commit mbedtls-2 for openSUSE:Factory

2023-11-14 Thread Source-Sync 
Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package mbedtls-2 for openSUSE:Factory 
checked in at 2023-11-14 21:41:51

Comparing /work/SRC/openSUSE:Factory/mbedtls-2 (Old)
 and  /work/SRC/openSUSE:Factory/.mbedtls-2.new.17445 (New)


Package is "mbedtls-2"

Tue Nov 14 21:41:51 2023 rev:5 rq:1125092 version:2.28.6

Changes:

--- /work/SRC/openSUSE:Factory/mbedtls-2/mbedtls-2.changes  2023-10-08 
12:22:55.924110216 +0200
+++ /work/SRC/openSUSE:Factory/.mbedtls-2.new.17445/mbedtls-2.changes   
2023-11-14 21:41:57.358228772 +0100
@@ -1,0 +2,8 @@
+Fri Nov 10 16:20:12 UTC 2023 - Jaime Marquínez Ferrándiz 

+
+- Update to 2.28.6:
+  Changes:
+  * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later
+license. Users may choose which license they take the code under.
+
+---

Old:

  mbedtls-2.28.5.tar.gz

New:

  mbedtls-2.28.6.tar.gz



Other differences:
--
++ mbedtls-2.spec ++
--- /var/tmp/diff_new_pack.MwsZ0O/_old  2023-11-14 21:41:58.018253204 +0100
+++ /var/tmp/diff_new_pack.MwsZ0O/_new  2023-11-14 21:41:58.022253353 +0100
@@ -21,10 +21,10 @@
 %define lib_x509   libmbedx509-1
 %define _rname mbedtls
 Name:   mbedtls-2
-Version:2.28.5
+Version:2.28.6
 Release:0
 Summary:Libraries for crypto and SSL/TLS protocols
-License:Apache-2.0
+License:Apache-2.0 OR GPL-2.0-or-later
 Group:  Development/Libraries/C and C++
 URL:https://tls.mbed.org
 Source: 
https://github.com/ARMmbed/mbedtls/archive/v%{version}.tar.gz#/%{_rname}-%{version}.tar.gz

++ mbedtls-2.28.5.tar.gz -> mbedtls-2.28.6.tar.gz ++
 10606 lines of diff (skipped)

commit mbedtls-2 for openSUSE:Factory

2023-10-08 Thread Source-Sync 
Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package mbedtls-2 for openSUSE:Factory 
checked in at 2023-10-08 12:19:08

Comparing /work/SRC/openSUSE:Factory/mbedtls-2 (Old)
 and  /work/SRC/openSUSE:Factory/.mbedtls-2.new.28202 (New)


Package is "mbedtls-2"

Sun Oct  8 12:19:08 2023 rev:4 rq:1116220 version:2.28.5

Changes:

--- /work/SRC/openSUSE:Factory/mbedtls-2/mbedtls-2.changes  2023-08-18 
19:28:30.727332362 +0200
+++ /work/SRC/openSUSE:Factory/.mbedtls-2.new.28202/mbedtls-2.changes   
2023-10-08 12:22:55.924110216 +0200
@@ -1,0 +2,49 @@
+Sat Oct  7 13:08:45 UTC 2023 - Jaime Marquínez Ferrándiz 

+
+- Update to 2.28.5:
+  Features
+  * The documentation of mbedtls_ecp_group now describes the optimized
+representation of A for some curves. Fixes gh#Mbed-TLS/mbedtls#8045.
+  Security
+  * Developers using mbedtls_pkcs5_pbes2() or mbedtls_pkcs12_pbe() should
+review the size of the output buffer passed to this function, and note that
+the output after decryption may include CBC padding. Consider moving to the
+new functions mbedtls_pkcs5_pbes2_ext() or mbedtls_pkcs12_pbe_ext() which
+checks for overflow of the output buffer and reports the actual length of
+the output.
+  * Improve padding calculations in CBC decryption, NIST key unwrapping and
+RSA OAEP decryption. With the previous implementation, some compilers
+(notably recent versions of Clang and IAR) could produce non-constant time
+code, which could allow a padding oracle attack if the attacker has access
+to precise timing measurements.
+  * Fix a buffer overread when parsing short TLS application data records in
+ARC4 or null-cipher cipher suites. Credit to OSS-Fuzz.
+  Bugfix
+  * Fix x509 certificate generation to conform to RFC 5480 / RFC 5758 when
+using ECC key. The certificate was rejected by some crypto frameworks.
+Fixes gh#Mbed-TLS/mbedtls#2924.
+  * Fix some cases where mbedtls_mpi_mod_exp, RSA key construction or ECDSA
+signature can silently return an incorrect result in low memory conditions.
+  * Fix IAR compiler warnings. Fixes gh#Mbed-TLS/mbedtls#7873,
+gh#Mbed-TLS/mbedtls#4300.
+  * Fix an issue when parsing an otherName subject alternative name into a
+mbedtls_x509_san_other_name struct. The type-id of the otherName was not
+copied to the struct. This meant that the struct had incomplete information
+about the otherName SAN and contained uninitialized memory.
+  * Fix the detection of HardwareModuleName otherName SANs. These were being
+detected by comparing the wrong field and the check was erroneously
+inverted.
+  * Fix an error when MBEDTLS_ECDSA_SIGN_ALT is defined but not
+MBEDTLS_ECDSA_VERIFY_ALT, causing ecdsa verify to fail. Fixes
+gh#Mbed-TLS/mbedtls#7498.  Functions in the ssl_cache module now return a
+negative MBEDTLS_ERR_xxx error code on failure. Before, they returned 1 to
+indicate failure in some cases involving a missing entry or a full cache.
+  Changes
+  * In configurations with ARIA or Camellia but not AES, the value of
+MBEDTLS_CIPHER_BLKSIZE_MAX was 8, rather than 16 as the name might suggest.
+This did not affect any library code, because this macro was only used in
+relation with CMAC which does not support these ciphers.  Its value is now
+16 if ARIA or Camellia are present. This may affect application code that
+uses this macro.
+
+---

Old:

  mbedtls-2.28.4.tar.gz

New:

  mbedtls-2.28.5.tar.gz



Other differences:
--
++ mbedtls-2.spec ++
--- /var/tmp/diff_new_pack.kPPeMR/_old  2023-10-08 12:22:57.040150387 +0200
+++ /var/tmp/diff_new_pack.kPPeMR/_new  2023-10-08 12:22:57.040150387 +0200
@@ -21,7 +21,7 @@
 %define lib_x509   libmbedx509-1
 %define _rname mbedtls
 Name:   mbedtls-2
-Version:2.28.4
+Version:2.28.5
 Release:0
 Summary:Libraries for crypto and SSL/TLS protocols
 License:Apache-2.0

++ mbedtls-2.28.4.tar.gz -> mbedtls-2.28.5.tar.gz ++
 13049 lines of diff (skipped)

commit mbedtls-2 for openSUSE:Factory

2023-08-18 Thread Source-Sync 
Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package mbedtls-2 for openSUSE:Factory 
checked in at 2023-08-18 19:28:10

Comparing /work/SRC/openSUSE:Factory/mbedtls-2 (Old)
 and  /work/SRC/openSUSE:Factory/.mbedtls-2.new.1766 (New)


Package is "mbedtls-2"

Fri Aug 18 19:28:10 2023 rev:3 rq:1104419 version:2.28.4

Changes:

--- /work/SRC/openSUSE:Factory/mbedtls-2/mbedtls-2.changes  2023-05-08 
17:25:09.609006027 +0200
+++ /work/SRC/openSUSE:Factory/.mbedtls-2.new.1766/mbedtls-2.changes
2023-08-18 19:28:30.727332362 +0200
@@ -1,0 +2,30 @@
+Wed Aug 16 18:46:37 UTC 2023 - Scott Bradnick 
+
+- Update to 2.28.4:
+  Features
+  * Allow MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE to be set by
+setting the CMake variable of the same name at configuration time.
+  Bugfix
+  * Fix crypt_and_hash decryption fail when used with a stream cipher
+mode of operation, due to the input not being a multiple of the block
+size. Resolves #7417.
+  * Fix a bug where mbedtls_x509_string_to_names() would return success
+when given a invalid name string, if it did not contain '=' or ','.
+  * Fix missing PSA initialization in sample programs when
+MBEDTLS_USE_PSA_CRYPTO is enabled.
+  * Fix clang and armclang compilation error when targeting certain Arm
+M-class CPUs (Cortex-M0, Cortex-M0+, Cortex-M1, Cortex-M23,
+SecurCore SC000). Fixes #1077.
+  * Fixed an issue that caused compile errors when using CMake and the IAR
+toolchain.
+  * Fix the build with MBEDTLS_PSA_INJECT_ENTROPY. Fixes #7516.
+  * Fix builds on Windows with clang.
+  * Fix compilation warnings in aes.c for certain combinations
+of configuration options.
+  * Fix a compilation error on some platforms when including mbedtls/ssl.h
+with all TLS support disabled. Fixes #6628.
+  Changes
+  * Update test data to avoid failures of unit tests after 2023-08-07, and
+update expiring certififcates in the certs 
+
+---

Old:

  mbedtls-2.28.3.tar.gz

New:

  mbedtls-2.28.4.tar.gz



Other differences:
--
++ mbedtls-2.spec ++
--- /var/tmp/diff_new_pack.iahi2W/_old  2023-08-18 19:28:31.655334026 +0200
+++ /var/tmp/diff_new_pack.iahi2W/_new  2023-08-18 19:28:31.667334047 +0200
@@ -21,7 +21,7 @@
 %define lib_x509   libmbedx509-1
 %define _rname mbedtls
 Name:   mbedtls-2
-Version:2.28.3
+Version:2.28.4
 Release:0
 Summary:Libraries for crypto and SSL/TLS protocols
 License:Apache-2.0

++ mbedtls-2.28.3.tar.gz -> mbedtls-2.28.4.tar.gz ++
 18804 lines of diff (skipped)

commit mbedtls-2 for openSUSE:Factory

2023-05-08 Thread Source-Sync 
Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package mbedtls-2 for openSUSE:Factory 
checked in at 2023-05-08 17:25:08

Comparing /work/SRC/openSUSE:Factory/mbedtls-2 (Old)
 and  /work/SRC/openSUSE:Factory/.mbedtls-2.new.1533 (New)


Package is "mbedtls-2"

Mon May  8 17:25:08 2023 rev:2 rq:1085509 version:2.28.3

Changes:

--- /work/SRC/openSUSE:Factory/mbedtls-2/mbedtls-2.changes  2023-05-03 
12:57:10.335795473 +0200
+++ /work/SRC/openSUSE:Factory/.mbedtls-2.new.1533/mbedtls-2.changes
2023-05-08 17:25:09.609006027 +0200
@@ -1,0 +2,5 @@
+Mon May  8 11:27:53 UTC 2023 - Jaime Marquínez Ferrándiz 

+
+- Fix the use of the %{release} macro for the mbedtls-devel version
+
+---



Other differences:
--
++ mbedtls-2.spec ++
--- /var/tmp/diff_new_pack.XmNLuu/_old  2023-05-08 17:25:10.081008817 +0200
+++ /var/tmp/diff_new_pack.XmNLuu/_new  2023-05-08 17:25:10.085008841 +0200
@@ -1,7 +1,7 @@
 #
-# spec file for package mbedtls
+# spec file for package mbedtls-2
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -82,7 +82,7 @@
 Requires:   %{lib_crypto} = %{version}
 Requires:   %{lib_tls} = %{version}
 Requires:   %{lib_x509} = %{version}
-Provides:   mbedtls-devel = %{version}-release
+Provides:   mbedtls-devel = %{version}-%{release}
 Conflicts:  mbedtls-devel >= 3
 
 %description devel