EC_Scalar and EC_AffinePoint types
    * Add support for AVX2-VAES instructions
    * Add support for new ECC curves
    * Fix: CVE-2024-50382
    For full changelog, see: https://botan.randombit.net/news.html#version-3-6-0-2024-10-21
* Tue Jul 30 2024 Andreas Stieger <andreas.stieger@gmx.de>
  - Botan 3.5.0, the latest stable release of the Botan 3 series
    * TLS 1.3 supported
    * large header cleanup compared to v2
    * start support of Post Quantum Crypto
    * removed: CAST-256, MISTY1, Kasumi, DESX, XTEA, PBKDF1, MCEIES,
      CBC-MAC, Tiger, CECPQ1, and NewHope
  - The legacy Botan 2 series moved to Botan2 source package. It is
    EOL at the end of 2024.
* Mon Jul 15 2024 Angel Yankov <angel.yankov@suse.com>
  - Update to 2.19.5:
    * Fix multiple Denial of service attacks due to X.509 cert processing:
    * CVE-2024-34702 - bsc#1227238
    * CVE-2024-34703 - bsc#1227607
    * CVE-2024-39312 - bsc#1227608
    * Fix a crash in OCB
    * Fix a test failure in compression with certain versions of zlib
    * Fix some iterator debugging errors in TLS CBC decryption.
    * Avoid a miscompilation in ARIA when using XCode 14
* Fri Nov 17 2023 Marcus Meissner <meissner@suse.com>
  - remove botan binary (moves to Botan3)
* Thu Nov 17 2022 Jason Sikes <jsikes@suse.com>
  - Update to 2.19.3:
    * validate that an embedded certificate was issued by the end-entity
      issuing certificate authority when checking OCSP responses.
    * CVE-2022-43705
    * bsc#1205509
* Wed Jun 08 2022 Dirk Müller <dmueller@suse.com>
  - update to 2.19.2:
    * Add support for parallel computation in Argon2
    * Add SSSE3 implementation of Argon2
    * The OpenSSL provider was incompatible with OpenSSL 3.0.
      It has been removed
    * Avoid using reserve in secure_vector appending, which caused
      a performance problem
    * Fix TLS::Text_Policy behavior when X25519 is disabled
      at build time
    * Fix several warnings from Clang
* Sun Jan 23 2022 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 2.19.1:
    * Add a forward error correction code compatible with the zfec
      library
* Wed Nov 24 2021 Dirk Müller <dmueller@suse.com>
  - update to 2.18.2:
    * Avoid using short exponents when encrypting in ElGamal, as some PGP
      implementations generate keys with parameters that are weak when
      short exponents are used CVE-2021-40529 boo#1190244
    * Fix a low risk OAEP decryption side channel
    * Work around a miscompilation of SHA-3 caused by a bug in Clang 12
      and XCode 13
    * Remove support in OpenSSL provider for algorithms which are
      disabled by default in OpenSSL 3.0
    * Add CI based on GitHub actions to replace Travis CI
    * Fix the online OCSP test, as the certificate involved had expired.
    * Fix some test failures induced by the expiration of the trust root
      "DST Root CA X3"
* Mon May 10 2021 Andreas Stieger <andreas.stieger@gmx.de>
  - Botan 2.18.1:
    * Fix a build regression in 2.18.0 which caused linker flags
      which contain -l within them (such as -fuse-linker-plugin)
      to be misinterpreted
    * Fix a bug which caused decoding a certificate which contained
      more than one name in a single RDN
    * Fix a bug which caused OID lookup failures when run in a locale
      which uses thousands separators (pt_BR was reported as having
      this issue)
    * DNS names in name constraints were compared with case
      sensitivity, which could cause valid certificates to be
      rejected
    * X.509 name constraint extensions were rejected if non-critical.
      RFC 5280 requires conforming CAs issue such extensions as
      critical, but not all certificates are compliant, and all other
      known implementations do not require this
    * X.509 name constraints were incorrectly applied to the
      certificate which included the constraint
  - build with lzma compression support
  - build with SQLite support
  - build with TPM support
  - fix SLE 12 build
* Fri Apr 16 2021 Ferdinand Thiessen <rpm@fthiessen.de>
  - Botan 2.18.0
    * Add support for implementing custom RNG objects through the FFI
      interface
    * Improve safegcd bounds, improving runtime performance
    * Reject non-TLS messages as quickly as possible without waiting
      for a full record.
    * Fixes for TLS::Stream::async_shutdown
  - Removed unneeded GNU MP build requirement, support was dropped
    with version 1.11.10
  - Enabled check target, verify integrity of build library

Files

/usr/bin/botan
/usr/share/licenses/Botan
/usr/share/licenses/Botan/license.txt


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Nov 26 00:07:01 2024