| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
0.5.2:
Unknown changes
|
|
Version 8.2.0
minor release, no recompile of programs required
expanded community input and support
56 unique contributors as of this release
use PowerPC unaligned loads and stores with Power8
add SKIPJACK test vectors
fix SHAKE-128 and SHAKE-256 compile
removed IS_NEON from Makefile
fix Aarch64 build on Fedora 29
fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL
add missing BLAKE2 constructors
fix missing BlockSize() in BLAKE2 classes
Version 8.1.0
minor release, no recompile of programs required
expanded community input and support
56 unique contributors as of this release
fix OS X PowerPC builds with Clang
add Microsoft ARM64 support
fix iPhone Simulator build due to missign symbols
add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE
add carryless multiplies for NIST b233 and k233 curves
fix OpenMP build due to use of OpenMP 4 with down-level compilers
add SignStream and VerifyStream for ed25519 and large files
fix missing AlgorithmProvider in PanamaHash
add SHAKE-128 and SHAKE-256
fix AVX2 build due to _mm256_broadcastsi128_si256
add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305
Version 8.0.0
major release, recompile of programs required
expanded community input and support
54 unique contributors as of this release
add x25519 key exchange and ed25519 signature scheme
add limited Asymmetric Key Package support from RFC 5958
add Power9 DARN random number generator support
add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck
fix FixedSizeAllocatorWithCleanup may be unaligned on some platforms
cutover to GNU Make-based cpu feature tests
rename files with dashes to underscores
fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC
fix incorrect AES/CBC decryption on Windows
avoid Singleton<T> when possible, avoid std::call_once completely
fix SPARC alignment problems due to GetAlignmentOf<T>() on word64
add ARM AES asm implementation from Cryptogams
remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support
|
|
we also need to adjust the argument. This failure caused
opensshd for the session to crash with a bus error.
Bump PKGREVISION.
|
|
Noteworthy changes in version 2.2.16:
* gpg,gpgsm: Fix deadlock on Windows due to a keybox sharing
violation.
* gpg: Allow deletion of subkeys with --delete-key. This finally
makes the bang-suffix work as expected for that command.
* gpg: Replace SHA-1 by SHA-256 in self-signatures when updating
them with --quick-set-expire or --quick-set-primary-uid.
* gpg: Improve the photo image viewer selection.
* gpg: Fix decryption with --use-embedded-filename.
* gpg: Remove hints on using the --keyserver option.
* gpg: Fix export of certain secret keys with comments.
* gpg: Reject too long user-ids in --quick-gen-key.
* gpg: Fix a double free in the best key selection code.
* gpg: Fix the key generation dialog for switching back from EdDSA
to ECDSA.
* gpg: Use AES-192 with SHA-384 to comply with RFC-6637.
* gpg: Use only the addrspec from the Signer's UID subpacket to
mitigate a problem with another implementation.
* gpg: Skip invalid packets during a keyring listing and sync
diagnostics with the output.
* gpgsm: Avoid confusing diagnostic when signing with the default
key.
* agent: Do not delete any secret key in --dry-run mode.
* agent: Fix failures on 64 bit big-endian boxes related to URIs in
a keyfile.
* agent: Stop scdaemon after a reload with disable-scdaemon newly
configured.
* dirmngr: Improve caching algorithm for WKD domains.
* dirmngr: Support other hash algorithms than SHA-1 for OCSP.
* gpgconf: Make --homedir work for --launch.
* gpgconf: Before --launch check for a valid config file.
* wkd: Do not import more than 5 keys from one WKD address.
* wkd: Accept keys which are stored in armored format in the
directory.
* The installer for Windows now comes with signed binaries.
|
|
Pick up two more NetBSD bugfixes from firefox60:
* use /dev/audio instead of /dev/sound
* use libGL.so instead of the versioned libGL.so.1, which does not exist
on NetBSD
|
|
1.4.3
fix deprecation warning with python 3.7
|
|
Version 1.0.18
- The Enterprise versions of Visual Studio are now supported.
- Visual Studio 2019 is now supported.
- 32-bit binaries for Visual Studio 2010 are now provided.
- A test that didn't work properly on Linux systems with overcommit
memory turned on has been removed. This fixes Ansible builds.
- Emscripten: print and printErr functions are overridden to send
errors to the console, if there is one.
- Emscripten: UTF8ToString() is now exported since Pointer_stringify()
has been deprecated.
- Libsodium version detection has been fixed in the CMake recipe.
- Generic hashing got a 10% speedup on AVX2.
- New target: WebAssembly/WASI (compile with dist-builds/wasm32-wasi.sh).
- New functions to map a hash to an edwards25519 point or get a random point:
core_ed25519_from_hash() and core_ed25519_random().
- crypto_core_ed25519_scalar_mul() has been implemented for scalar*scalar
(mod L) multiplication.
- Support for the Ristretto group has been implemented, for compatibility
with wasm-crypto.
- Improvements have been made to the test suite.
- Portability improvements has been made.
- getentropy() is now used on systems providing this system call.
- randombytes_salsa20 has been renamed to randombytes_internal.
- Support for (p)nacl has been removed.
- Most ((nonnull)) attributes have been relaxed to allow 0-length inputs
to be NULL.
- The -ftree-vectorize and -ftree-slp-vectorize compiler switches are
now used, if available, for optimized builds.
|
|
2.7:
BACKWARDS INCOMPATIBLE: We no longer distribute 32-bit manylinux1 wheels. Continuing to produce them was a maintenance burden.
BACKWARDS INCOMPATIBLE: Removed the cryptography.hazmat.primitives.mac.MACContext interface. The CMAC and HMAC APIs have not changed, but they are no longer registered as MACContext instances.
Updated Windows, macOS, and manylinux1 wheels to be compiled with OpenSSL 1.1.1c.
Removed support for running our tests with setup.py test. Users interested in running our tests can continue to follow the directions in our :doc:development documentation</development/getting-started>.
Add support for :class:~cryptography.hazmat.primitives.poly1305.Poly1305 when using OpenSSL 1.1.1 or newer.
Support serialization with Encoding.OpenSSH and PublicFormat.OpenSSH in :meth:Ed25519PublicKey.public_bytes <cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey.public_bytes> .
Correctly allow passing a SubjectKeyIdentifier to :meth:~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier and deprecate passing an Extension object. The documentation always required SubjectKeyIdentifier but the implementation previously required an Extension.
|
|
3.8.2:
Resolved issues
* fix strict aliasing problem, emerged with GCC 9.1.
|
|
tentative fix submitted at https://issues.opendnssec.org/browse/SUPPORT-242.
Bump PKGREVISION.
|
|
copy tsutsui's commit to firefox:
fix wrong latency unit in stream_init() function.
Based on a patch in PR pkg/54206 from Y.Sugahara.
Bump PKGREVISION.
|
|
This is now centralised in mk/pkgformat so no need to do it manually.
|
|
|
|
Remove reference to TorButton, the homepage doesn't exist.
|
|
Avoid a situation where a build host can use SSE2, but opt.c is then
compiled without SSE2 support (which fails).
Also check for CFLAGS for this compile test while here.
amend comment: we avoid -march=native not because of netbsd, but because
it results in shiny package builders creating packages not usable by
some users with older machines.
PR pkg/54238: security/argon2 build fails on i386-current (8.99.41)
|
|
Use official tarball, now that one exists!
|
|
pkglint -Wall -r --only "substitution command" -F
With manual review and indentation fixes since pkglint doesn't get that
part correct in every case.
|
|
Changes: not found, I expect the same as for firefox 60.5.1 -> firefxo 60.6.1.
|
|
signing-party (2.10-1) unstable; urgency=high
* gpg-key2ps: Security fix for CVE-2018-15599: unsafe shell call enabling
shell injection via a User ID. Use Perl's (core) module Encode.pm instead
of shelling out to `iconv`. (Closes: #928256.)
|
|
2016-Jul-30 v3.1 - Added the purge command.
Added Data::Password::passwdqc support to the
pwck command and prefer it over Data::Password.
Minor improvements in cli_pwck().
Applied SF patch #6 from Chris van Marle.
Addressed items pointed out in SF patch #7.
In cli_save(), worked around a File::KeePass bug.
- rt.cpan.org tik# 113391; https://goo.gl/v65HKE
Applied SF patch #8 from Maciej Grela.
Optional better RNG; SF bug #30 from Aaron Toponce.
2017-Dec-22 v3.2 - Added xpx command per the request in SF ticket #32.
Added autosave functionality (shadow copies).
Fixed a bug in new_edit_multiline_input() that was
preventing blank lines between paragraphs.
Fixed a typo in the --help info for --pwfile.
Fixed a small bug in subroutine destroy_found().
|
|
|
|
0.34.2:
Fixed
certbot-auto no longer writes a check_permissions.py script at the root of the filesystem.
Despite us having broken lockstep, we are continuing to release new versions of all Certbot components during releases for the time being, however, the only changes in this release were to certbot-auto.
|
|
|
|
Let's call this 20190306, as that's the date of the commit.
Most notably, this adds support for Let's Encrypt
(ISRG Root X1).
Changes:
+# Certificate "Certigna Root CA"
+# Certificate "GTS Root R1"
+# Certificate "GTS Root R2"
+# Certificate "GTS Root R3"
+# Certificate "GTS Root R4"
+# Certificate "GlobalSign Root CA - R6"
+# Certificate "Hongkong Post Root CA 3"
+# Certificate "ISRG Root X1"
+# Certificate "OISTE WISeKey Global Root GC CA"
+# Certificate "UCA Extended Validation Root"
+# Certificate "UCA Global G2 Root"
+# Certificate "emSign ECC Root CA - C3"
+# Certificate "emSign ECC Root CA - G3"
+# Certificate "emSign Root CA - C1"
+# Certificate "emSign Root CA - G1"
-# Certificate "AC Raiz Certicamara S.A."
-# Certificate "Certplus Root CA G1"
-# Certificate "Certplus Root CA G2"
-# Certificate "ComSign CA"
-# Certificate "ISRG Root X1"
-# Certificate "OpenTrust Root CA G1"
-# Certificate "OpenTrust Root CA G2"
-# Certificate "OpenTrust Root CA G3"
-# Certificate "S-TRUST Universal Root CA"
-# Certificate "TC TrustCenter Class 3 CA II"
-# Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5"
-# Certificate "Visa eCommerce Root"
|
|
|
|
Changelog:
2.4.1 (2019-04-12)
=========================
- Fix database deletion when using unsafe saves to a different file system [#2889]
- Fix opening databases with legacy key files that contain '/' [#2872]
- Fix opening database files from the command line [#2919]
- Fix crash when editing master key [#2836]
- Fix multiple issues with apply button behavior [#2947]
- Fix issues on application startup (tab order, --pw-stdin, etc.) [#2830]
- Fix building without WITH_XC_KEESHARE
- Fix reference entry coloring on macOS dark mode [#2984]
- Hide window when performing entry auto-type on macOS [#2969]
- Improve UX of update checker; reduce checks to every 7 days [#2968]
- KeeShare improvements [#2946, #2978, #2824]
- Re-enable Ctrl+C to copy password from search box [#2947]
- Add KeePassXC-Browser integration for Brave browser [#2933]
- SSH Agent: Re-Add keys on database unlock [#2982]
- SSH Agent: Only remove keys on app exit if they are removed on lock [#2985]
- CLI: Add --no-password option [#2708]
- CLI: Improve database extraction to XML [#2698]
- CLI: Don't call mandb on build [#2774]
- CLI: Add debug info [#2714]
- Improve support for Snap theming [#2832]
- Add support for building on Haiku OS [#2859]
- Ctrl+PgDn now goes to the next tab and Ctrl+PgUp to the previous
- Fix compiling on GCC 5 / Xenial [#2990]
- Add .gitrev output to tarball for third-party builds [#2970]
- Add WITH_XC_UPDATECHECK compile flag to toggle the update checker [#2968]
|
|
0.34.1:
Fixed
certbot-auto no longer prints a blank line when there are no permissions problems.
Despite us having broken lockstep, we are continuing to release new versions of all Certbot components during releases for the time being, however, the only changes in this release were to certbot-auto.
More details about these changes can be found on our GitHub repo.
0.34.0:
Changed
Apache plugin now tries to restart httpd on Fedora using systemctl if a configuration test error is detected. This has to be done due to the way Fedora now generates the self signed certificate files upon first restart.
Updated Certbot and its plugins to improve the handling of file system permissions on Windows as a step towards adding proper Windows support to Certbot.
Updated urllib3 to 1.24.2 in certbot-auto.
Removed the fallback introduced with 0.32.0 in acme to retry a challenge response with a keyAuthorization if sending the response without this field caused a malformed error to be received from the ACME server.
Linode DNS plugin now supports api keys created from their new panel at cloud.linode.com
Adding a warning noting that future versions of Certbot will automatically configure the webserver so that all requests redirect to secure HTTPS access. You can control this behavior and disable this warning with the --redirect and --no-redirect flags.
certbot-auto now prints warnings when run as root with insecure file system permissions. If you see these messages, you should fix the problem by following the instructions at https://community.letsencrypt.org/t/certbot-auto-deployment-best-practices/91979/, however, these warnings can be disabled as necessary with the flag --no-permissions-check.
acme module uses now a POST-as-GET request to retrieve the registration from an ACME v2 server
Convert the tsig algorithm specified in the certbot_dns_rfc2136 configuration file to all uppercase letters before validating. This makes the value in the config case insensitive.
|
|
|
|
Fix conflict with hmac symbol from libc, from Naveen Narayanan.
Update configure option, it was renamed. Bump PKGREVISION for that.
Small pkglint fix while here.
|
|
|
|
|
|
Changelog:
Some improvements.
|
|
0.5.1:
Unknown changes
|
|
|
|
|
|
|
|
Distfile does not exist and was not redistributable.
Package was marked BROKEN for this reason for some time.
Newer version available, package could be re-added if someone is interested.
(Last update was 2007.)
|
|
Update provided by Aleksej Lebedev in pkgsrc-wip.
I removed Interix support. We've been moving the patches for a
while, without a real test on Interix. the support for interix
is quite invasive and makes updating this package difficult.
Will reconsider re-adding if I knew we had actual users on
Interix (I strongly suspect we don't).
OpenSSH 8.0 was released on 2019-04-17. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
This release contains mitigation for a weakness in the scp(1) tool
and protocol (CVE-2019-6111): when copying files from a remote system
to a local directory, scp(1) did not verify that the filenames that
the server sent matched those requested by the client. This could
allow a hostile server to create or clobber unexpected local files
with attacker-controlled content.
This release adds client-side checking that the filenames sent from
the server match the command-line request,
The scp protocol is outdated, inflexible and not readily fixed. We
recommend the use of more modern protocols like sftp and rsync for
file transfer instead.
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* scp(1): Relating to the above changes to scp(1); the scp protocol
relies on the remote shell for wildcard expansion, so there is no
infallible way for the client's wildcard matching to perfectly
reflect the server's. If there is a difference between client and
server wildcard expansion, the client may refuse files from the
server. For this reason, we have provided a new "-T" flag to scp
that disables these client-side checks at the risk of
reintroducing the attack described above.
* sshd(8): Remove support for obsolete "host/port" syntax. Slash-
separated host/port was added in 2001 as an alternative to
host:port syntax for the benefit of IPv6 users. These days there
are establised standards for this like [::1]:22 and the slash
syntax is easily mistaken for CIDR notation, which OpenSSH
supports for some things. Remove the slash notation from
ListenAddress and PermitOpen; bz#2335
Changes since OpenSSH 7.9
=========================
This release is focused on new features and internal refactoring.
New Features
------------
* ssh(1), ssh-agent(1), ssh-add(1): Add support for ECDSA keys in
PKCS#11 tokens.
* ssh(1), sshd(8): Add experimental quantum-computing resistant
key exchange method, based on a combination of Streamlined NTRU
Prime 4591^761 and X25519.
* ssh-keygen(1): Increase the default RSA key size to 3072 bits,
following NIST Special Publication 800-57's guidance for a
128-bit equivalent symmetric security level.
* ssh(1): Allow "PKCS11Provider=none" to override later instances of
the PKCS11Provider directive in ssh_config; bz#2974
* sshd(8): Add a log message for situations where a connection is
dropped for attempting to run a command but a sshd_config
ForceCommand=internal-sftp restriction is in effect; bz#2960
* ssh(1): When prompting whether to record a new host key, accept
the key fingerprint as a synonym for "yes". This allows the user
to paste a fingerprint obtained out of band at the prompt and
have the client do the comparison for you.
* ssh-keygen(1): When signing multiple certificates on a single
command-line invocation, allow automatically incrementing the
certificate serial number.
* scp(1), sftp(1): Accept -J option as an alias to ProxyJump on
the scp and sftp command-lines.
* ssh-agent(1), ssh-pkcs11-helper(8), ssh-add(1): Accept "-v"
command-line flags to increase the verbosity of output; pass
verbose flags though to subprocesses, such as ssh-pkcs11-helper
started from ssh-agent.
* ssh-add(1): Add a "-T" option to allowing testing whether keys in
an agent are usable by performing a signature and a verification.
* sftp-server(8): Add a "lsetstat@openssh.com" protocol extension
that replicates the functionality of the existing SSH2_FXP_SETSTAT
operation but does not follow symlinks. bz#2067
* sftp(1): Add "-h" flag to chown/chgrp/chmod commands to request
they do not follow symlinks.
* sshd(8): Expose $SSH_CONNECTION in the PAM environment. This makes
the connection 4-tuple available to PAM modules that wish to use
it in decision-making. bz#2741
* sshd(8): Add a ssh_config "Match final" predicate Matches in same
pass as "Match canonical" but doesn't require hostname
canonicalisation be enabled. bz#2906
* sftp(1): Support a prefix of '@' to suppress echo of sftp batch
commands; bz#2926
* ssh-keygen(1): When printing certificate contents using
"ssh-keygen -Lf /path/certificate", include the algorithm that
the CA used to sign the cert.
Bugfixes
--------
* sshd(8): Fix authentication failures when sshd_config contains
"AuthenticationMethods any" inside a Match block that overrides
a more restrictive default.
* sshd(8): Avoid sending duplicate keepalives when ClientAliveCount
is enabled.
* sshd(8): Fix two race conditions related to SIGHUP daemon restart.
Remnant file descriptors in recently-forked child processes could
block the parent sshd's attempt to listen(2) to the configured
addresses. Also, the restarting parent sshd could exit before any
child processes that were awaiting their re-execution state had
completed reading it, leaving them in a fallback path.
* ssh(1): Fix stdout potentially being redirected to /dev/null when
ProxyCommand=- was in use.
* sshd(8): Avoid sending SIGPIPE to child processes if they attempt
to write to stderr after their parent processes have exited;
bz#2071
* ssh(1): Fix bad interaction between the ssh_config ConnectTimeout
and ConnectionAttempts directives - connection attempts after the
first were ignoring the requested timeout; bz#2918
* ssh-keyscan(1): Return a non-zero exit status if no keys were
found; bz#2903
* scp(1): Sanitize scp filenames to allow UTF-8 characters without
terminal control sequences; bz#2434
* sshd(8): Fix confusion between ClientAliveInterval and time-based
RekeyLimit that could cause connections to be incorrectly closed.
bz#2757
* ssh(1), ssh-add(1): Correct some bugs in PKCS#11 token PIN
handling at initial token login. The attempt to read the PIN
could be skipped in some cases, particularly on devices with
integrated PIN readers. This would lead to an inability to
retrieve keys from these tokens. bz#2652
* ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the
CKA_ALWAYS_AUTHENTICATE flag by requring a fresh login after the
C_SignInit operation. bz#2638
* ssh(1): Improve documentation for ProxyJump/-J, clarifying that
local configuration does not apply to jump hosts.
* ssh-keygen(1): Clarify manual - ssh-keygen -e only writes
public keys, not private.
* ssh(1), sshd(8): be more strict in processing protocol banners,
allowing \r characters only immediately before \n.
* Various: fix a number of memory leaks, including bz#2942 and
bz#2938
* scp(1), sftp(1): fix calculation of initial bandwidth limits.
Account for bytes written before the timer starts and adjust the
schedule on which recalculations are performed. Avoids an initial
burst of traffic and yields more accurate bandwidth limits;
bz#2927
* sshd(8): Only consider the ext-info-c extension during the initial
key eschange. It shouldn't be sent in subsequent ones, but if it
is present we should ignore it. This prevents sshd from sending a
SSH_MSG_EXT_INFO for REKEX for buggy these clients. bz#2929
* ssh-keygen(1): Clarify manual that ssh-keygen -F (find host in
authorized_keys) and -R (remove host from authorized_keys) options
may accept either a bare hostname or a [hostname]:port combo.
bz#2935
* ssh(1): Don't attempt to connect to empty SSH_AUTH_SOCK; bz#2936
* sshd(8): Silence error messages when sshd fails to load some of
the default host keys. Failure to load an explicitly-configured
hostkey is still an error, and failure to load any host key is
still fatal. pr/103
* ssh(1): Redirect stderr of ProxyCommands to /dev/null when ssh is
started with ControlPersist; prevents random ProxyCommand output
from interfering with session output.
* ssh(1): The ssh client was keeping a redundant ssh-agent socket
(leftover from authentication) around for the life of the
connection; bz#2912
* sshd(8): Fix bug in HostbasedAcceptedKeyTypes and
PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types
were specified, then authentication would always fail for RSA keys
as the monitor checks only the base key (not the signature
algorithm) type against *AcceptedKeyTypes. bz#2746
* ssh(1): Request correct signature types from ssh-agent when
certificate keys and RSA-SHA2 signatures are in use.
Portability
-----------
* sshd(8): On Cygwin, run as SYSTEM where possible, using S4U for
token creation if it supports MsV1_0 S4U Logon.
* sshd(8): On Cygwin, use custom user/group matching code that
respects the OS' behaviour of case-insensitive matching.
* sshd(8): Don't set $MAIL if UsePAM=yes as PAM typically specifies
the user environment if it's enabled; bz#2937
* sshd(8) Cygwin: Change service name to cygsshd to avoid collision
with Microsoft's OpenSSH port.
* Allow building against OpenSSL -dev (3.x)
* Fix a number of build problems against version configurations and
versions of OpenSSL. Including bz#2931 and bz#2921
* Improve warnings in cygwin service setup. bz#2922
* Remove hardcoded service name in cygwin setup. bz#2922
|
|
Right now, a user installing xscreensaver with the "pam" option will
see two messages about how to configure it, one of which comes from
this package. This needs to be disentangled properly, but there are
some broader questions that also apply to gnome-screensaver and mate-
screensaver, so for now, add a bit more detail here just in case. (This
relates to, but doesn't particularly address, PR pkg/50622.)
|
|
Changes are not available. But it seems set correct PHP_MCRYPT_VERSION
instead of PHP's version.
|
|
Fix HOMEPAGE and MASTER_SITES, as apparently the old domain was
transferred.
Take MAINTAINERship, to guard against deletionists.
|
|
1.3.0:
Added optional dependency for cryptography for faster RC4 cipher calls
Removed the deprecation warning for Ntlm, this is still advised not to use but there's no major harm keep it in place for older hosts
Add CI test for Python 3.7 and 3.8
|
|
python 3.4 / 3.5 removal commit.
|
|
- Includes some whitespace changes, to be handled in a separate commit.
|
|
Changes in 2.2
- support for openssl 1.1
- support for AES GCM and AES CCM modes
- new base64 convenience functions
- new botan2 support
- new hkdf support
- various build improvements and (deprecation) cleanups
There may be trouble building this release on windows. Feedback/input
would be very welcome.
(2.2.0 was not announced due to defects noticed after tagging)
|
|
|
|
Add new package option "editline" (enabled by default) which adds
command line editing and filename completion to the "sftp" client.
Bump the package revision because of this change.
|
|
This is a semi-manual PKGREVISION bump.
|
|
Revision 0.2.5:
- Added module RFC5958 providing Asymmetric Key Packages,
which is essentially version 2 of the PrivateKeyInfo
structure in PKCS#8 in RFC 5208
- Added module RFC8410 providing algorithm Identifiers for
Ed25519, Ed448, X25519, and X448
- Added module RFC8418 providing Elliptic Curve Diffie-Hellman
(ECDH) Key Agreement Algorithm with X25519 and X448
- Added module RFC3565 providing Elliptic Curve Diffie-Hellman
Key Agreement Algorithm use with X25519 and X448 in the
Cryptographic Message Syntax (CMS)
- Added module RFC4108 providing CMS Firmware Wrapper
- Added module RFC3779 providing X.509 Extensions for IP
Addresses and AS Identifiers
- Added module RFC4055 providing additional Algorithms and
Identifiers for RSA Cryptography for use in Certificates
and CRLs
|
