Fedora 14 Update: botan-1.8.10-1.fc14

updates at fedoraproject.org updates at fedoraproject.org
Thu Sep 30 06:14:37 UTC 2010 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14946
2010-09-20 18:35:24
--------------------------------------------------------------------------------

Name        : botan
Product     : Fedora 14
Version     : 1.8.10
Release     : 1.fc14
URL         : http://botan.randombit.net/
Summary     : Crypto library written in C++
Description :
Botan is a BSD-licensed crypto library written in C++. It provides a
wide variety of basic cryptographic algorithms, X.509 certificates and
CRLs, PKCS \#10 certificate requests, a filter/pipe message processing
system, and a wide variety of other features, all written in portable
C++. The API reference, tutorial, and examples may help impart the
flavor of the library.

--------------------------------------------------------------------------------
Update Information:

Update to Botan 1.8.10. These are the release notes:

This release changes a number of aspects of how private keys are encrypted. The default encryption algorithm has changed from 3DES to AES-256; botan has supported AES for this purpose for many years but 3DES was chosen as the default for compatibility with other libraries. However supporting AES should not be a problem any longer in recent libraries, so moving to a safer default seems reasonable. In addition, the default iteration count for PBES1 and PBES2 encryption schemes (which are used primarily to encrypt asymmetric keys like RSA or DSA) has increased from 2048 to 10000, which should make brute force key cracking substantially harder.

The first round of AES now uses a smaller set of lookup tables; this only reduces performance slightly but some timing and cache analysis attacks against AES are substantially harder when AES is implemented this way.

The class known as S2K was renamed PBKDF in 1.9, with a typedef for backwards compatibility. For providing an equivalent forward compatibility path, 1.8.10 includes a typedef for PBKDF and a new accessor function get_pbkdf. It also includes a new interface for deriving keys with a passphrase which takes both the passphrase and desired output length as well as the salt and iteration count; in many cases this call is actually significantly more convenient than the older API.
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update botan' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list