commit mbedtls-2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package mbedtls-2 for openSUSE:Factory checked in at 2023-11-14 21:41:51 Comparing /work/SRC/openSUSE:Factory/mbedtls-2 (Old) and /work/SRC/openSUSE:Factory/.mbedtls-2.new.17445 (New) Package is "mbedtls-2" Tue Nov 14 21:41:51 2023 rev:5 rq:1125092 version:2.28.6 Changes: --- /work/SRC/openSUSE:Factory/mbedtls-2/mbedtls-2.changes 2023-10-08 12:22:55.924110216 +0200 +++ /work/SRC/openSUSE:Factory/.mbedtls-2.new.17445/mbedtls-2.changes 2023-11-14 21:41:57.358228772 +0100 @@ -1,0 +2,8 @@ +Fri Nov 10 16:20:12 UTC 2023 - Jaime MarquÃnez Ferrándiz + +- Update to 2.28.6: + Changes: + * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later +license. Users may choose which license they take the code under. + +--- Old: mbedtls-2.28.5.tar.gz New: mbedtls-2.28.6.tar.gz Other differences: -- ++ mbedtls-2.spec ++ --- /var/tmp/diff_new_pack.MwsZ0O/_old 2023-11-14 21:41:58.018253204 +0100 +++ /var/tmp/diff_new_pack.MwsZ0O/_new 2023-11-14 21:41:58.022253353 +0100 @@ -21,10 +21,10 @@ %define lib_x509 libmbedx509-1 %define _rname mbedtls Name: mbedtls-2 -Version:2.28.5 +Version:2.28.6 Release:0 Summary:Libraries for crypto and SSL/TLS protocols -License:Apache-2.0 +License:Apache-2.0 OR GPL-2.0-or-later Group: Development/Libraries/C and C++ URL:https://tls.mbed.org Source: https://github.com/ARMmbed/mbedtls/archive/v%{version}.tar.gz#/%{_rname}-%{version}.tar.gz ++ mbedtls-2.28.5.tar.gz -> mbedtls-2.28.6.tar.gz ++ 10606 lines of diff (skipped)
commit mbedtls-2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package mbedtls-2 for openSUSE:Factory checked in at 2023-10-08 12:19:08 Comparing /work/SRC/openSUSE:Factory/mbedtls-2 (Old) and /work/SRC/openSUSE:Factory/.mbedtls-2.new.28202 (New) Package is "mbedtls-2" Sun Oct 8 12:19:08 2023 rev:4 rq:1116220 version:2.28.5 Changes: --- /work/SRC/openSUSE:Factory/mbedtls-2/mbedtls-2.changes 2023-08-18 19:28:30.727332362 +0200 +++ /work/SRC/openSUSE:Factory/.mbedtls-2.new.28202/mbedtls-2.changes 2023-10-08 12:22:55.924110216 +0200 @@ -1,0 +2,49 @@ +Sat Oct 7 13:08:45 UTC 2023 - Jaime MarquÃnez Ferrándiz + +- Update to 2.28.5: + Features + * The documentation of mbedtls_ecp_group now describes the optimized +representation of A for some curves. Fixes gh#Mbed-TLS/mbedtls#8045. + Security + * Developers using mbedtls_pkcs5_pbes2() or mbedtls_pkcs12_pbe() should +review the size of the output buffer passed to this function, and note that +the output after decryption may include CBC padding. Consider moving to the +new functions mbedtls_pkcs5_pbes2_ext() or mbedtls_pkcs12_pbe_ext() which +checks for overflow of the output buffer and reports the actual length of +the output. + * Improve padding calculations in CBC decryption, NIST key unwrapping and +RSA OAEP decryption. With the previous implementation, some compilers +(notably recent versions of Clang and IAR) could produce non-constant time +code, which could allow a padding oracle attack if the attacker has access +to precise timing measurements. + * Fix a buffer overread when parsing short TLS application data records in +ARC4 or null-cipher cipher suites. Credit to OSS-Fuzz. + Bugfix + * Fix x509 certificate generation to conform to RFC 5480 / RFC 5758 when +using ECC key. The certificate was rejected by some crypto frameworks. +Fixes gh#Mbed-TLS/mbedtls#2924. + * Fix some cases where mbedtls_mpi_mod_exp, RSA key construction or ECDSA +signature can silently return an incorrect result in low memory conditions. + * Fix IAR compiler warnings. Fixes gh#Mbed-TLS/mbedtls#7873, +gh#Mbed-TLS/mbedtls#4300. + * Fix an issue when parsing an otherName subject alternative name into a +mbedtls_x509_san_other_name struct. The type-id of the otherName was not +copied to the struct. This meant that the struct had incomplete information +about the otherName SAN and contained uninitialized memory. + * Fix the detection of HardwareModuleName otherName SANs. These were being +detected by comparing the wrong field and the check was erroneously +inverted. + * Fix an error when MBEDTLS_ECDSA_SIGN_ALT is defined but not +MBEDTLS_ECDSA_VERIFY_ALT, causing ecdsa verify to fail. Fixes +gh#Mbed-TLS/mbedtls#7498. Functions in the ssl_cache module now return a +negative MBEDTLS_ERR_xxx error code on failure. Before, they returned 1 to +indicate failure in some cases involving a missing entry or a full cache. + Changes + * In configurations with ARIA or Camellia but not AES, the value of +MBEDTLS_CIPHER_BLKSIZE_MAX was 8, rather than 16 as the name might suggest. +This did not affect any library code, because this macro was only used in +relation with CMAC which does not support these ciphers. Its value is now +16 if ARIA or Camellia are present. This may affect application code that +uses this macro. + +--- Old: mbedtls-2.28.4.tar.gz New: mbedtls-2.28.5.tar.gz Other differences: -- ++ mbedtls-2.spec ++ --- /var/tmp/diff_new_pack.kPPeMR/_old 2023-10-08 12:22:57.040150387 +0200 +++ /var/tmp/diff_new_pack.kPPeMR/_new 2023-10-08 12:22:57.040150387 +0200 @@ -21,7 +21,7 @@ %define lib_x509 libmbedx509-1 %define _rname mbedtls Name: mbedtls-2 -Version:2.28.4 +Version:2.28.5 Release:0 Summary:Libraries for crypto and SSL/TLS protocols License:Apache-2.0 ++ mbedtls-2.28.4.tar.gz -> mbedtls-2.28.5.tar.gz ++ 13049 lines of diff (skipped)
commit mbedtls-2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package mbedtls-2 for openSUSE:Factory checked in at 2023-08-18 19:28:10 Comparing /work/SRC/openSUSE:Factory/mbedtls-2 (Old) and /work/SRC/openSUSE:Factory/.mbedtls-2.new.1766 (New) Package is "mbedtls-2" Fri Aug 18 19:28:10 2023 rev:3 rq:1104419 version:2.28.4 Changes: --- /work/SRC/openSUSE:Factory/mbedtls-2/mbedtls-2.changes 2023-05-08 17:25:09.609006027 +0200 +++ /work/SRC/openSUSE:Factory/.mbedtls-2.new.1766/mbedtls-2.changes 2023-08-18 19:28:30.727332362 +0200 @@ -1,0 +2,30 @@ +Wed Aug 16 18:46:37 UTC 2023 - Scott Bradnick + +- Update to 2.28.4: + Features + * Allow MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE to be set by +setting the CMake variable of the same name at configuration time. + Bugfix + * Fix crypt_and_hash decryption fail when used with a stream cipher +mode of operation, due to the input not being a multiple of the block +size. Resolves #7417. + * Fix a bug where mbedtls_x509_string_to_names() would return success +when given a invalid name string, if it did not contain '=' or ','. + * Fix missing PSA initialization in sample programs when +MBEDTLS_USE_PSA_CRYPTO is enabled. + * Fix clang and armclang compilation error when targeting certain Arm +M-class CPUs (Cortex-M0, Cortex-M0+, Cortex-M1, Cortex-M23, +SecurCore SC000). Fixes #1077. + * Fixed an issue that caused compile errors when using CMake and the IAR +toolchain. + * Fix the build with MBEDTLS_PSA_INJECT_ENTROPY. Fixes #7516. + * Fix builds on Windows with clang. + * Fix compilation warnings in aes.c for certain combinations +of configuration options. + * Fix a compilation error on some platforms when including mbedtls/ssl.h +with all TLS support disabled. Fixes #6628. + Changes + * Update test data to avoid failures of unit tests after 2023-08-07, and +update expiring certififcates in the certs + +--- Old: mbedtls-2.28.3.tar.gz New: mbedtls-2.28.4.tar.gz Other differences: -- ++ mbedtls-2.spec ++ --- /var/tmp/diff_new_pack.iahi2W/_old 2023-08-18 19:28:31.655334026 +0200 +++ /var/tmp/diff_new_pack.iahi2W/_new 2023-08-18 19:28:31.667334047 +0200 @@ -21,7 +21,7 @@ %define lib_x509 libmbedx509-1 %define _rname mbedtls Name: mbedtls-2 -Version:2.28.3 +Version:2.28.4 Release:0 Summary:Libraries for crypto and SSL/TLS protocols License:Apache-2.0 ++ mbedtls-2.28.3.tar.gz -> mbedtls-2.28.4.tar.gz ++ 18804 lines of diff (skipped)
commit mbedtls-2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package mbedtls-2 for openSUSE:Factory checked in at 2023-05-08 17:25:08 Comparing /work/SRC/openSUSE:Factory/mbedtls-2 (Old) and /work/SRC/openSUSE:Factory/.mbedtls-2.new.1533 (New) Package is "mbedtls-2" Mon May 8 17:25:08 2023 rev:2 rq:1085509 version:2.28.3 Changes: --- /work/SRC/openSUSE:Factory/mbedtls-2/mbedtls-2.changes 2023-05-03 12:57:10.335795473 +0200 +++ /work/SRC/openSUSE:Factory/.mbedtls-2.new.1533/mbedtls-2.changes 2023-05-08 17:25:09.609006027 +0200 @@ -1,0 +2,5 @@ +Mon May 8 11:27:53 UTC 2023 - Jaime MarquÃnez Ferrándiz + +- Fix the use of the %{release} macro for the mbedtls-devel version + +--- Other differences: -- ++ mbedtls-2.spec ++ --- /var/tmp/diff_new_pack.XmNLuu/_old 2023-05-08 17:25:10.081008817 +0200 +++ /var/tmp/diff_new_pack.XmNLuu/_new 2023-05-08 17:25:10.085008841 +0200 @@ -1,7 +1,7 @@ # -# spec file for package mbedtls +# spec file for package mbedtls-2 # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -82,7 +82,7 @@ Requires: %{lib_crypto} = %{version} Requires: %{lib_tls} = %{version} Requires: %{lib_x509} = %{version} -Provides: mbedtls-devel = %{version}-release +Provides: mbedtls-devel = %{version}-%{release} Conflicts: mbedtls-devel >= 3 %description devel