Change log for botan1.10 package in Debian

125 of 25 results
Published in jessie-release on 2017-12-09
botan1.10 (1.10.8-2+deb8u2) jessie-security; urgency=medium

  * CVE-2017-2801

 -- Moritz Muehlenhoff <email address hidden>  Sat, 12 Aug 2017 03:43:19 +0200
Deleted in buster-release (Reason: None provided.)
Deleted in buster-release (Reason: None provided.)
Deleted in sid-release (Reason: None provided.)
botan1.10 (1.10.17-0.1) unstable; urgency=medium

  * Non-maintainer upload.
  * New upstream release 1.10.17 (Closes: #877436)
    + [CVE-2017-14737]: Side channel affecting modular exponentiation
    + Upstream has imported Debian architecture support patches, removed
      them.

 -- Christian Hofstaedtler <email address hidden>  Mon, 09 Oct 2017 09:19:15 +0000

Available diffs

Superseded in buster-release on 2017-10-14
Published in stretch-release on 2017-05-31
Superseded in sid-release on 2017-10-09
botan1.10 (1.10.16-1) unstable; urgency=high

  * Update d/watch to match new upstream download directory
  * New upstream version 1.10.16
    + [CVE-2017-2801]: Incorrect comparison in X.509 DN strings

 -- Ondřej Surý <email address hidden>  Mon, 29 May 2017 13:45:02 +0200

Available diffs

Superseded in stretch-release on 2017-05-31
Superseded in sid-release on 2017-05-31
botan1.10 (1.10.15-1) unstable; urgency=medium

  * New upstream version 1.10.15

 -- Ondřej Surý <email address hidden>  Fri, 13 Jan 2017 09:47:48 +0100

Available diffs

Superseded in stretch-release on 2017-01-24
Superseded in sid-release on 2017-01-13
botan1.10 (1.10.14-1) unstable; urgency=medium

  * Imported Upstream version 1.10.14
  * Rebase patches using gbp pq on top of 1.10.14 release

 -- Ondřej Surý <email address hidden>  Tue, 29 Nov 2016 15:10:39 +0100

Available diffs

Superseded in stretch-release on 2016-12-05
Superseded in sid-release on 2017-01-13
botan1.10 (1.10.13-1) unstable; urgency=medium

  * Imported Upstream version 1.10.13
  * Disable OpenSSL module to mitigate OpenSSL 1.1.0 transition
    (Closes: #828252)

 -- Ondřej Surý <email address hidden>  Sun, 06 Nov 2016 21:00:24 +0100

Available diffs

Superseded in jessie-release on 2017-12-09
botan1.10 (1.10.8-2+deb8u1) jessie-security; urgency=high

  * Non-maintainer upload.
  * CVE-2015-5726: Fix crash in BER decoder.
  * CVE-2015-5727: Fix excess memory allocation in BER decoder.
  * CVE-2015-7827: Fix PKCS #1 v1.5 decoding was not constant time.
  * CVE-2016-2194: Fix infinite loop in modulur square root algorithm.
  * CVE-2016-2195: Fix Heap overflow on invalid ECC point.
  * CVE-2016-2849: Use constant time modular inverse algorithm to avoid
    possible side channel attack against ECDSA.

 -- Markus Koschany <email address hidden>  Fri, 29 Apr 2016 17:49:39 +0200
Superseded in stretch-release on 2016-11-12
Superseded in sid-release on 2016-11-29
botan1.10 (1.10.12-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Correctly disable test suite when building with nocheck (Closes: #813633)
  * Add missing dependencies to libbotan1.10-dev (Closes: #816535)

 -- Christian Hofstaedtler <email address hidden>  Mon, 14 Mar 2016 20:48:29 +0000

Available diffs

Superseded in sid-release on 2016-03-22
botan1.10 (1.10.12-1) unstable; urgency=medium

  * Update a final symbols file prepared using pkgkde-symbolshelper
    batchpatch
  * Imported Upstream version 1.10.11
  * Imported Upstream version 1.10.12
  * Relax symbols check (for now)

 -- Ondřej Surý <email address hidden>  Wed, 03 Feb 2016 12:02:22 +0100

Available diffs

Superseded in stretch-release on 2016-03-23
Superseded in sid-release on 2016-02-04
botan1.10 (1.10.10-6) unstable; urgency=medium

  * Use pkgkde-symbolshelper to maintain a single symbols file (that needs
    to be updated after, so we don't fail at all)
  * Install docs for libbotan-1.10-1

 -- Ondřej Surý <email address hidden>  Tue, 18 Aug 2015 18:14:44 +0200
Superseded in sid-release on 2015-08-19
botan1.10 (1.10.10-4) unstable; urgency=medium

  * Update amd64 symbols to match the current version

 -- Ondřej Surý <email address hidden>  Tue, 18 Aug 2015 14:57:48 +0200
Superseded in sid-release on 2015-08-18
botan1.10 (1.10.10-3) unstable; urgency=medium

  * Make the symbols tied to the architecture, so we don't have to have
    hundreds of arch= tags in symbols file (Closes: #795888)
  * Add i386 symbols file for libbotan-1.10-1 package in addition to amd64

 -- Ondřej Surý <email address hidden>  Tue, 18 Aug 2015 13:24:37 +0200
Superseded in sid-release on 2015-08-18
botan1.10 (1.10.10-2) unstable; urgency=medium

  * Update symbols with any-amd64 for for amd64 specific symbols

 -- Ondřej Surý <email address hidden>  Mon, 17 Aug 2015 17:52:18 +0200
Superseded in sid-release on 2015-08-17
botan1.10 (1.10.10-1) unstable; urgency=medium

  * Imported Upstream version 1.10.10
  * Add symbols file for libbotan-1.10-0v5 library
  * Rebuild with gcc-5 and libstdc++6 (Closes: #790987)
  * Add DPKG_GENSYMBOLS_CHECK_LEVEL=4 to d/rules
  * Upstream bumped SOVERSION to 1, so rename the shared library package
    to libbotan-1.10-1

 -- Ondřej Surý <email address hidden>  Mon, 17 Aug 2015 11:46:43 +0200
Superseded in stretch-release on 2015-09-07
Superseded in jessie-release on 2016-06-05
Superseded in sid-release on 2015-08-31
botan1.10 (1.10.8-2) unstable; urgency=medium


  * Add ppc64el and arm64 support (Closes: #741691)
  * Add support for or1k (Closes: #749267)
  * Use correct Vcs-* links

 -- Ondřej Surý <email address hidden>  Mon, 25 Aug 2014 10:49:33 +0200
Superseded in jessie-release on 2014-08-31
Superseded in sid-release on 2014-08-25
botan1.10 (1.10.8-1) unstable; urgency=medium


  * New upstream version 1.10.8
  * Use debhelper 9 (dpkg-buildflags) instead of hardening-wrapper
  * Update watch file to look for v.1.10.x
  * Update patches for 1.10.8 release

 -- Ondřej Surý <email address hidden>  Mon, 30 Jun 2014 10:09:50 +0200
Superseded in jessie-release on 2014-07-06
Published in wheezy-release on 2013-04-05
Superseded in sid-release on 2014-06-30
botan1.10 (1.10.5-1) unstable; urgency=low


  * Imported Upstream version 1.10.4
   + Avoid a conditional operation in the power mod implementations on if
     a nibble of the exponent was zero or not. This may help protect
     against certain forms of side channel attacks.
   + The SRP6 code was checking for invalid values as specified in RFC
     5054, specifically values equal to zero mod p. However SRP would
     accept negative A/B values, or ones larger than p, neither of which
     should occur in a normal run of the protocol. These values are now
     rejected. Credits to Timothy Prepscius for pointing out these values
     are not normally used and probably signal something fishy.
   + The return value of version_string is now a compile time constant
     string, so version information can be more easily extracted from
     binaries.
  * Imported Upstream version 1.10.5
   + A potential crash in the AES-NI implementation of the AES-192 key
     schedule (caused by misaligned loads) has been fixed.
   + A previously conditional operation in Montgomery multiplication and
     squaring is now always performed, removing a possible timing channel.
   + Use correct flags for creating a shared library on OS X under Clang.
   + Fix a compile time incompatibility with Visual C++ 2012.

 -- Ondřej Surý <email address hidden>  Mon, 04 Mar 2013 09:24:12 +0100

Available diffs

Superseded in wheezy-release on 2013-04-05
Superseded in sid-release on 2013-03-05
botan1.10 (1.10.3-1) unstable; urgency=high


  * Imported Upstream version 1.10.3
   + A change in 1.10.2 accidentally broke ABI compatibility with 1.10.1
     and earlier versions, causing programs compiled against 1.10.1 to
     crash if linked with 1.10.2 at runtime. (Closes: #681066)
   + Recent versions of OpenSSL include extra information in ECC private
     keys, the presence of which caused an exception when such a key was
     loaded by botan. The decoding of ECC private keys has been changed to
     ignore these fields if they are set.

 -- Ondřej Surý <email address hidden>  Tue, 10 Jul 2012 21:03:03 +0200

Available diffs

Superseded in wheezy-release on 2012-07-17
Superseded in sid-release on 2012-07-12
botan1.10 (1.10.2-1) unstable; urgency=low


  * Imported Upstream version 1.10.2
  * Remove s390x patch as it was merged upstream

 -- Ondřej Surý <email address hidden>  Thu, 28 Jun 2012 11:08:11 +0200

Available diffs

Superseded in wheezy-release on 2012-07-09
Superseded in sid-release on 2012-06-28
botan1.10 (1.10.1-1) unstable; urgency=low


  * Imported Upstream version 1.10.1

 -- Ondřej Surý <email address hidden>  Tue, 07 Feb 2012 20:03:56 +0100

Available diffs

Superseded in wheezy-release on 2012-02-18
Superseded in sid-release on 2012-02-09
botan1.10 (1.10.0-3) unstable; urgency=low


  * Don't canonicalize s390x to s390/s390 (Closes: #639564)

 -- Ondřej Surý <email address hidden>  Thu, 01 Sep 2011 09:45:13 +0200
Superseded in sid-release on 2011-09-20
botan1.10 (1.10.0-2) unstable; urgency=low


  * Rename manpage to botan-config-1.10 (Closes: #639264)

 -- Ondřej Surý <email address hidden>  Thu, 25 Aug 2011 15:41:02 +0200
Superseded in sid-release on 2011-09-20
botan1.10 (1.10.0-1) unstable; urgency=low


  * Imported Upstream version 1.10.0
  * Don't Conflict with libbotan1.8-dev, it's no longer needed
  * Rename libbotan-1.9 to libbotan-1.10-0 to match its SONAME

 -- Ondřej Surý <email address hidden>  Tue, 21 Jun 2011 08:42:11 +0200
Superseded in wheezy-release on 2011-09-21
Superseded in sid-release on 2011-09-20
botan1.10 (1.10~1.9.18-1) unstable; urgency=low
  * Imported Upstream version 1.10~1.9.18    + Remove all local patches; merged upstream  * Update Vcs-* links  * Update *.install to reflect the versioning changes in upstream    + botan-config is now botan-config-<major>.<minor>    + headers are installed to /usr/include/botan-<major>.<minor>/botan    + pkg-config is botan-<major>.<minor>.pc -- Ondřej Surý <email address hidden>  Fri, 03 Jun 2011 16:23:16 +0200
Superseded in wheezy-release on 2011-09-21
Superseded in sid-release on 2011-09-20
botan1.10 (1.10~1.9.17-1) unstable; urgency=low
  * Fork botan1.8 package to botan1.10  * Imported Upstream version 1.9.17  * Fix spelling error recieved vs received in library  * Debian packaging:    + Bump standards version to 3.9.2    + Adjust patches to the new release    + Enable full build including the checks on all platforms    + Update install and docs files to the new release    + Rename library to libbotan-1.9.so to match SONAME    + Exclude duplicate license.txt file from package -- Ondřej Surý <email address hidden>  Tue, 10 May 2011 12:12:27 +0200
125 of 25 results