non port: security/libgcrypt/pkg-plist |
Number of commits found: 47 |
Tuesday, 23 Jan 2024
|
21:51 Muhammad Moinur Rahman (bofh)
security/libgcrypt: Impelled to share/man
Approved by: portmgr (blanket)
7221d46 |
Friday, 24 Nov 2023
|
04:19 Cy Schubert (cy)
security/libgcrypt: Update to 1.10.3
5137427 |
Sunday, 25 Jun 2023
|
21:05 Jason E. Hale (jhale)
security/libgcrypt: Update to 1.10.2
1.10.2: https://dev.gnupg.org/T5905
1.10.1: https://dev.gnupg.org/T5810
1.10.0: https://dev.gnupg.org/T5691
PR: 272097
Approved by: cy (maintainer)
f3e746e |
Monday, 23 Aug 2021
|
21:09 Cy Schubert (cy)
security/libgcrypt: Update to 1.9.4
8d78b2e |
Sunday, 23 May 2021
|
03:41 Cy Schubert (cy)
security/libgcrypt: Make static an option
Static linked binaries, due to the fact that they're statically linked,
can pose a security risk should a library be updated and depending
software not be recompiled and linked. This was a hot topic on BUGTRAQ
about 25 years ago.
The default is to build static libraries so as not to alter the package
avoiding a POLA violation.
PR: 255735
Submitted by: Daniel Engberg <daniel.engberg.lists@pyret.net> (mostly)
Reported by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Reviewed by: cy
Tested by: cy
MFH: 2021Q2
527821a |
03:41 Cy Schubert (cy)
security/libgcrypt: update to 1.9.3
PR: 255735
Submitted by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Reviewed by: cy
Tested by: cy
MFH: 2021Q2
865a2a9 |
Thursday, 18 Feb 2021
|
14:41 cy
security/libgcrypt: update 1.9.1 --> 1.9.2
|
Wednesday, 3 Feb 2021
|
23:53 cy
security/libgcrypt: Update 1.8.7 --> 1.9.1
Note: 1.8.7 nor 1.9.1 are vulnerable to CVE-2021-3345. Only 1.9.0 is.
|
Saturday, 24 Oct 2020
|
13:19 cy
Update 1.8.6 --> 1.8.7
|
Monday, 5 Oct 2020
|
17:54 cy
Update 1.8.5 --> 1.8.6
|
Monday, 2 Sep 2019
|
08:20 cpm
security/libgcrypt: Update to 1.8.5
- Pet portlint
Noteworthy changes in version 1.8.5
===================================
* Bug fixes:
- Add mitigation against an ECDSA timing attack.
[T4626,CVE-2019-13627]
- Improve ECDSA unblinding.
* Other features:
- Provide a pkg-config file for libgcrypt.
Release-info: https://dev.gnupg.org/T4683
For further details, see
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000440.html
MFH: 2019Q3
Security: http://vuxml.freebsd.org/freebsd/c9c6c2f8-cd54-11e9-af89-080027ef1a23.html
|
Sunday, 28 Oct 2018
|
21:15 cpm
security/libgcrypt: Update to 1.8.4
- Update libgpg-error version required to 1.32
Changelog: https://lists.gnupg.org/pipermail/gnupg-announce/2018q4/000431.html
|
Wednesday, 13 Jun 2018
|
18:59 cpm
security/libgcrypt: Update to 1.8.3 (bugfix)
- Improve comment in Makefile
- Provide more elaborate port description and update WWW in pkg-descr
Noteworthy changes in version 1.8.3
===================================
- Use blinding for ECDSA signing to mitigate a novel side-channel
attack. [#4011,CVE-2018-0495]
- Fix incorrect counter overflow handling for GCM when using an IV
size other than 96 bit. [#3764]
- Fix incorrect output of AES-keywrap mode for in-place encryption
on some platforms.
- Fix the gcry_mpi_ec_curve_point point validation function.
- Fix rare assertion failure in gcry_prime_check.
Release info at <https://dev.gnupg.org/T4016>.
For further details, see
https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html
MFH: 2018Q2
Security: http://vuxml.freebsd.org/freebsd/9b5162de-6f39-11e8-818e-e8e0b747a45a.html
|
Friday, 15 Dec 2017
|
22:05 cpm
security/libgcrypt: update to 1.8.2
- Update libgcrypt to 1.8.2
- Bump library version in pkg-plist
Changelog: https://abi-laboratory.pro/tracker/changelog/libgcrypt/1.8.2/log.html
Binary compatibility report:
https://abi-laboratory.pro/tracker/compat_report/libgcrypt/1.8.1/1.8.2/29a74/abi_compat_report.html
MFH: 2017Q4
|
Wednesday, 30 Aug 2017
|
15:52 cpm
security/libgcrypt: update to 1.8.1
- Update libgcrypt to 1.8.1
- Bump library version in pkg-plist
Noteworthy changes in version 1.8.1
* Bug fixes:
- Mitigate a local side-channel attack on Curve25519 dubbed "May
the Fourth be With You". [CVE-2017-0379] [also in 1.7.9]
- Add more extra bytes to the pool after reading a seed file.
- Add the OID SHA384WithECDSA from RFC-7427 to SHA-384.
- Fix build problems with the Jitter RNG
- Fix assembler code build problems on Rasbian (ARMv8/AArch32-CE).
Changes: https://abi-laboratory.pro/tracker/changelog/libgcrypt/1.8.1/log.html
Binary compatibility report:
https://abi-laboratory.pro/tracker/compat_report/libgcrypt/1.8.0/1.8.1/31172/abi_compat_report.html
MFH: 2017Q3
Security: https://vuxml.freebsd.org/freebsd/22f28bb3-8d98-11e7-8c37-e8e0b747a45a.html
|
Friday, 21 Jul 2017
|
10:56 cpm
security/libgcrypt: update to 1.8.0
- Update libgcrypt to 1.8.0
- Update libgpg-error version required to 1.25
- Bump library version in pkg-plist
Changes: https://lists.gnupg.org/pipermail/gnupg-announce/2017q3/000410.html
Binary compatibility report:
https://abi-laboratory.pro/tracker/compat_report/libgcrypt/1.7.8/1.8.0/d9ddd/abi_compat_report.html
PR: 220858
MFH: 2017Q3
Exp-run by: antoine
|
Tuesday, 4 Jul 2017
|
17:38 cpm
security/libgcrypt: update to 1.7.8
- Update libgcrypt to 1.7.8
- Bump library version in pkg-plist
Noteworthy changes in version 1.7.8
* Bug fixes:
- Mitigate a flush+reload side-channel attack on RSA secret keys
dubbed "Sliding right into disaster". For details see
<https://eprint.iacr.org/2017/627>. [CVE-2017-7526]
Changes: https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html
Binary compatibility report:
https://abi-laboratory.pro/tracker/compat_report/libgcrypt/1.7.7/1.7.8/95cc7/abi_compat_report.html
PR: 220382
MFH: 2017Q3
Exp-run by: antoine
Security: https://www.vuxml.org/freebsd/ed3bf433-5d92-11e7-aa14-e8e0b747a45a.html
|
Wednesday, 7 Jun 2017
|
11:35 cpm
security/libgcrypt: update to 1.7.7
- Update libgcrypt to 1.7.7
- Silence all explicitly called commands
- Update WWW in pkg-descr: use https://
- Bump library version in pkg-plist
Noteworthy changes in version 1.7.7
* Bug fixes:
- Fix possible timing attack on EdDSA session key.
- Fix long standing bug in secure memory implementation which could
lead to a segv on free. [bug#3027].
PR: 219747
MFH: 2017Q2
Exp-run by: antoine
|
Monday, 23 Jan 2017
|
12:12 cpm
security/libgcrypt: update to 1.7.6
Noteworthy changes in version 1.7.6
* Bug fixes:
- Fix AES CTR self-check detected failure in the SSSE3 based
implementation.
- Remove gratuitous select before the getrandom syscall.
PR: 216305
MFH: 2017Q1
Exp-run by: antoine
|
Friday, 23 Dec 2016
|
15:45 cpm
security/libgcrypt: Update to 1.7.5
- Update to 1.7.5
- Remove files useless to install from DOCS
- Remove patch since sparc v8 is not supported on FreeBSD
- Bump library version in pkg-plist
Changelog:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q4/000399.html
PR: 215236
Approved by: amdmi3 (mentor)
MFH: 2016Q4
Exp-run by: antoine
|
Thursday, 18 Aug 2016
|
11:24 cpm
- Update to 1.7.3 (security fixes)
- Bump library version in pkg-plist
ref: https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
Reviewed by: amdmi3 (mentor)
Approved by: amdmi3 (mentor)
MFH: 2016Q3
Differential Revision: D7558
|
Wednesday, 20 Jul 2016
|
09:09 cpm
- Update to 1.7.2
- Bump library version in pkg-plist
Changelog:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000392.html
PR: 211153
Reviewed by: junovitch (mentor)
Approved by: junovitch (mentor)
MFH: 2016Q3
Exp-run: antoine
Differential Revision: D7221
|
Friday, 17 Jun 2016
|
23:00 cpm
- Update to 1.7.1
- Remove unneeded patch (applied upstream)
- Convert to new test framework
https://lists.gnupg.org/pipermail/gnupg-announce/2016q2/000389.html
PR: 210328
Reviewed by: amdmi3, junovitch (mentors)
Approved by: amdmi3, junovitch (mentors)
MFH: 2016Q2
Exp-run: antoine
Differential Revision: D6865
|
Saturday, 23 Apr 2016
|
10:01 cpm
- Update to 1.7.0
- Remove unneeded patches (applied upstream)
- Fix inline assembler error on 9.x
- Fix pkg-plist
Changelog: https://lists.gnupg.org/pipermail/gnupg-announce/2016q2/000386.html
PR: 208907
Approved by: junovitch (mentor)
Exp-run: antoine
Differential Revision: D5989
|
Tuesday, 16 Feb 2016
|
02:52 cpm
- Update libgcrypt to 1.6.5
- Change LICENSE since support has been added for "or later" variants of GNU
licenses.
- Remove needless patch-cipher_salsa20.c
Changes:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html
PR: 207107
Approved by: junovitch (mentor)
|
Thursday, 29 Oct 2015
|
14:30 sbruno
Enable the building and installation of the .a version of the library
for static linking. This affects emulators/qemu-user-static primarily
but will help anyone trying to statically link their applications.
Reviewed by: tijl cpm@fbsd.es (Maintainer)
|
Tuesday, 27 Oct 2015
|
15:54 sunpoet
- Update to 1.8.4
Changes: http://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000375.html
PR: 204003
Submitted by: Carlos J Puga Medina <cpm@fbsd.es> (maintainer)
|
Saturday, 28 Feb 2015
|
21:11 pi
security/libgcrypt: 1.6.2 -> 1.6.3
Changes:
http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html
PR: 198109
Submitted by: Carlos Jacobo Puga Medina <cpm@fbsd.es> (maintainer)
|
Friday, 2 Jan 2015
|
18:46 pi
security/libgcrypt: 1.6.1 -> 1.6.2, bump depends
Changes:
- src/sexp.c (do_vsexp_sscan): Return error for invalid args.
- cipher/md.c (_gcry_md_info): Fix a segv in case of calling
with wrong parameters.
- cipher/primegen.c (_gcry_generate_elg_prime): Change to return an
error code, possible NULL deref in call to prime generator.
- cipher/dsa.c (generate): Take care of new return code.
- cipher/elgamal.c (generate): Change to return an error code. Take
care of _gcry_generate_elg_prime return code.
- ecc: Support the non-standard 0x40 compression flag for EdDSA.
- mpi: Extend the internal mpi_get_buffer.
- mpi: Fix regression for powerpc-apple-darwin detection.
- Fix bug inhibiting the use of the sentinel attribute in src/gcrypt.h.in
- Fix building for the x32 target without asm modules in
mpi/generic/mpi-asm-defs.h: Use a fixed value for the x32 ABI.
- Fix ARM assembly when building __PIC__
- mpi: Fix a subtle bug setting spurious bits with in mpi_set_bit.
* mpi/mpi-bit.c (_gcry_mpi_set_bit, _gcry_mpi_set_highbit): Clear
allocated but not used bits before resizing.
* tests/t-mpi-bits.c (set_bit_with_resize): New.
- Use internal malloc function in fips.c.
* src/fips.c (check_binary_integrity): s/gcry_malloc/xtrymalloc/.
- pubkey: Re-map all deprecated RSA algo numbers.
- cipher: Fix possible NULL dereference in cipher/md.c for being NULL.
- Fix ARMv6 detection when CFLAGS modify target CPU architecture.
PR: 193264
Approved by: cpm@fbsd.es (maintainer)
|
Tuesday, 5 Aug 2014
|
22:13 tijl
Bump PORTREVISION on more ports that depend on libgcrypt after the update
in r363436 and remove the UPDATING entry because it did not guarantee
that all ports were updated nor that they were updated in the right order.
Also remove libgcrypt.la again.
PR: 192342
Approved by: portmgr (implicit, bump unstaged ports)
|
Saturday, 2 Aug 2014
|
21:57 pi
devel/security: re-add .la file
- py-gnome-extras (and others) depend on it
PR: 192342
Submitted by: freebsd@johnlevine.com
|
Wednesday, 30 Jul 2014
|
03:57 pi
security/libgcrypt: 1.5.3_3 -> 1.6.1
- Update to 1.6.1
- Remove some unneeded patches
- Fix pkg-plist
- report configure bug upstream
https://bugs.g10code.com/gnupg/issue1668
- report API breakage downstream and find that MacPorts had the same issue
https://rt.cpan.org/Ticket/Display.html?id=97201
- bump PORTREVISION for dependent ports (approx. 100 ports)
- Thanks to exp-run by antoine@ to find ports that break
- patch ports that would otherwise break
security/shishi with PR 192164 is already committed
[1] devel/ccrtp
[2] editors/abiword
[3] security/p5-Crypt-GCrypt
PR: 191256, 192162 [1], 192163 [2], 192166 [3]
Submitted by: Carlos Jacobo Puga Medina <cjpugmed@gmail.com>
Approved by: maintainer timeout, antoine (exp-run), portmgr (implicit)
|
Tuesday, 1 Apr 2014
|
13:12 tijl
- USES=libtool tar:bzip2.
- Enable asm on FreeBSD/i386 >= 10.0.
- Enable asm on FreeBSD/amd64. [1]
- Use MAKE_CMD instead of MAKE to run regression tests.
PR: ports/187441
Submitted by: Stoyan Dimov <pr.freebsd.org@registrations.systeem.com> [1]
Approved by: maintainer timeout (2 weeks)
|
Friday, 3 May 2013
|
16:35 ehaupt
Update to 1.5.2
Changelog:
http://lists.gnupg.org/pipermail/gnupg-announce/2013q1/000324.html (1.5.1)
http://lists.gnupg.org/pipermail/gnupg-announce/2013q2/000325.html (1.5.2)
PR: 177100
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> (maintainer)
|
Saturday, 25 Aug 2012
|
08:33 novel
- Properly define deprecated functions to remove warnings in other
ports
- Avoid installing multiple copies of the GPLv2 and LGPL21 licenses
- Bump PORTREVISION
PR: 170488
Submitted by: Jason E. Hale <bsdkaffee@gmail.com>
Approved by: Hirohisa Yamaguchi (maintainer)
|
Sunday, 3 Jul 2011
|
11:39 swills
- Update to 1.5.0
PR: ports/158574
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> (maintainer)
|
Tuesday, 27 Jul 2010
|
01:24 wxs
Update to 1.4.6.
PR: ports/148755
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> (maintainer)
|
Tuesday, 6 Jan 2009
|
12:59 rafan
- Update to 1.4.3
- Pass maintainership to submitter per PR 127224
PR: ports/127478
Submitted by: Hirohisa Yamaguchi <umq at ueo.co.jp>
Approved by: arved (maintainer)
|
Thursday, 28 Feb 2008
|
21:44 arved
Update to 1.4.0
PR: 118541
Submitted by: Hirohisa Yamaguchi
|
Sunday, 28 Jan 2007
|
09:07 kris
Use libtool port instead of included one to avoid objformat a.out botch
|
Tuesday, 11 Jan 2005
|
14:53 arved
Update libgcrypt to 1.2.1. Changes:
* made the code try to lock secure memory pool not only when running as
root,
* fixed type usage in Serpent,
* made the code mix the PID into the entropy pool for better protection
after a fork,
* fixed memory leak in RSA.
* fixed alignment problems in Rijndael,
* fixed memory leak in gcry_pk_sign(),
* fixed broken pointer access in gcry_ac_open(),
* updated the documentation,
* fixed several other bugs.
Chase Shared library version and bump PORTREVISION of affected ports.
|
Saturday, 8 May 2004
|
10:25 arved
Fix pkg-plist
Reported by: kris, markus
Pointy hat (not 216.136.204.22) to: arved
|
Monday, 3 May 2004
|
13:57 arved
Update libgcrypt to the new stable version 1.2.0
Retire libgcrypt-devel
Switch back to security/libgcrypt and bump PORTREVISION for
- gnutls
- gnutls-devel
- gsasl
- opencdk
- vpnc
libggz:
- Remove dependency on libgcrypt, because the port does not yet
work with the new libgcrypt
libksba:
- Update to 0.9.5
- Pass maintainership to lofi, who already maintains the other
aegypten ports.
Approved by: lofi
wmbiff:
Switch to security/libgcrypt but no PORTREVISION bump, because the
dependency is optional and the port does not work with the new
libgcrypt and needs to be updated.
No action, because ports don't work with the new libgcrypt and need
to be updated, maintainers informed:
security/newpg
security/pinentry
security/dirmngr
emulators/fuse
emulators/libspectrum
|
Monday, 4 Aug 2003
|
17:54 arved
Use new INFO macro
|
Wednesday, 26 Feb 2003
|
15:25 arved
Update to 1.1.12
PR: 48704
Submitted by: Sergei Kolobov <sergei@kolobov.com>
|
Thursday, 2 Jan 2003
|
14:18 arved
Update to 1.1.11
|
Monday, 14 Oct 2002
|
12:38 ijliao
add libgcrypt 1.1.0
General purpose crypto library based on code used in GnuPG
PR: 43894
Submitted by: Tilman Linneweh <tilman@arved.de>
|
Number of commits found: 47 |