Navigation:
Browse pkgsrc
(this page)
security libgcryp..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] 2026-04-16 14:44:40 by Adam Ciarcinski | Files touched by this commit (2) |  |
Log message: libgcrypt: updated to 1.12.2 Noteworthy changes in version 1.12.2 (2026-04-15) * Bug fixes: - Fix possible ECDH buffer overwrite with zeroes. - Add a missing bounds check to the Dilithium context handling. - Add point validation when using the new KEM interface. * Other: - Fix the dead-code of stronger_key_check for RSA. |
2026-02-22 20:52:38 by Adam Ciarcinski | Files touched by this commit (5) |  |
Log message:
libgcrypt: updated to 1.12.1
Noteworthy changes in version 1.12.1 (2026-02-20)
* Bug fixes:
- Fix for aSmartOS (Solaris) build problem due to AVX2 changes.
- Fix a regression in gcry_mpi_ec_curve_point.
- Make sure to have MPI limbs pre-allocated in ECC and fix
Weierstrass curve use with PUBKEY_FLAG_PARAM.
* Other:
- Add MPI configuration for NetBSD m68k.
|
| 2026-02-01 09:51:16 by Thomas Klausner | Files touched by this commit (3) |
Log message: libgcrypt: add upstream patch candidate for SmartOS fix |
| 2026-01-30 15:01:25 by Thomas Klausner | Files touched by this commit (9) | |
Log message:
libgcrypt: update to 1.12.0.
Noteworthy changes in version 1.12.0 (2026-01-29) [C27/A7/R0]
-------------------------------------------------
* New and extended interfaces:
- Allow access to the FIPS service indicator via the new
GCRYCTL_FIPS_SERVICE_INDICATOR control code.
[T7338,rCd0db6a5abf,rCf51f4e9893]
- Add GCRYCTL_FIPS_REJECT_NON_FIPS control code. [T7338,rCe52adf0948]
- Add GCRY_FIPS_FLAG_REJECT_PK_FLAGS constant. [T7338,rC0414e126b9]
- Make SHA-1 non-FIPS internally for the 1.12 API. This introduces
the GCRY_FIPS_FLAG_REJECT_MD_SHA1 constant. [rC4ee91a94bc]
- Add GCRY_FIPS_FLAG_REJECT_PK_FLAGS. [rC0414e126b9]
- Provide macros for each KEM enum constant. [rCe9b1c3ec91]
- Add Dilithium (ML-DSA) support. [T7640]
- Support optional random-override and support byte string data.
[rCcbefff5fca,rC3bb4a54f43]
* Performance:
- Add VAES/AVX512 accelerated implementation for AES which boosts
OCB performance by about 2 times on AMD Zen5. [rC9e3af928ee]
- Avoid AVX512/AVX2/SSSE3 for single block processing with Zen5 for
ChaCha20. [rCc1d9fff3b2]
- Avoid AVX/AVX2/AVX512 when CPU has high vector inst latency like
Zen5 for Blake2. [rCe5bc3b2826]
- Various optimizations for Camellia.
[rCf5848080d4,rCb9bafd6c6c,rC8b538a8c76]
- Add POLYVAL acceleration for RISC-V and GCM-SIV. [rC00815c4207]
- Add RISC-V Zbb+Zbc implementation of CRC. [rCab4fa2a19c]
- Add RISC-V vector cryptography implementation of GHASH.
[rCcc2a4b6388]
- Add RISC-V vector cryptography implementation of AES.
[rCb000ab6025]
- Add RISC-V vector cryptography implementations of SHA256 and
SHA512. [rCcc1d5b0b5e]
- Add AVX2 and AVX512 code paths to improve CRC. [rCc30788969d]
* Bug fixes:
- Use secure MPI in _gcry_mpi_assign_limb_space. [rC6e77b09cff]
- Use CSIDL_COMMON_APPDATA instead of /etc on Windows. [rCd5e3cbfd88]
- Apply a Kyber patch from upstream. [rCbdc3724d72]
- Fix an edge case in Jent initialization. [rC0ceca9993f]
- mceliece6688128f: Fix stack overflow crash on win64/wine
[rC5bd9320171]
* Other:
- Add support for IBM z/OS, fixing -lpthread check with glibc.
[rC5af59d8454]
- Introduce mpi_tfr and use it for point_tfr to decrease EM signal
and increase EM noise. [rC4e65996bb8]
- Handle HAVE_BROKEN_MLOCK for the case of building with ASAN.
[T7889]
- Harden mask generation against branch optimization for several
algorithms. [e.g. rC4012e9a037,rCbf7546c502,rC052b03fb0c]
- Improve constant-time operation for ECDSA. [T7519,rC0bd4c77be6]
|
| 2026-01-09 20:26:57 by Nia Alarie | Files touched by this commit (2) |
Log message: libgcrypt: Fix bswap patch. |
| 2025-08-05 08:08:38 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
libgcrypt: updated to 1.11.2
Noteworthy changes in version 1.11.2 (2025-08-04)
* Bug fixes:
- Fix link errors in regression test t-thread-local on some
platforms (e.g. NetBSD).
- Add missing file to allow building for RISC-V.
- Support secp256k1 by KEM API. GnuPG has recently switched to use
the KEM interface and a few folks are using this curve.
- Fix a missing initialization in RSA's generate_fips.
* Other:
- Silence GCC 15 warnings
- Provide a prototype for __udiv_qrnnd for PowerPC and Alpha which
is required due to GCC-15 changes.
- Add missing abi versions and machine tags for PowerPC assembly
with GCC-15.
- Use '.rodata' section for read-only data of poly1305-p10le.
* Interface changes relative to the 1.11.1 release:
GCRY_KEM_RAW_P256R1 NEW enum.
|
| 2025-07-13 19:27:12 by Roland Illig | Files touched by this commit (7) |
Log message: several packages: remove unknown --with-iconv-prefix configure option |
| 2025-05-09 16:05:32 by Adam Ciarcinski | Files touched by this commit (6) | |
Log message: libgcrypt: updated to 1.11.1 Noteworthy changes in version 1.11.1 (2025-05-07) * Bug fixes: - Fix build regression on 32 bit Windows using Clang. - Fix build regression on macOS due to symbol naming. - Fix Kyber secret-dependent branch introduced by recent versions of Clang. - Fix build regression due to the use of AVX512 in Blake. - Do not build i386 asm on amd64 and vice versa. - Fix build regression on armhf with gcc-14. - Return the proper error code on malloc failure in hex2buffer. - Fix long standing bug for PRIME % 2 == 0. |
New packages: