Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#16037 closed enhancement (fixed)

libgcrypt-1.10.0

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: elevated Milestone: 11.1
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New minor version.

Change History (3)

comment:1 by Bruce Dubbs, 3 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 3 years ago

Resolution: fixed
Status: assignedclosed

Fixed at commit 1f5fd07562939af9b9089c6eb22342b0d551a35d 

Package updates.
    Update to poppler-22.02.0.
    Update to libgcrypt-1.10.0.

comment:3 by Douglas R. Reno, 3 years ago

Priority: normalelevated 
Noteworthy changes in version 1.10.0 (2022-02-01) [C24/A4/R0]

    New and extended interfaces:
        New control codes to check for FIPS 140-3 approved algorithms.
        New control code to switch into non-FIPS mode.
        New cipher modes SIV and GCM-SIV as specified by RFC-5297.
        Extended cipher mode AESWRAP with padding as specified by RFC-5649. [T5752]
        New set of KDF functions.
        New KDF modes Argon2 and Balloon.
        New functions for combining hashing and signing/verification. [T4894]
    Performance:
        Improved support for PowerPC architectures.
        Improved ECC performance on zSeries/s390x by using accelerated scalar multiplication.
        Many more assembler performance improvements for several architectures.
    Bug fixes:
        Fix Elgamal encryption for other implementations. [R5328,CVE-2021-40528]
        Fix alignment problem on macOS. [T5440]
        Check the input length of the point in ECDH. [T5423]
        Fix an abort in gcry_pk_get_param for "Curve25519". [T5490]
    Other features:
        The control code GCRYCTL_SET_ENFORCED_FIPS_FLAG is ignored because it is useless with the FIPS 140-3 related changes.
        Update of the jitter entropy RNG code. [T5523]
        Simplification of the entropy gatherer when using the getentropy system call.
    Interface changes relative to the 1.10.0 release:

GCRYCTL_SET_DECRYPTION_TAG            NEW control code.
GCRYCTL_FIPS_SERVICE_INDICATOR_CIPHER NEW control code.
GCRYCTL_FIPS_SERVICE_INDICATOR_KDF    NEW control code.
GCRYCTL_NO_FIPS_MODE = 83             NEW control code.
GCRY_CIPHER_MODE_SIV                  NEW mode.
GCRY_CIPHER_MODE_GCM_SIV              NEW mode.
GCRY_CIPHER_EXTENDED                  NEW flag.
GCRY_SIV_BLOCK_LEN                    NEW macro.
gcry_cipher_set_decryption_tag        NEW macro.
GCRY_KDF_ARGON2                       NEW constant.
GCRY_KDF_BALLOON                      NEW constant.
GCRY_KDF_ARGON2D                      NEW constant.
GCRY_KDF_ARGON2I                      NEW constant.
GCRY_KDF_ARGON2ID                     NEW constant.
gcry_kdf_hd_t                         NEW type.
gcry_kdf_job_fn_t                     NEW type.
gcry_kdf_dispatch_job_fn_t            NEW type.
gcry_kdf_wait_all_jobs_fn_t           NEW type.
struct gcry_kdf_thread_ops            NEW struct.
gcry_kdf_open                         NEW function.
gcry_kdf_compute                      NEW function.
gcry_kdf_final                        NEW function.
gcry_kdf_close                        NEW function.
gcry_pk_hash_sign                     NEW function.
gcry_pk_hash_verify                   NEW function.
gcry_pk_random_override_new           NEW function.

Marking as elevated for CVE-2021-40528

Note: See TracTickets for help on using tickets.