botan1.10 1.10.5-1 source package in Ubuntu
Changelog
botan1.10 (1.10.5-1) unstable; urgency=low
* Imported Upstream version 1.10.4
+ Avoid a conditional operation in the power mod implementations on if
a nibble of the exponent was zero or not. This may help protect
against certain forms of side channel attacks.
+ The SRP6 code was checking for invalid values as specified in RFC
5054, specifically values equal to zero mod p. However SRP would
accept negative A/B values, or ones larger than p, neither of which
should occur in a normal run of the protocol. These values are now
rejected. Credits to Timothy Prepscius for pointing out these values
are not normally used and probably signal something fishy.
+ The return value of version_string is now a compile time constant
string, so version information can be more easily extracted from
binaries.
* Imported Upstream version 1.10.5
+ A potential crash in the AES-NI implementation of the AES-192 key
schedule (caused by misaligned loads) has been fixed.
+ A previously conditional operation in Montgomery multiplication and
squaring is now always performed, removing a possible timing channel.
+ Use correct flags for creating a shared library on OS X under Clang.
+ Fix a compile time incompatibility with Visual C++ 2012.
-- Ondřej Surý <email address hidden> Mon, 04 Mar 2013 09:24:12 +0100
Upload details
- Uploaded by:
- Ondřej Surý
- Uploaded to:
- Sid
- Original maintainer:
- Ondřej Surý
- Architectures:
- any
- Section:
- libs
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| botan1.10_1.10.5-1.dsc | 1.4 KiB | 0c5a3308961069a9396475084f8b330f277b015b564c237a3eb59585bc45a823 |
| botan1.10_1.10.5.orig.tar.bz2 | 2.1 MiB | 5f57cf44dc295e63c137f40e6367f1d0f53e92b9b224db150dae321d2a8e712d |
| botan1.10_1.10.5-1.debian.tar.gz | 8.0 KiB | e4b8084b0b428971cbd0d9c4594a3b6d984cb69642b6cca91d6b6201d8790ada |
Available diffs
- diff from 1.10.3-1 to 1.10.5-1 (5.6 KiB)
No changes file available.
Binary packages built by this source
- botan1.10-dbg: No summary available for botan1.10-dbg in ubuntu saucy.
No description available for botan1.10-dbg in ubuntu saucy.
- libbotan-1.10-0: No summary available for libbotan-1.10-0 in ubuntu saucy.
No description available for libbotan-1.10-0 in ubuntu saucy.
- libbotan1.10-dev: multiplatform crypto library (development)
Botan is a C++ library which provides support for many common cryptographic
operations, including encryption, authentication, and X.509v3 certificates and
CRLs. A wide variety of algorithms is supported, including RSA, DSA, DES, AES,
MD5, and SHA-1.
.
This package contains the development files.
