[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted botan1.10 1.10.5-1 (source amd64)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 04 Mar 2013 09:24:12 +0100
Source: botan1.10
Binary: botan1.10-dbg libbotan-1.10-0 libbotan1.10-dev
Architecture: source amd64
Version: 1.10.5-1
Distribution: unstable
Urgency: low
Maintainer: Ondřej Surý <ondrej@debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description: 
 botan1.10-dbg - multiplatform crypto library (debug)
 libbotan-1.10-0 - multiplatform crypto library
 libbotan1.10-dev - multiplatform crypto library (development)
Changes: 
 botan1.10 (1.10.5-1) unstable; urgency=low
 .
   * Imported Upstream version 1.10.4
    + Avoid a conditional operation in the power mod implementations on if
      a nibble of the exponent was zero or not. This may help protect
      against certain forms of side channel attacks.
    + The SRP6 code was checking for invalid values as specified in RFC
      5054, specifically values equal to zero mod p. However SRP would
      accept negative A/B values, or ones larger than p, neither of which
      should occur in a normal run of the protocol. These values are now
      rejected. Credits to Timothy Prepscius for pointing out these values
      are not normally used and probably signal something fishy.
    + The return value of version_string is now a compile time constant
      string, so version information can be more easily extracted from
      binaries.
   * Imported Upstream version 1.10.5
    + A potential crash in the AES-NI implementation of the AES-192 key
      schedule (caused by misaligned loads) has been fixed.
    + A previously conditional operation in Montgomery multiplication and
      squaring is now always performed, removing a possible timing channel.
    + Use correct flags for creating a shared library on OS X under Clang.
    + Fix a compile time incompatibility with Visual C++ 2012.
Checksums-Sha1: 
 5bd51f5a8138c310ce982611a0bb4f86e8b92aaa 1401 botan1.10_1.10.5-1.dsc
 c203a40f97d6b141803f4bd1ed9d15140fb3c9de 2247439 botan1.10_1.10.5.orig.tar.bz2
 2431a4fc5591e20c79fa2d7fb881fddf47c481b1 8222 botan1.10_1.10.5-1.debian.tar.gz
 19be08f64a7b76caaf813736f9abfd208f227e48 139118 botan1.10-dbg_1.10.5-1_amd64.deb
 b81eb368ebca26e176570150c8d37e934f02567e 1175834 libbotan-1.10-0_1.10.5-1_amd64.deb
 307e3331db50607d61be0f6df7d390434afa3f8a 2441502 libbotan1.10-dev_1.10.5-1_amd64.deb
Checksums-Sha256: 
 0c5a3308961069a9396475084f8b330f277b015b564c237a3eb59585bc45a823 1401 botan1.10_1.10.5-1.dsc
 5f57cf44dc295e63c137f40e6367f1d0f53e92b9b224db150dae321d2a8e712d 2247439 botan1.10_1.10.5.orig.tar.bz2
 e4b8084b0b428971cbd0d9c4594a3b6d984cb69642b6cca91d6b6201d8790ada 8222 botan1.10_1.10.5-1.debian.tar.gz
 bfe2eabacdf8241fcd4b6c5ebab1f224966ba537453736667efccdabb71cdc1a 139118 botan1.10-dbg_1.10.5-1_amd64.deb
 0cd8d7893e4ac744aa4c266b130479f9260b31ea21b223540837d6e856c699cb 1175834 libbotan-1.10-0_1.10.5-1_amd64.deb
 b997eda32a39580ed109f6a55614aa5d502c65e770a6e7d6710e07912eacebd2 2441502 libbotan1.10-dev_1.10.5-1_amd64.deb
Files: 
 37f7b875afdb115465abc9bb2e8cd44c 1401 libs optional botan1.10_1.10.5-1.dsc
 89a7002f385c26477af6823c4fe2c930 2247439 libs optional botan1.10_1.10.5.orig.tar.bz2
 85597663528c3d2440bf685b9c91f92d 8222 libs optional botan1.10_1.10.5-1.debian.tar.gz
 35acb790aeb66d9ebc70e892828c0867 139118 debug extra botan1.10-dbg_1.10.5-1_amd64.deb
 292e8d47b059955b42085c1f8752ff1e 1175834 libs optional libbotan-1.10-0_1.10.5-1_amd64.deb
 f61ba4de15ea9506427f3f814b804ce3 2441502 libdevel optional libbotan1.10-dev_1.10.5-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlE0XBEACgkQ9OZqfMIN8nP9ugCaAvoIUUF99gnmAM0/o+peVbRP
Vp8An0JwJuLiKEu3g3dS2QWhjq2MFV+k
=JfPi
-----END PGP SIGNATURE-----
Reply to: