Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: Botan | Distribution: openSUSE Tumbleweed |
Version: 3.5.0 | Vendor: openSUSE |
Release: 1.1 | Build date: Tue Jul 30 21:37:33 2024 |
Group: Development/Libraries/C and C++ | Build host: reproducible |
Size: 856479 | Source RPM: Botan-3.5.0-1.1.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: https://botan.randombit.net | |
Summary: A C++ Crypto Library |
Botan is a C++ library that provides support for many common cryptographic operations, including encryption, authentication, and X.509v3 certificates and CRLs. A wide variety of algorithms is supported, including RSA, DSA, DES, AES, MD5, and SHA-1.
BSD-2-Clause
* Tue Jul 30 2024 Andreas Stieger <andreas.stieger@gmx.de> - Botan 3.5.0, the latest stable release of the Botan 3 series * TLS 1.3 supported * large header cleanup compared to v2 * start support of Post Quantum Crypto * removed: CAST-256, MISTY1, Kasumi, DESX, XTEA, PBKDF1, MCEIES, CBC-MAC, Tiger, CECPQ1, and NewHope - The legacy Botan 2 series moved to Botan2 source package. It is EOL at the end of 2024. * Mon Jul 15 2024 Angel Yankov <angel.yankov@suse.com> - Update to 2.19.5: * Fix multiple Denial of service attacks due to X.509 cert processing: * CVE-2024-34702 - bsc#1227238 * CVE-2024-34703 - bsc#1227607 * CVE-2024-39312 - bsc#1227608 * Fix a crash in OCB * Fix a test failure in compression with certain versions of zlib * Fix some iterator debugging errors in TLS CBC decryption. * Avoid a miscompilation in ARIA when using XCode 14 * Fri Nov 17 2023 Marcus Meissner <meissner@suse.com> - remove botan binary (moves to Botan3) * Thu Nov 17 2022 Jason Sikes <jsikes@suse.com> - Update to 2.19.3: * validate that an embedded certificate was issued by the end-entity issuing certificate authority when checking OCSP responses. * CVE-2022-43705 * bsc#1205509 * Wed Jun 08 2022 Dirk Müller <dmueller@suse.com> - update to 2.19.2: * Add support for parallel computation in Argon2 * Add SSSE3 implementation of Argon2 * The OpenSSL provider was incompatible with OpenSSL 3.0. It has been removed * Avoid using reserve in secure_vector appending, which caused a performance problem * Fix TLS::Text_Policy behavior when X25519 is disabled at build time * Fix several warnings from Clang * Sun Jan 23 2022 Andreas Stieger <andreas.stieger@gmx.de> - update to 2.19.1: * Add a forward error correction code compatible with the zfec library * Wed Nov 24 2021 Dirk Müller <dmueller@suse.com> - update to 2.18.2: * Avoid using short exponents when encrypting in ElGamal, as some PGP implementations generate keys with parameters that are weak when short exponents are used CVE-2021-40529 boo#1190244 * Fix a low risk OAEP decryption side channel * Work around a miscompilation of SHA-3 caused by a bug in Clang 12 and XCode 13 * Remove support in OpenSSL provider for algorithms which are disabled by default in OpenSSL 3.0 * Add CI based on GitHub actions to replace Travis CI * Fix the online OCSP test, as the certificate involved had expired. * Fix some test failures induced by the expiration of the trust root "DST Root CA X3" * Mon May 10 2021 Andreas Stieger <andreas.stieger@gmx.de> - Botan 2.18.1: * Fix a build regression in 2.18.0 which caused linker flags which contain -l within them (such as -fuse-linker-plugin) to be misinterpreted * Fix a bug which caused decoding a certificate which contained more than one name in a single RDN * Fix a bug which caused OID lookup failures when run in a locale which uses thousands separators (pt_BR was reported as having this issue) * DNS names in name constraints were compared with case sensitivity, which could cause valid certificates to be rejected * X.509 name constraint extensions were rejected if non-critical. RFC 5280 requires conforming CAs issue such extensions as critical, but not all certificates are compliant, and all other known implementations do not require this * X.509 name constraints were incorrectly applied to the certificate which included the constraint - build with lzma compression support - build with SQLite support - build with TPM support - fix SLE 12 build * Fri Apr 16 2021 Ferdinand Thiessen <rpm@fthiessen.de> - Botan 2.18.0 * Add support for implementing custom RNG objects through the FFI interface * Improve safegcd bounds, improving runtime performance * Reject non-TLS messages as quickly as possible without waiting for a full record. * Fixes for TLS::Stream::async_shutdown - Removed unneeded GNU MP build requirement, support was dropped with version 1.11.10 - Enabled check target, verify integrity of build library * Wed Dec 23 2020 Andreas Stieger <andreas.stieger@gmx.de> - Botan 2.17.3: * Harden against side-channels from decoding secret values by changing the base64, base58, base32, and hex encoding and decoding opearations to run in constant time
/usr/bin/botan /usr/share/licenses/Botan /usr/share/licenses/Botan/license.txt
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Oct 25 02:04:50 2024