Fedora 13 Update: botan-1.8.10-1.fc13
updates at fedoraproject.org
updates at fedoraproject.org
Thu Sep 30 10:32:21 UTC 2010
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14880
2010-09-17 18:03:16
--------------------------------------------------------------------------------
Name : botan
Product : Fedora 13
Version : 1.8.10
Release : 1.fc13
URL : http://botan.randombit.net/
Summary : Crypto library written in C++
Description :
Botan is a BSD-licensed crypto library written in C++. It provides a
wide variety of basic cryptographic algorithms, X.509 certificates and
CRLs, PKCS \#10 certificate requests, a filter/pipe message processing
system, and a wide variety of other features, all written in portable
C++. The API reference, tutorial, and examples may help impart the
flavor of the library.
--------------------------------------------------------------------------------
Update Information:
Update to Botan 1.8.10. These are the release notes:
This release changes a number of aspects of how private keys are encrypted. The default encryption algorithm has changed from 3DES to AES-256; botan has supported AES for this purpose for many years but 3DES was chosen as the default for compatibility with other libraries. However supporting AES should not be a problem any longer in recent libraries, so moving to a safer default seems reasonable. In addition, the default iteration count for PBES1 and PBES2 encryption schemes (which are used primarily to encrypt asymmetric keys like RSA or DSA) has increased from 2048 to 10000, which should make brute force key cracking substantially harder.
The first round of AES now uses a smaller set of lookup tables; this only reduces performance slightly but some timing and cache analysis attacks against AES are substantially harder when AES is implemented this way.
The class known as S2K was renamed PBKDF in 1.9, with a typedef for backwards compatibility. For providing an equivalent forward compatibility path, 1.8.10 includes a typedef for PBKDF and a new accessor function get_pbkdf. It also includes a new interface for deriving keys with a passphrase which takes both the passphrase and desired output length as well as the salt and iteration count; in many cases this call is actually significantly more convenient than the older API.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 4 2010 Thomas Moschny <thomas.moschny at gmx.de> - 1.8.10-1
- Update to 1.8.10.
* Sun Aug 29 2010 Thomas Moschny <thomas.moschny at gmx.de> - 1.8.9-4
- Update README.fedora.
* Fri Aug 27 2010 Thomas Moschny <thomas.moschny at gmx.de> - 1.8.9-3
- Also remove RC5 from the tarfile.
- Comment out RC5, RC6 and IDEA validation tests.
* Wed Aug 4 2010 Thomas Moschny <thomas.moschny at gmx.de> - 1.8.9-2
- Remove IDEA, RC6, and ECC-related modules from the tarfile,
see bz 615372.
* Wed Jun 16 2010 Thomas Moschny <thomas.moschny at gmx.de> - 1.8.9-1
- Update to 1.8.9.
- Drop patch applied upstream.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update botan' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list