Fedora 21 Update: botan-1.10.9-4.fc21
updates at fedoraproject.org
updates at fedoraproject.org
Mon Mar 9 08:32:40 UTC 2015
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-2749
2015-02-27 06:05:10
--------------------------------------------------------------------------------
Name : botan
Product : Fedora 21
Version : 1.10.9
Release : 4.fc21
URL : http://botan.randombit.net/
Summary : Crypto library written in C++
Description :
Botan is a BSD-licensed crypto library written in C++. It provides a
wide variety of basic cryptographic algorithms, X.509 certificates and
CRLs, PKCS \#10 certificate requests, a filter/pipe message processing
system, and a wide variety of other features, all written in portable
C++. The API reference, tutorial, and examples may help impart the
flavor of the library.
--------------------------------------------------------------------------------
Update Information:
Update to Botan 1.10.9, with these changes:
* Fixed EAX tag verification to run in constant time.
* The default TLS policy now disables SSLv3.
* A crash could occur when reading from a blocking random device if the device initially indicated that entropy was available but a concurrent process drained the entropy pool before the read was initiated.
* Fix decoding indefinite length BER constructs that contain a context sensitive tag of zero. Github pull 26 from Janusz Chorko.
* The botan-config script previously tried to guess its prefix from the location of the binary. However this was error prone, and now the script assumes the final installation prefix matches the value set during the build. Github issue 29.
Additionally, these changes have been made to the Fedora package:
* Re-enable cleared ECC.
* Disable gmp engine.
* Use _pkgdocdir.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 6 2015 Thomas Moschny <thomas.moschny at gmx.de> - 1.10.9-4
- Re-enable cleared ECC. Patch by Tom Callaway <spot at fedoraproject.org>.
* Thu Feb 5 2015 Thomas Moschny <thomas.moschny at gmx.de> - 1.10.9-3
- Disable gmp engine (see bug 1116406).
- Use _pkgdocdir.
* Thu Feb 5 2015 Thomas Moschny <thomas.moschny at gmx.de> - 1.10.9-2
- Remove workaround for bug 1186014.
* Sat Jan 31 2015 Thomas Moschny <thomas.moschny at gmx.de> - 1.10.9-1
- Update to 1.10.9.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1116406 - botan overwrites gmp's default memory functions
https://bugzilla.redhat.com/show_bug.cgi?id=1116406
[ 2 ] Bug #615372 - botan implements elliptic curve crypto
https://bugzilla.redhat.com/show_bug.cgi?id=615372
[ 3 ] Bug #1149208 - botan-config-1.10 --cflags doesn't work
https://bugzilla.redhat.com/show_bug.cgi?id=1149208
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update botan' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list