diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2026-04-06 14:03:08 +0200 |
|---|---|---|
| committer | Khem Raj <khem.raj@oss.qualcomm.com> | 2026-04-06 09:46:29 -0700 |
| commit | e50cf01385db3657c1aa1847fcca06c60ffa144f (patch) | |
| tree | ce76bdcbaf859be127daab0f4806842ec18c6fa9 /meta-oe/recipes-crypto | |
| parent | 39adc57e1749a67eaa592c842c82cc9c22d15b51 (diff) | |
| download | meta-openembedded-e50cf01385db3657c1aa1847fcca06c60ffa144f.tar.gz | |
botan: upgrade 3.11.0 -> 3.11.1
Contains fixes for CVE-2026-35580 and CVE-2026-35582
Changelog: https://botan.randombit.net/news.html#version-3-11-1-2026-03-31
-CVE-2026-35580: Resolve certificate verification bypass bug introduced in 3.11.0
-CVE-2026-35582: Resolve TLS 1.3 client authentication bypass
-Add optimized Argon2 implementation using AVX512
-Add optimized and constant-time Twofish implementation using AVX512/GFNI
-Add optimized and constant-time SEED implementation using AVX512/GFNI
-Add optimized and constant-time Whirlpool implementations using AVX2 and AVX512
-Add SSSE3/NEON and AVX2 optimized codepaths for CTR
-Add constant time implementations of Camellia, ARIA, SEED and SM4 using
AES-NI or ARMv8 AES instructions to implement sbox lookups
-Improve performance of the AVX512 implementation of SHA-512 especially for Clang
-Optimizations for the IDEA modular multiplication
-Fix various minor TLS conformance issues flagged by TLS-Anvil
-Fix bug in Ed25519 where an invalid signature checked with PK_Verifier
might cause a later valid signature to be rejected.
-Fix a bug in handling of ECDSA DER-encode signatures where an invalid
signature checked with PK_Verifier might cause a later valid signature to be rejected.
-Fix a problem introduced in 3.11.0 which could cause crashes on processors without
SSSE3 support, particularly when compiled by GCC.
-Fix various new warnings from clang-tidy 22
-Fix a compilation error introduced in 3.11.0 which prevented using ffi
unless bcrypt was also enabled.
-Avoid a macro collision with Microsoft headers that could cause a compilation
problem in amalgamation mode.
-Enable explicit_bzero, getentropy, getrandom on Hurd
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Diffstat (limited to 'meta-oe/recipes-crypto')
| -rw-r--r-- | meta-oe/recipes-crypto/botan/botan_3.11.1.bb (renamed from meta-oe/recipes-crypto/botan/botan_3.11.0.bb) | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta-oe/recipes-crypto/botan/botan_3.11.0.bb b/meta-oe/recipes-crypto/botan/botan_3.11.1.bb index e60d826459..d3d0498ec6 100644 --- a/meta-oe/recipes-crypto/botan/botan_3.11.0.bb +++ b/meta-oe/recipes-crypto/botan/botan_3.11.1.bb | |||
| @@ -6,7 +6,7 @@ SECTION = "libs" | |||
| 6 | 6 | ||
| 7 | SRC_URI = "https://botan.randombit.net/releases/Botan-${PV}.tar.xz \ | 7 | SRC_URI = "https://botan.randombit.net/releases/Botan-${PV}.tar.xz \ |
| 8 | file://run-ptest" | 8 | file://run-ptest" |
| 9 | SRC_URI[sha256sum] = "e8dd48556818da2c03a9a30932ad05db9e50b12fec90809301ecc64ea51bd11e" | 9 | SRC_URI[sha256sum] = "c1cd7152519f4188591fa4f6ddeb116bc1004491f5f3c58aa99b00582eb8a137" |
| 10 | 10 | ||
| 11 | S = "${UNPACKDIR}/Botan-${PV}" | 11 | S = "${UNPACKDIR}/Botan-${PV}" |
| 12 | 12 | ||
