pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/security/botan-devel

Module Name:    pkgsrc
Committed By:   joerg
Date:           Thu May 19 21:58:43 UTC 2016

Modified Files:
        pkgsrc/security/botan-devel: Makefile PLIST distinfo
Added Files:
        pkgsrc/security/botan-devel/patches: patch-src_lib_utils_os__utils.cpp
Removed Files:
        pkgsrc/security/botan-devel/patches: patch-src_build-data_arch_arm.txt
            patch-src_build-data_makefile_header.in
            patch-src_lib_alloc_locking__allocator_locking__allocator.cpp
            patch-src_lib_pubkey_mce_gf2m__small__m.cpp
            patch-src_lib_utils_read__cfg.cpp

Log Message:
Update to Botan 1.11.29:
- CVE-2016-2849: side channel attack against DSA and ECDSA
- CVE-2016-2850: failure to enforce TLS policies could lead to weaker
  algorithms being choosen
- CVE-2016-2195: heap overflow in ECC point decoding
- CVE-2016-2196: heap overflow in P-521 reduction
- CVE-2016-2194: DOS against the modular reduction
- CVE-2015-7824: padding oracle attack against TLS CBC
- CVE-2015-7825: DOS due to certificate chains
- CVE-2015-7826: wildcard certifications verification failures
- CVE-2015-7827: protection against PKCS#1 side channel issues
- CVE-2015-5726: potential DOS with invalid zero-length BER
- CVE-2015-5727: unbound memory use with BER
- deprecation or removal of various insecure crypto primitives
- TLS heartbeat removed
- various other bugfixes and improvements.


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 pkgsrc/security/botan-devel/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/botan-devel/PLIST
cvs rdiff -u -r1.7 -r1.8 pkgsrc/security/botan-devel/distinfo
cvs rdiff -u -r1.1 -r0 \
    pkgsrc/security/botan-devel/patches/patch-src_build-data_arch_arm.txt \
    pkgsrc/security/botan-devel/patches/patch-src_lib_pubkey_mce_gf2m__small__m.cpp \
    pkgsrc/security/botan-devel/patches/patch-src_lib_utils_read__cfg.cpp
cvs rdiff -u -r1.3 -r0 \
    pkgsrc/security/botan-devel/patches/patch-src_build-data_makefile_header.in
cvs rdiff -u -r1.4 -r0 \
    pkgsrc/security/botan-devel/patches/patch-src_lib_alloc_locking__allocator_locking__allocator.cpp
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/security/botan-devel/patches/patch-src_lib_utils_os__utils.cpp

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home | Main Index | Thread Index | Old Index