CVS commit: pkgsrc/security/libgcrypt

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/libgcrypt
From: "Adam Ciarcinski" <adam%netbsd.org@localhost>
Date: Sun, 23 Jul 2017 17:27:52 +0000

Module Name:    pkgsrc
Committed By:   adam
Date:           Sun Jul 23 17:27:52 UTC 2017

Modified Files:
        pkgsrc/security/libgcrypt: Makefile distinfo

Log Message:
version 1.8.0:

 * New interfaces:
   - New cipher mode XTS
   - New hash function Blake-2
   - New function gcry_mpi_point_copy.
   - New function gcry_get_config.
   - GCRYCTL_REINIT_SYSCALL_CLAMP allows to init nPth after Libgcrypt.
   - New gobal configuration file /etc/gcrypt/random.conf.

 * Extended interfaces:
   - GCRYCTL_PRINT_CONFIG does now also print build information for
     libgpg-error and the used compiler version.
   - GCRY_CIPHER_MODE_CFB8 is now supported.
   - Add Stribog OIDs.

 * Performance:
   - A jitter based entropy collector is now used in addition to the
     other entropy collectors.
   - Optimized gcry_md_hash_buffers for SHA-256 and SHA-512.
   - More ARMv8/AArch32 improvements for AES, GCM, SHA-256, and SHA-1.
   - Add ARMv8/AArch32 assembly implementation for Twofish and
     Camellia.
   - Add bulk processing implementation for ARMv8/AArch32.
   - Improve the DRBG performance and sync the code with the Linux
     version.

 * Internal changes:
   - Libgpg-error 1.25 is now required.  This avoids stalling of nPth
     threads due to contention on internal Libgcrypt locks (e.g. the
     random pool lock).
   - The system call clamp of libgpg-error is now used to wrap the
     blocking read of /dev/random.  This allows other nPth threads to
     run while Libgcrypt is gathering entropy.
   - When secure memory is requested by the MPI functions or by
     gcry_xmalloc_secure, they do not anymore lead to a fatal error if
     the secure memory pool is used up.  Instead new pools are
     allocated as needed.  These new pools are not protected against
     being swapped out (mlock can't be used).  However, these days
     this is considered a minor issue and can easily be mitigated by
     using encrypted swap space.

 * Bug fixes:
   - Fix AES CTR self-check detected failure in the SSSE3 based
     implementation.
   - Remove gratuitous select before the getrandom syscall.
   - Fix regression in mlock detection.
   - Fix GOST 28147 CryptoPro-B S-box.
   - Fix error code handling of mlock calls.
   - Fix possible timing attack on EdDSA session key.
   - Fix long standing bug in secure memory implementation which could
     lead to a segv on free.
   - Mitigate a flush+reload side-channel attack on RSA secret keys
     dubbed "Sliding right into disaster".


To generate a diff of this commit:
cvs rdiff -u -r1.90 -r1.91 pkgsrc/security/libgcrypt/Makefile
cvs rdiff -u -r1.73 -r1.74 pkgsrc/security/libgcrypt/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/libgcrypt/Makefile
diff -u pkgsrc/security/libgcrypt/Makefile:1.90 pkgsrc/security/libgcrypt/Makefile:1.91
--- pkgsrc/security/libgcrypt/Makefile:1.90     Tue Jul  4 06:55:53 2017
+++ pkgsrc/security/libgcrypt/Makefile  Sun Jul 23 17:27:52 2017
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.90 2017/07/04 06:55:53 adam Exp $
+# $NetBSD: Makefile,v 1.91 2017/07/23 17:27:52 adam Exp $
 
-DISTNAME=      libgcrypt-1.7.8
+DISTNAME=      libgcrypt-1.8.0
 CATEGORIES=    security
 MASTER_SITES=  ftp://ftp.gnupg.org/gcrypt/libgcrypt/
 MASTER_SITES+= http://gd.tuwien.ac.at/privacy/gnupg/libgcrypt/

Index: pkgsrc/security/libgcrypt/distinfo
diff -u pkgsrc/security/libgcrypt/distinfo:1.73 pkgsrc/security/libgcrypt/distinfo:1.74
--- pkgsrc/security/libgcrypt/distinfo:1.73     Tue Jul  4 06:55:53 2017
+++ pkgsrc/security/libgcrypt/distinfo  Sun Jul 23 17:27:52 2017
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.73 2017/07/04 06:55:53 adam Exp $
+$NetBSD: distinfo,v 1.74 2017/07/23 17:27:52 adam Exp $
 
-SHA1 (libgcrypt-1.7.8.tar.bz2) = 65a4a495aa858483e66868199eaa8238572ca6cd
-RMD160 (libgcrypt-1.7.8.tar.bz2) = 2ddd44f10723dd1e7c33a7039a4bfc5cc7e9ad99
-SHA512 (libgcrypt-1.7.8.tar.bz2) = fd8af85415f40c4ca3e35e2c78108b43cfddf031b42ac4d596847ea1c29a89b628036c1e23a6bb108b388a04b7d6b2307a1ce491310654040241435c0c7cc2a4
-Size (libgcrypt-1.7.8.tar.bz2) = 2897853 bytes
+SHA1 (libgcrypt-1.8.0.tar.bz2) = b4ffb20369f2ab8249d5cc0fb8b3b31371f6b112
+RMD160 (libgcrypt-1.8.0.tar.bz2) = d591d277e74a963634131abbc88d69a6d341e05e
+SHA512 (libgcrypt-1.8.0.tar.bz2) = 1b486e15ee5484e5547ec72280b37d3813412321c3ffb5813233f73de718661b4c1a6ed948adaa620a46d801449bb0a29b00a3bbbe169c7ad358144e2d1527e0
+Size (libgcrypt-1.8.0.tar.bz2) = 2963266 bytes
 SHA1 (patch-aa) = 60b3f4453b217ed8879a2ffd8d485c0195ffb5f8
 SHA1 (patch-cipher_rijndael-arm.S) = ef3cb7f481022440780eb48ae31cbfad0a3ec115
 SHA1 (patch-src_visibility.h) = 8cbbf6803ab34b4b7dda832aa8ee18247aa89518

Prev by Date: CVS commit: pkgsrc/www/py-autobahn
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/www/py-autobahn
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index