| non port: security/libgcrypt/pkg-plist |
|
SVNWeb
|
Number of commits found: 44 |
|
Mon, 23 Aug 2021
|
[ 21:09 Cy Schubert (cy)  ]    8d78b2e
security/libgcrypt: Update to 1.9.4
|
|
Sun, 23 May 2021
|
[ 03:41 Cy Schubert (cy) ] 527821a
security/libgcrypt: Make static an option
Static linked binaries, due to the fact that they're statically linked,
can pose a security risk should a library be updated and depending
software not be recompiled and linked. This was a hot topic on BUGTRAQ
about 25 years ago.
The default is to build static libraries so as not to alter the package
avoiding a POLA violation.
PR: 255735
Submitted by: Daniel Engberg <daniel.engberg.lists@pyret.net> (mostly)
Reported by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Reviewed by: cy
Tested by: cy
MFH: 2021Q2
|
[ 03:41 Cy Schubert (cy) ] 865a2a9
security/libgcrypt: update to 1.9.3
PR: 255735
Submitted by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Reviewed by: cy
Tested by: cy
MFH: 2021Q2
|
|
Thu, 18 Feb 2021
|
[ 14:41 cy ]  
security/libgcrypt: update 1.9.1 --> 1.9.2
|
|
Wed, 3 Feb 2021
|
[ 23:53 cy ]
security/libgcrypt: Update 1.8.7 --> 1.9.1
Note: 1.8.7 nor 1.9.1 are vulnerable to CVE-2021-3345. Only 1.9.0 is.
|
|
Sat, 24 Oct 2020
|
[ 13:19 cy ]
Update 1.8.6 --> 1.8.7
|
|
Mon, 5 Oct 2020
|
[ 17:54 cy ]
Update 1.8.5 --> 1.8.6
|
|
Mon, 2 Sep 2019
|
[ 08:20 cpm ]
security/libgcrypt: Update to 1.8.5
- Pet portlint
Noteworthy changes in version 1.8.5
===================================
* Bug fixes:
- Add mitigation against an ECDSA timing attack.
[T4626,CVE-2019-13627]
- Improve ECDSA unblinding.
* Other features:
- Provide a pkg-config file for libgcrypt.
Release-info: https://dev.gnupg.org/T4683
For further details, see
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000440.html
MFH: 2019Q3
Security: http://vuxml.freebsd.org/freebsd/c9c6c2f8-cd54-11e9-af89-080027ef1a23.html
|
|
Sun, 28 Oct 2018
|
[ 21:15 cpm ]
security/libgcrypt: Update to 1.8.4
- Update libgpg-error version required to 1.32
Changelog: https://lists.gnupg.org/pipermail/gnupg-announce/2018q4/000431.html
|
|
Wed, 13 Jun 2018
|
[ 18:59 cpm ]
security/libgcrypt: Update to 1.8.3 (bugfix)
- Improve comment in Makefile
- Provide more elaborate port description and update WWW in pkg-descr
Noteworthy changes in version 1.8.3
===================================
- Use blinding for ECDSA signing to mitigate a novel side-channel
attack. [#4011,CVE-2018-0495]
- Fix incorrect counter overflow handling for GCM when using an IV
size other than 96 bit. [#3764]
- Fix incorrect output of AES-keywrap mode for in-place encryption(Only the first 15 lines of the commit message are shown above  )
|
|
Fri, 15 Dec 2017
|
[ 22:05 cpm ]
security/libgcrypt: update to 1.8.2
- Update libgcrypt to 1.8.2
- Bump library version in pkg-plist
Changelog: https://abi-laboratory.pro/tracker/changelog/libgcrypt/1.8.2/log.html
Binary compatibility report:
https://abi-laboratory.pro/tracker/compat_report/libgcrypt/1.8.1/1.8.2/29a74/abi_compat_report.html
MFH: 2017Q4
|
|
Wed, 30 Aug 2017
|
[ 15:52 cpm ]
security/libgcrypt: update to 1.8.1
- Update libgcrypt to 1.8.1
- Bump library version in pkg-plist
Noteworthy changes in version 1.8.1
* Bug fixes:
- Mitigate a local side-channel attack on Curve25519 dubbed "May
the Fourth be With You". [CVE-2017-0379] [also in 1.7.9]
- Add more extra bytes to the pool after reading a seed file.
- Add the OID SHA384WithECDSA from RFC-7427 to SHA-384.
- Fix build problems with the Jitter RNG
- Fix assembler code build problems on Rasbian (ARMv8/AArch32-CE).
Changes: https://abi-laboratory.pro/tracker/changelog/libgcrypt/1.8.1/log.html
Binary compatibility report:
https://abi-laboratory.pro/tracker/compat_report/libgcrypt/1.8.0/1.8.1/31172/abi_compat_report.html
MFH: 2017Q3
Security: https://vuxml.freebsd.org/freebsd/22f28bb3-8d98-11e7-8c37-e8e0b747a45a.html
|
|
Fri, 21 Jul 2017
|
[ 10:56 cpm ]
security/libgcrypt: update to 1.8.0
- Update libgcrypt to 1.8.0
- Update libgpg-error version required to 1.25
- Bump library version in pkg-plist
Changes: https://lists.gnupg.org/pipermail/gnupg-announce/2017q3/000410.html
Binary compatibility report:
https://abi-laboratory.pro/tracker/compat_report/libgcrypt/1.7.8/1.8.0/d9ddd/abi_compat_report.html
PR: 220858
MFH: 2017Q3
Exp-run by: antoine
|
|
Tue, 4 Jul 2017
|
[ 17:38 cpm ]
security/libgcrypt: update to 1.7.8
- Update libgcrypt to 1.7.8
- Bump library version in pkg-plist
Noteworthy changes in version 1.7.8
* Bug fixes:
- Mitigate a flush+reload side-channel attack on RSA secret keys
dubbed "Sliding right into disaster". For details see
<https://eprint.iacr.org/2017/627>. [CVE-2017-7526]
Changes: https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html
Binary compatibility report:
https://abi-laboratory.pro/tracker/compat_report/libgcrypt/1.7.7/1.7.8/95cc7/abi_compat_report.html
PR: 220382
MFH: 2017Q3
Exp-run by: antoine
Security: https://www.vuxml.org/freebsd/ed3bf433-5d92-11e7-aa14-e8e0b747a45a.html
|
|
Wed, 7 Jun 2017
|
[ 11:35 cpm ]
security/libgcrypt: update to 1.7.7
- Update libgcrypt to 1.7.7
- Silence all explicitly called commands
- Update WWW in pkg-descr: use https://
- Bump library version in pkg-plist
Noteworthy changes in version 1.7.7
* Bug fixes:
- Fix possible timing attack on EdDSA session key.
- Fix long standing bug in secure memory implementation which could
lead to a segv on free. [bug#3027].
PR: 219747
MFH: 2017Q2
Exp-run by: antoine
|
|
Mon, 23 Jan 2017
|
[ 12:12 cpm ]
security/libgcrypt: update to 1.7.6
Noteworthy changes in version 1.7.6
* Bug fixes:
- Fix AES CTR self-check detected failure in the SSSE3 based
implementation.
- Remove gratuitous select before the getrandom syscall.
PR: 216305
MFH: 2017Q1
Exp-run by: antoine
|
|
Fri, 23 Dec 2016
|
[ 15:45 cpm ]
security/libgcrypt: Update to 1.7.5
- Update to 1.7.5
- Remove files useless to install from DOCS
- Remove patch since sparc v8 is not supported on FreeBSD
- Bump library version in pkg-plist
Changelog:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q4/000399.html
PR: 215236
Approved by: amdmi3 (mentor)
MFH: 2016Q4
Exp-run by: antoine
|
|
Thu, 18 Aug 2016
|
[ 11:24 cpm ]
- Update to 1.7.3 (security fixes)
- Bump library version in pkg-plist
ref: https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
Reviewed by: amdmi3 (mentor)
Approved by: amdmi3 (mentor)
MFH: 2016Q3
Differential Revision: D7558
|
|
Wed, 20 Jul 2016
|
[ 09:09 cpm ]
- Update to 1.7.2
- Bump library version in pkg-plist
Changelog:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000392.html
PR: 211153
Reviewed by: junovitch (mentor)
Approved by: junovitch (mentor)
MFH: 2016Q3
Exp-run: antoine
Differential Revision: D7221
|
|
Fri, 17 Jun 2016
|
[ 23:00 cpm ]
- Update to 1.7.1
- Remove unneeded patch (applied upstream)
- Convert to new test framework
https://lists.gnupg.org/pipermail/gnupg-announce/2016q2/000389.html
PR: 210328
Reviewed by: amdmi3, junovitch (mentors)
Approved by: amdmi3, junovitch (mentors)
MFH: 2016Q2
Exp-run: antoine
Differential Revision: D6865
|
|
Sat, 23 Apr 2016
|
[ 10:01 cpm ]
- Update to 1.7.0
- Remove unneeded patches (applied upstream)
- Fix inline assembler error on 9.x
- Fix pkg-plist
Changelog: https://lists.gnupg.org/pipermail/gnupg-announce/2016q2/000386.html
PR: 208907
Approved by: junovitch (mentor)
Exp-run: antoine
Differential Revision: D5989
|
|
Tue, 16 Feb 2016
|
[ 02:52 cpm ]
- Update libgcrypt to 1.6.5
- Change LICENSE since support has been added for "or later" variants of GNU
licenses.
- Remove needless patch-cipher_salsa20.c
Changes:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html
PR: 207107
Approved by: junovitch (mentor)
|
|
Thu, 29 Oct 2015
|
[ 14:30 sbruno ]
Enable the building and installation of the .a version of the library
for static linking. This affects emulators/qemu-user-static primarily
but will help anyone trying to statically link their applications.
Reviewed by: tijl cpm@fbsd.es (Maintainer)
|
|
Tue, 27 Oct 2015
|
[ 15:54 sunpoet ]
- Update to 1.8.4
Changes: http://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000375.html
PR: 204003
Submitted by: Carlos J Puga Medina <cpm@fbsd.es> (maintainer)
|
|
Sat, 28 Feb 2015
|
[ 21:11 pi ]
security/libgcrypt: 1.6.2 -> 1.6.3
Changes:
http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html
PR: 198109
Submitted by: Carlos Jacobo Puga Medina <cpm@fbsd.es> (maintainer)
|
|
Fri, 2 Jan 2015
|
[ 18:46 pi ] (Only the first 10 of 104 ports in this commit are shown above. )
security/libgcrypt: 1.6.1 -> 1.6.2, bump depends
Changes:
- src/sexp.c (do_vsexp_sscan): Return error for invalid args.
- cipher/md.c (_gcry_md_info): Fix a segv in case of calling
with wrong parameters.
- cipher/primegen.c (_gcry_generate_elg_prime): Change to return an
error code, possible NULL deref in call to prime generator.
- cipher/dsa.c (generate): Take care of new return code.
- cipher/elgamal.c (generate): Change to return an error code. Take
care of _gcry_generate_elg_prime return code.
- ecc: Support the non-standard 0x40 compression flag for EdDSA.
- mpi: Extend the internal mpi_get_buffer.
- mpi: Fix regression for powerpc-apple-darwin detection.
- Fix bug inhibiting the use of the sentinel attribute in src/gcrypt.h.in (Only the first 15 lines of the commit message are shown above )
|
|
Tue, 5 Aug 2014
|
[ 22:13 tijl ] (Only the first 10 of 119 ports in this commit are shown above. )
Bump PORTREVISION on more ports that depend on libgcrypt after the update
in r363436 and remove the UPDATING entry because it did not guarantee
that all ports were updated nor that they were updated in the right order.
Also remove libgcrypt.la again.
PR: 192342
Approved by: portmgr (implicit, bump unstaged ports)
|
|
Sat, 2 Aug 2014
|
[ 21:57 pi ]
devel/security: re-add .la file
- py-gnome-extras (and others) depend on it
PR: 192342
Submitted by: freebsd@johnlevine.com
|
|
Wed, 30 Jul 2014
|
[ 03:57 pi ] (Only the first 10 of 94 ports in this commit are shown above. )
security/libgcrypt: 1.5.3_3 -> 1.6.1
- Update to 1.6.1
- Remove some unneeded patches
- Fix pkg-plist
- report configure bug upstream
https://bugs.g10code.com/gnupg/issue1668
- report API breakage downstream and find that MacPorts had the same issue
https://rt.cpan.org/Ticket/Display.html?id=97201
- bump PORTREVISION for dependent ports (approx. 100 ports)
- Thanks to exp-run by antoine@ to find ports that break
- patch ports that would otherwise break
security/shishi with PR 192164 is already committed
[1] devel/ccrtp
[2] editors/abiword
[3] security/p5-Crypt-GCrypt
PR: 191256, 192162 [1], 192163 [2], 192166 [3]
Submitted by: Carlos Jacobo Puga Medina <cjpugmed@gmail.com>
Approved by: maintainer timeout, antoine (exp-run), portmgr (implicit)
|
|
Tue, 1 Apr 2014
|
[ 13:12 tijl ]
- USES=libtool tar:bzip2.
- Enable asm on FreeBSD/i386 >= 10.0.
- Enable asm on FreeBSD/amd64. [1]
- Use MAKE_CMD instead of MAKE to run regression tests.
PR: ports/187441
Submitted by: Stoyan Dimov <pr.freebsd.org@registrations.systeem.com> [1]
Approved by: maintainer timeout (2 weeks)
|
|
Fri, 3 May 2013
|
[ 16:35 ehaupt ]
Update to 1.5.2
Changelog:
http://lists.gnupg.org/pipermail/gnupg-announce/2013q1/000324.html (1.5.1)
http://lists.gnupg.org/pipermail/gnupg-announce/2013q2/000325.html (1.5.2)
PR: 177100
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> (maintainer)
|
|
Sat, 25 Aug 2012
|
[ 08:33 novel ]
- Properly define deprecated functions to remove warnings in other
ports
- Avoid installing multiple copies of the GPLv2 and LGPL21 licenses
- Bump PORTREVISION
PR: 170488
Submitted by: Jason E. Hale <bsdkaffee@gmail.com>
Approved by: Hirohisa Yamaguchi (maintainer)
|
|
Sun, 3 Jul 2011
|
[ 11:39 swills ]
- Update to 1.5.0
PR: ports/158574
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> (maintainer)
|
|
Tue, 27 Jul 2010
|
[ 01:24 wxs ]
Update to 1.4.6.
PR: ports/148755
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> (maintainer)
|
|
Tue, 6 Jan 2009
|
[ 12:59 rafan ]
- Update to 1.4.3
- Pass maintainership to submitter per PR 127224
PR: ports/127478
Submitted by: Hirohisa Yamaguchi <umq at ueo.co.jp>
Approved by: arved (maintainer)
|
|
Thu, 28 Feb 2008
|
[ 21:44 arved ]
Update to 1.4.0
PR: 118541
Submitted by: Hirohisa Yamaguchi
|
|
Sun, 28 Jan 2007
|
[ 09:07 kris ] (Only the first 10 of 103 ports in this commit are shown above. )
Use libtool port instead of included one to avoid objformat a.out botch
|
|
Tue, 11 Jan 2005
|
[ 14:53 arved ] (Only the first 10 of 12 ports in this commit are shown above. )
Update libgcrypt to 1.2.1. Changes:
* made the code try to lock secure memory pool not only when running as
root,
* fixed type usage in Serpent,
* made the code mix the PID into the entropy pool for better protection
after a fork,
* fixed memory leak in RSA.
* fixed alignment problems in Rijndael,
* fixed memory leak in gcry_pk_sign(),
* fixed broken pointer access in gcry_ac_open(),
* updated the documentation,
* fixed several other bugs.
Chase Shared library version and bump PORTREVISION of affected ports.
|
|
Sat, 8 May 2004
|
[ 10:25 arved ]
Fix pkg-plist
Reported by: kris, markus
Pointy hat (not 216.136.204.22) to: arved
|
|
Mon, 3 May 2004
|
[ 13:57 arved ] (Only the first 10 of 21 ports in this commit are shown above. )
Update libgcrypt to the new stable version 1.2.0
Retire libgcrypt-devel
Switch back to security/libgcrypt and bump PORTREVISION for
- gnutls
- gnutls-devel
- gsasl
- opencdk
- vpnc
libggz:
- Remove dependency on libgcrypt, because the port does not yet
work with the new libgcrypt
libksba: (Only the first 15 lines of the commit message are shown above )
|
|
Mon, 4 Aug 2003
|
[ 17:54 arved ]
Use new INFO macro
|
|
Wed, 26 Feb 2003
|
[ 15:25 arved ]
Update to 1.1.12
PR: 48704
Submitted by: Sergei Kolobov <sergei@kolobov.com>
|
|
Thu, 2 Jan 2003
|
[ 14:18 arved ]
Update to 1.1.11
|
|
Mon, 14 Oct 2002
|
[ 12:38 ijliao ]
add libgcrypt 1.1.0
General purpose crypto library based on code used in GnuPG
PR: 43894
Submitted by: Tilman Linneweh <tilman@arved.de>
|
Number of commits found: 44 |
As an Amazon Associate I earn from qualifying purchases.