Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2021-12-02 22:30:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new.31177 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "Botan" Thu Dec 2 22:30:13 2021 rev:60 rq:935173 version:2.18.2 Changes: -------- --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2021-05-11 23:04:23.136896039 +0200 +++ /work/SRC/openSUSE:Factory/.Botan.new.31177/Botan.changes 2021-12-02 22:31:01.258494371 +0100 @@ -1,0 +2,17 @@ +Wed Nov 24 20:02:41 UTC 2021 - Dirk M??ller <dmuel...@suse.com> + +- update to 2.18.2: + * Avoid using short exponents when encrypting in ElGamal, as some PGP + implementations generate keys with parameters that are weak when + short exponents are used CVE-2021-40529 boo#1190244 + * Fix a low risk OAEP decryption side channel + * Work around a miscompilation of SHA-3 caused by a bug in Clang 12 + and XCode 13 + * Remove support in OpenSSL provider for algorithms which are + disabled by default in OpenSSL 3.0 + * Add CI based on GitHub actions to replace Travis CI + * Fix the online OCSP test, as the certificate involved had expired. + * Fix some test failures induced by the expiration of the trust root + "DST Root CA X3" + +------------------------------------------------------------------- Old: ---- Botan-2.18.1.tar.xz Botan-2.18.1.tar.xz.asc New: ---- Botan-2.18.2.tar.xz Botan-2.18.2.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ Botan.spec ++++++ --- /var/tmp/diff_new_pack.CEfa0c/_old 2021-12-02 22:31:02.006491617 +0100 +++ /var/tmp/diff_new_pack.CEfa0c/_new 2021-12-02 22:31:02.006491617 +0100 @@ -20,7 +20,7 @@ %define version_suffix 2-18 %define short_version 2 Name: Botan -Version: 2.18.1 +Version: 2.18.2 Release: 0 Summary: A C++ Crypto Library License: BSD-2-Clause ++++++ Botan-2.18.1.tar.xz -> Botan-2.18.2.tar.xz ++++++ ++++ 1966 lines of diff (skipped)
