Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=kirkstone-next 2021-01-14T19:58:08+00:00 2021-01-14T19:58:08+00:00 Leon Anavi leon.anavi@konsulko.com 2021-01-12T18:23:53+00:00 urn:sha1:f9af96120b2404f9d3aa9bc5b24058a5e37479af Upgrade to release 4.7: - Fix: CVE-2020-25658 - Bleichenbacher-style timing oracle in PKCS#1 v1.5 decryption code - Add padding length check as described by PKCS#1 v1.5 - Reuse of blinding factors to speed up blinding operations - Declare & test support for Python 3.9 Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> 2020-08-14T05:32:07+00:00 Leon Anavi leon.anavi@konsulko.com 2020-08-12T10:27:24+00:00 urn:sha1:aafa886ed1ecaa34b240696c06a0e8488054c741 Upgrade to release 4.6: - Rolled back the switch to Poetry, and reverted back to using Pipenv + setup.py for dependency management. There apparently is an issue no-binary installs of packages build with Poetry. - Limited SHA3 support to those Python versions (3.6+) that support it natively. The third-party library that adds support for this to Python 3.5 is a binary package, and thus breaks the pure-Python nature of Python-RSA. - To avoid older Python installations from trying to upgrade to RSA 4.4, this is now made explicit in the python_requires argument in setup.py The encrypt/decrypt-bigfile CLI commands have been removed in 2016 therefore the recipe has been updated accordingly. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>