CVS commit: pkgsrc/security/botan

["Joerg Sonnenberger" <joerg%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   joerg
Date:           Mon Apr 10 20:26:31 UTC 2017

Modified Files:
        pkgsrc/security/botan: Makefile PLIST distinfo

Log Message:
Update Botan to 1.10.16:
    Fix a bug in X509 DN string comparisons that could result in out of
    bound reads. This could result in information leakage, denial of
    service, or potentially incorrect certificate validation results.
    (CVE-2017-2801)

    Avoid throwing during a destructor since this is undefined in
    C++11 and rarely a good idea. (GH #930)

    Fix a bug causing modular exponentiations done modulo even numbers
    to almost always be incorrect, unless the values were small. This
    bug is not known to affect any cryptographic operation in Botan. (GH
    #754)

    Avoid use of C++11 std::to_string in some code added in 1.10.14
    (GH #747 #834)

    Fix integer overflow during BER decoding, found by Falko Strenzke.
    This bug is not thought to be directly exploitable but upgrading ASAP
    is advised. (CVE-2016-9132)

    Fix two cases where (in error situations) an exception would be thrown
    from a destructor, causing a call to std::terminate.

    When RC4 is disabled in the build, also prevent it from being included
    in the OpenSSL provider. (GH #638)


To generate a diff of this commit:
cvs rdiff -u -r1.42 -r1.43 pkgsrc/security/botan/Makefile
cvs rdiff -u -r1.6 -r1.7 pkgsrc/security/botan/PLIST
cvs rdiff -u -r1.19 -r1.20 pkgsrc/security/botan/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/botan/Makefile
diff -u pkgsrc/security/botan/Makefile:1.42 pkgsrc/security/botan/Makefile:1.43
--- pkgsrc/security/botan/Makefile:1.42 Sun Jan  1 14:43:54 2017
+++ pkgsrc/security/botan/Makefile      Mon Apr 10 20:26:31 2017
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.42 2017/01/01 14:43:54 wiz Exp $
+# $NetBSD: Makefile,v 1.43 2017/04/10 20:26:31 joerg Exp $
 
-DISTNAME=      Botan-1.10.13
+DISTNAME=      Botan-1.10.16
 PKGNAME=       ${DISTNAME:tl}
 CATEGORIES=    security
 MASTER_SITES=  http://botan.randombit.net/releases/

Index: pkgsrc/security/botan/PLIST
diff -u pkgsrc/security/botan/PLIST:1.6 pkgsrc/security/botan/PLIST:1.7
--- pkgsrc/security/botan/PLIST:1.6     Fri Nov 11 19:46:48 2016
+++ pkgsrc/security/botan/PLIST Mon Apr 10 20:26:31 2017
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.6 2016/11/11 19:46:48 joerg Exp $
+@comment $NetBSD: PLIST,v 1.7 2017/04/10 20:26:31 joerg Exp $
 bin/botan-config-1.10
 include/botan-1.10/botan/adler32.h
 include/botan-1.10/botan/aes.h
@@ -233,7 +233,7 @@ include/botan-1.10/botan/xts.h
 lib/libbotan-1.10.a
 lib/libbotan-1.10.so
 lib/libbotan-1.10.so.1
-lib/libbotan-1.10.so.1.13
+lib/libbotan-1.10.so.1.16
 lib/pkgconfig/botan-1.10.pc
 share/doc/${PKGNAME}/manual/algos.txt
 share/doc/${PKGNAME}/manual/bigint.txt

Index: pkgsrc/security/botan/distinfo
diff -u pkgsrc/security/botan/distinfo:1.19 pkgsrc/security/botan/distinfo:1.20
--- pkgsrc/security/botan/distinfo:1.19 Fri Nov 11 19:46:48 2016
+++ pkgsrc/security/botan/distinfo      Mon Apr 10 20:26:31 2017
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.19 2016/11/11 19:46:48 joerg Exp $
+$NetBSD: distinfo,v 1.20 2017/04/10 20:26:31 joerg Exp $
 
-SHA1 (Botan-1.10.13.tgz) = e6771fb063a286c5dcbf6b3f040f4f6be19d00bd
-RMD160 (Botan-1.10.13.tgz) = 0471569fa23d02a03c2ed47fbb04160ce54d5a1c
-SHA512 (Botan-1.10.13.tgz) = a09d2cb5dda21bf384b81675025f249abdfe232c95dc3383f0baebc2bf1603b2ed1e2aec9a81aae95df592ec2eeae8906c63474a6da42ad3701669a5d8f14656
-Size (Botan-1.10.13.tgz) = 2710181 bytes
+SHA1 (Botan-1.10.16.tgz) = 697144c34b1bf77c5b2bc1ff4d08f69ee718782b
+RMD160 (Botan-1.10.16.tgz) = 72f02a2817109f90cb99045107f8385825d6fc1a
+SHA512 (Botan-1.10.16.tgz) = 967137c89484630806e828c3902fe27c28dae17e6a3aeae7c542093de356545be4fcbe4325afd9fb40093a10ac409244e4e6503364858facb59057a5dfd61c03
+Size (Botan-1.10.16.tgz) = 2711177 bytes
 SHA1 (patch-src_build-data_arch_arm.txt) = 23e40eb4bf43ca8c96f809b7f7a33de4a5149f47
 SHA1 (patch-src_build-data_makefile_unix.in) = 1ab76671c1acfe955d3e01d27e91687c0c382239
 SHA1 (patch-src_build-data_makefile_unix__shr.in) = ecd64f1ee80cb791d58052a75c6f33c5d4360a96