CVS commit: pkgsrc/security/liboqs

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/liboqs
From: "Kimmo Suominen" <kim%netbsd.org@localhost>
Date: Sun, 13 Jul 2025 06:08:54 +0000

Module Name:    pkgsrc
Committed By:   kim
Date:           Sun Jul 13 06:08:54 UTC 2025

Modified Files:
        pkgsrc/security/liboqs: Makefile PLIST distinfo

Log Message:
liboqs: Update to 0.14.0

Release notes

   This is version 0.14.0 of liboqs. It was released on July 10, 2025.

   This release contains a security fix for secret-dependent branching in
   HQC. It introduces support for SNOVA, a NIST Additional Signatures
   Round 2 candidate, and a new optimized implementation of SHA3 using
   AVX-512VL instructions. Additionally, this is the first liboqs release
   to include the stable 1.0.0 version of PQ Code Package's
   mlkem-native.

   This release also introduces a number of improvements to testing and
   infrastructure. The OQS project is now publishing benchmarking data on
   https://openquantumsafe.org/benchmarking and code coverage data on
   https://coveralls.io/github/open-quantum-safe/liboqs.

Deprecation notice

   This will be the last release of liboqs to include Dilithium (that is,
   the NIST Round 3 version of Dilithium, prior to its standardization by
   NIST as ML-DSA in FIPS 204). Applications should switch to ML-DSA (FIPS
   204). Please contact us if you have any concerns.

Security issues

     * CVE-2025-52473: Disabled compiler optimizations for HQC to avoid
       secret-dependent branches. Thank you to Zhenzhi Lai and Zhiyuan
       Zhang from from the University of Melbourne and the Max Planck
       Institute for Security and Privacy for identifying the issue.

What's New

   This release continues from the 0.13.0 release of liboqs.

Key encapsulation mechanisms

     * HQC: Disabled compiler optimizations to avoid secret-dependent
       branching in certain configurations. HQC remains disabled by
       default.
     * ML-KEM: Updated the default ML-KEM implementation to PQCP's
       mlkem-native v1.0.0.

Digital signature schemes

     * New API: added an API function to check if a signature scheme
       supports signing with a context string.
     * SNOVA: added SNOVA from NIST Additional Signature Schemes
       Round 2.

Other changes

     * Added an AVX512VL-optimized backend for SHA3.
     * Improved memory management throughout the codebase.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/security/liboqs/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/security/liboqs/PLIST \
    pkgsrc/security/liboqs/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/liboqs/Makefile
diff -u pkgsrc/security/liboqs/Makefile:1.6 pkgsrc/security/liboqs/Makefile:1.7
--- pkgsrc/security/liboqs/Makefile:1.6 Sat May  3 19:50:19 2025
+++ pkgsrc/security/liboqs/Makefile     Sun Jul 13 06:08:54 2025
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.6 2025/05/03 19:50:19 jschauma Exp $
+# $NetBSD: Makefile,v 1.7 2025/07/13 06:08:54 kim Exp $
 
-DISTNAME=      liboqs-0.13.0
+DISTNAME=      liboqs-0.14.0
 CATEGORIES=    security
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=open-quantum-safe/}
 

Index: pkgsrc/security/liboqs/PLIST
diff -u pkgsrc/security/liboqs/PLIST:1.4 pkgsrc/security/liboqs/PLIST:1.5
--- pkgsrc/security/liboqs/PLIST:1.4    Sat May  3 19:50:19 2025
+++ pkgsrc/security/liboqs/PLIST        Sun Jul 13 06:08:54 2025
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2025/05/03 19:50:19 jschauma Exp $
+@comment $NetBSD: PLIST,v 1.5 2025/07/13 06:08:54 kim Exp $
 include/oqs/aes_ops.h
 include/oqs/common.h
 include/oqs/kem.h
@@ -18,6 +18,7 @@ include/oqs/sig_cross.h
 include/oqs/sig_dilithium.h
 include/oqs/sig_falcon.h
 include/oqs/sig_mayo.h
+include/oqs/sig_snova.h
 include/oqs/sig_sphincs.h
 include/oqs/sig_stfl.h
 include/oqs/sig_uov.h
Index: pkgsrc/security/liboqs/distinfo
diff -u pkgsrc/security/liboqs/distinfo:1.4 pkgsrc/security/liboqs/distinfo:1.5
--- pkgsrc/security/liboqs/distinfo:1.4 Sat May  3 19:50:19 2025
+++ pkgsrc/security/liboqs/distinfo     Sun Jul 13 06:08:54 2025
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.4 2025/05/03 19:50:19 jschauma Exp $
+$NetBSD: distinfo,v 1.5 2025/07/13 06:08:54 kim Exp $
 
-BLAKE2s (liboqs-0.13.0.tar.gz) = 5e8d7baf4ef3a31dba632241a3cc27c87fc47eb68919646da95628f7386920e4
-SHA512 (liboqs-0.13.0.tar.gz) = 8d7074b7724a4782fb808e557baa8a35583b57760cef06765cffa33f53be76b2af4be58933583573dfbd94925b981ac6c9a3e825ba8d623de97c4c2b585d3847
-Size (liboqs-0.13.0.tar.gz) = 16432953 bytes
+BLAKE2s (liboqs-0.14.0.tar.gz) = 41d0769e4d376aed5c43399fc4421fda06729e431424f4d36583d6b70a6319b8
+SHA512 (liboqs-0.14.0.tar.gz) = 79a617e28160a9b222a833b1d50b82946e95adaab575dd3e76e2216f43a9bbecefab2e7e59789d96f343f180e240c7d49c49afef76f774e532b5e454f998ec0e
+Size (liboqs-0.14.0.tar.gz) = 17928284 bytes
 SHA1 (patch-common.c) = 8841eacb7500a1a589786eb710aa22f603a24af7

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index