godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-22 12:51:25 +03:00
Code Issues Packages Projects Releases Wiki Activity
46,915 Commits 28 Branches 277 Tags
fc75f57504bd2cae9445bed07b0e2de548c9514c
Commit Graph

15 Commits

Author SHA1 Message Date
Baruch Siach
ba2705fa4a libgcrypt: bump to version 1.8.4 
Drop patch 0001. We patch the configure script directly in patch 0002,
and we don't autoreconf. So this patch has no effect (never had).

Rename patch 0002. The next version bump should drop this patch as well.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 2018-11-01 13:55:13 +01:00
Baruch Siach
b6543b5fdf libgcrypt: security bump to version 1.8.3 
Fixes CVE-2018-0495: ECDSA signing side-channel attack.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-06-15 13:16:06 +02:00
Baruch Siach
bf0f8fae14 libgcrypt: bump to version 1.8.2 
Add license hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-01-12 19:53:49 +01:00
Bernd Kuhls
343db82cb2 package/libgcrypt: bump version to 1.8.1 
Added sha1 hash provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-09-17 18:31:08 +02:00
Baruch Siach
cd4514109a libgcrypt: security bump to version 1.7.9 
Fixes CVE-2017-0379: Mitigate a local side-channel attack on Curve25519
dubbed "May the Fourth be With You".

As we are close to release, don't update to the latest 1.8.1 version,
but to a maintenance release from the 1.7 branch.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-08-30 22:08:21 +02:00
Baruch Siach
10ce9c6f8d libgcrypt: security bump to version 1.7.8 
>From the NEWS file:

- Mitigate a flush+reload side-channel attack on RSA secret keys
  dubbed "Sliding right into disaster".  For details see
  <https://eprint.iacr.org/2017/627>.  [CVE-2017-7526]

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-07-01 10:09:54 +02:00
Baruch Siach
869c8dfd7b libgcrypt: security bump to version 1.7.7 
Fix possible timing attack on EdDSA session key.

https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000406.html

Add upstream provided SHA1 hash.

Switch to https download for better corporate firewall compatibility.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-06-06 17:18:32 +02:00
Jörg Krause
75dd0d439c package/libgcrypt: bump to version 1.7.6 
No announcement was made for this version, so the hash was calculated locally.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-01-27 13:10:06 +01:00
Gustavo Zacarias
fd469943b9 libgcrypt: bump to version 1.7.5 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-12-30 21:12:36 +01:00
Baruch Siach
55c74d6b97 libgcrypt: security bump to version to version 1.7.3 
Fixes CVE-2016-6316: Bug in the mixing functions of Libgcrypt's random number
generator. An attacker who obtains 4640 bits from the RNG can trivially
predict the next 160 bits of output.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-08-18 09:18:24 +02:00
Vicente Olivert Riera
a766300737 libgcrypt: bump version to 1.7.2 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-07-15 14:29:35 +02:00
Gustavo Zacarias
f05056b03e libgcrypt: security bump to version 1.6.5 
Fixes:
CVE-2015-7511 - Mitigate side-channel attack on ECDH with Weierstrass
curves.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-02-11 23:09:12 +01:00
Vicente Olivert Riera
7e5ddfbf85 libgcrypt: bump version to 1.6.4 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-09-11 19:49:04 +02:00
Gustavo Zacarias
b3db3aba6e libgcrypt: security bump to version 1.6.3 
Fixes:
CVE-2014-3591 - Use ciphertext blinding for Elgamal decryption
CVE-2015-0837 - Fixed data-dependent timing variations in modular
exponentiation.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-02-28 13:03:54 +01:00
Gustavo Zacarias
766435b722 libgcrypt: add hash file 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-10-07 12:31:05 +02:00