| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Replace PYTHON_PATCH_SCRIPTS with REPLACE_PYTHON.
|
|
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.
Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.
Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.
Whitespace cleanups and other nits corrected, where necessary.
|
|
Bump PKGREVISION.
|
|
Bump PKGREVISION.
|
|
|
|
|
|
|
|
2013-07-26 Valery Febvre <vfebvre@easter-eggs.com>
* License switch from GPL to MIT.
|
|
|
|
|
|
|
|
bump PKGREV
|
|
Changes in 3.2.8.1:
Note, that I've realized that this release has issues with the
assembly files in win32 and macosx systems. In these systems
use gnutls 3.2.8.1.
3.2.8:
* Version 3.2.8 (released 2013-12-20)
** libgnutls: Updated code for AES-NI. That prevents an uninitialized
variable complaint from valgrind.
** libgnutls: Enforce a maximum size for DH primes.
** libgnutls: Added SSSE3 optimized SHA1, and SHA256, using Andy Polyakov's
code.
** libgnutls: Added SSSE3 optimized AES using Mike Hamburg's code.
** libgnutls: It only links to librt if the required functions are
not present in libc. This also prevents an indirect linking to libpthread.
** libgnutls: Fixed issue with gnulib strerror replacement by adding
the strerror gnulib module.
** libgnutls: The time provided in the TLS random values is only precise
on its first 3 bytes. That prevents leakage of the precise system
time (at least on the client side when only few connections are
done on a single server).
** certtool: The --verify option will use the system CAs if the
load-ca-certificate option is not provided.
** configure: Added option --with-default-blacklist-file to allow
specifying a certificate blacklist file.
** configure: Added --disable-non-suiteb-curves option. This option
restricts the supported curves to SuiteB curves.
** API and ABI modifications:
gnutls_record_check_corked: Added
|
|
new file types, and
quality improvements. These include:
- Extraction, decompression, and scanning of files within Apple Disk Image (DMG) format.
- Extraction, decompression, and scanning of files within Extensible Archive (XAR) format.
XAR format is commonly used for software packaging, such as PKG and RPM, as well as
general archival.
- Decompression and scanning of files in "Xz" compression format.
- Improvements and fixes to extraction and scanning of ole formats.
- Option to force all scanned data to disk. This impacts only a few file types where
some embedded content is normally scanned in memory. Enabling this option
ensures that a file descriptor exists when callback functions are used, at a small
performance cost. This should only be needed when callback functions are used
that need file access.
- Various improvements to ClamAV configuration, support of third party libraries,
and unit tests.
|
|
Addresses PR 48523 by Kai-Uwe Eckhardt.
|
|
|
|
|
|
|
|
|
|
Add blowfish/serpent ARM assembly files to Makefile.am
* Add patches from upstream git repository
* Tested on NetBSD/evbearmv6hf-el 6.99.28
|
|
- Fix for TLS record tampering bug. A carefully crafted invalid
handshake could crash OpenSSL with a NULL pointer exception.
Thanks to Anton Johansson for reporting this issues.
(CVE-2013-4353)
- Keep original DTLS digest and encryption contexts in retransmission
structures so we can use the previous session parameters if they need
to be resent. (CVE-2013-6450)
[Steve Henson]
- Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
avoids preferring ECDHE-ECDSA ciphers when the client appears to be
Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for
several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug
is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
[Rob Stradling, Adam Langley]
|
|
|
|
|
|
|
|
|
|
|
|
Fixes build on NetBSD-5-i386 with builtin gcc.
|
|
and naturally non-gcc/non-gas builds by patching configure instead
(adapted from configure.ac in the works upstream).
|
|
Fixes build after automake-1.14.1 update.
Make automake a build dependency. Bump PKGREVISION.
|
|
* change one ifdef to also include __DragonFly__
|
|
expressions containing a '/' (divide) are problematic because according to
the SUN x86 Assembly Language Reference Manual, '/' should be treated as
starting comments.
To get over this, gas has '--divide' do not treat `/' as a comment character
|
|
|
|
**1.6.2** (2013-12-26)
======================
Minor changes & compatibility fixes
* Re-tuned the :attr:`~passlib.ifc.PasswordHash.default_rounds`
values for all of the hashes.
* Added the new :doc:`bcrypt_sha256 <lib/passlib.hash.bcrypt_sha256>` hash,
which wraps BCrypt using SHA256 in order to work around
BCrypt's password size limitations (:issue:`43`).
* :doc:`passlib.hash.bcrypt <lib/passlib.hash.bcrypt>`:
Added support for the `bcrypt <https://pypi.python.org/pypi/bcrypt>`_
library as one of the possible bcrypt backends that will be
used if available. (:issue:`49`)
* :mod:`passlib.ext.django`: Passlib's Django extension
(and it's related hashes and unittests) have been updated to
handle some minor API changes in Django 1.5-1.6. They should
now be compatible with Django 1.2 and up. (:issue:`50`)
|
|
The MirBSD version contains fixes so the comment in Makefile.PL does
not apply.
|
|
|
|
Noteworthy changes in version 1.6.0 (2013-12-16)
------------------------------------------------
* Removed the long deprecated gcry_ac interface. Thus Libgcrypt is
not anymore ABI compatible to previous versions if they used the ac
interface.
* Removed the module register subsystem.
* The deprecated message digest debug macros have been removed. Use
gcry_md_debug instead.
* Removed deprecated control codes.
* Improved performance of most cipher algorithms as well as for the
SHA family of hash functions.
* Added support for the IDEA cipher algorithm.
* Added support for the Salsa20 and reduced Salsa20/12 stream ciphers.
* Added limited support for the GOST 28147-89 cipher algorithm.
* Added support for the GOST R 34.11-94 and R 34.11-2012 (Stribog)
hash algorithms.
* Added a random number generator to directly use the system's RNG.
Also added an interface to prefer the use of a specified RNG.
* Added support for the SCRYPT algorithm.
* Mitigated the Yarom/Falkner flush+reload side-channel attack on RSA
secret keys. See <http://eprint.iacr.org/2013/448> [CVE-2013-4242].
* Added support for Deterministic DSA as per RFC-6969.
* Added support for curve Ed25519.
* Added a scatter gather hash convenience function.
* Added several MPI amd SEXP helper functions.
* Added support for negative numbers to gcry_mpi_print,
gcry_mpi_aprint and gcry_mpi_scan.
* The algorithm ids GCRY_PK_ECDSA and GCRY_PK_ECDH are now
deprecated. Use GCRY_PK_ECC if you need an algorithm id.
* Changed gcry_pk_genkey for "ecc" to only include the curve name and
not the parameters. The flag "param" may be used to revert this.
* Added a feature to globally disable selected hardware features.
* Added debug helper functions.
|
|
|
|
Perl 5 module to parse a X.509 certificate.
|
|
|
|
needing NOT_FOR_UNPRIVILEGED any more.
XXX: In fact, most of the permission settings seem bogus; and also it
XXX: shouldn't be using /var/adm.
|
|
|
|
|
|
|
|
entries for NetbSD architectures without assembler routines and Interix
containing ::::::... need to be updated, else -fPIC ends up in the
object-to-build list of crypto/modes. The correct entry snippet is
stored in ${no_asm}.
make test has run successfully in pkgsrc-current and -2013Q3 on
Shark (arm, asm-less) as well as i386 (with asm routines).
|
|
Fix a call to mp_radix_size to use a pointer to the BIGNUM, not the
address of the pointer, when accessing. Fixes a problem observed in
other software when using the same code. The problem was obscured
from the compiler because of the use of __UNCONST(). This makes the
BN_dec2bn() and BN_hex2bn() functions (in libnetpgpverify) work
properly.
OK: wiz
|
|
Noteworthy changes in version 1.4.16 (2013-12-18)
-------------------------------------------------
* Fixed the RSA Key Extraction via Low-Bandwidth Acoustic
Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576]
* Put only the major version number by default into armored output.
* Do not create a trustdb file if --trust-model=always is used.
* Print the keyid for key packets with --list-packets.
* Changed modular exponentiation algorithm to recover from a small
performance loss due to a change in 1.4.14.
|
|
|
|
|
|
|
|
It is just a old version of security/py-crypto since it was re-imported as
version 2.1.0.
|
