3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

56 commits

Author SHA1 Message Date
Robert Scott 785fa836a1 botan: mark as vulnerable to CVE-2021-40529 2021-09-08 01:00:46 +01:00
Robert Scott 63bf10c848 botan2: add patch for CVE-2021-40529 2021-09-08 00:59:44 +01:00
Robert Scott 509b969a18 botan2: 2.18.0 -> 2.18.1 2021-09-08 00:25:12 +01:00
Felix Buehler 87316d778b various: cleanup of "inherit version;" 2021-07-18 00:19:24 +02:00
Robert Schütz d4c033a206 botan: mark as insecure 2021-04-29 15:33:01 +02:00
Robert Schütz 45d492b3b3 botan2: 2.17.3 -> 2.18.0
https://botan.randombit.net/news.html#version-2-18-0-2021-04-15
2021-04-29 15:22:01 +02:00
Frederik Rietdijk 8d03aea178 botan: use python3 2021-03-25 11:08:09 +01:00
Thomas Gerbet 9a18802edf botan2: 2.17.2 -> 2.17.3
Fixes CVE-2021-24115.
2021-03-06 19:49:03 +01:00
Ben Siraphob 66e44425c6 pkgs/development/libraries: stdenv.lib -> lib 2021-01-21 19:11:02 -08:00
Sandro Jäckel 490a4b6ded botan: fix compilation on darwin 2021-01-16 10:56:42 -08:00
Jan Beinke eb6a446039 botan2: add aarch64-linux to platforms 2021-01-10 23:28:01 +01:00
Martin Weinelt 4630fcf686
botan2: 2.9.0 -> 2.17.2
In botan 2.11.0 the upstream switched to tar.xz archives. To continue
supporting botan1 the source package extension can now be overriden from
within the specialized package.

Addresses two advisories, neither of which received a CVE:
- 2020-07-05: Failure to enforce name constraints on alternative names
- 2020-03-24: Side channel during CBC padding
2020-11-30 19:35:13 +01:00
Red Davies 93b523d030 botan2: update 2.7.0 -> 2.9.0
Fixes:
CVE-2018-12435: requires >= 2.7.0 (NVD extry is incorrect)
"Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected."
A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key.

CVE-2018-20187: requires >= 2.9.0
"Introduced in 1.11.20, fixed in 2.8.0."
A timing side channel during ECC key generation could leak information about the high bits of the secret scalar. Such information allows an attacker to perform a brute force attack on the key somewhat more efficiently than they would otherwise.
2020-11-24 14:11:14 -05:00
volth 46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
leenaars 584561bb06 botan: 2.6.0 -> 2.7.0 (#43223) 2018-07-09 12:52:38 +02:00
Michael Raskin 8b62a1b4b1 botan2: 2.3 -> 2.6 2018-05-02 02:46:52 +02:00
Michael Raskin 88788e7c02 botan2: update .upstream file to the new versioning approach 2017-11-11 15:31:37 +01:00
Franz Pletz d72ae07c24
botan: 1.10.15 -> 1.10.17 for CVE-2017-14737 2017-10-24 14:21:07 +02:00
Franz Pletz acc8d160f0
botan2: 2.0.1 -> 2.3.0 for CVE-2017-14737 2017-10-24 14:21:07 +02:00
Franz Pletz 2f50385352
botanUnstable: remove, unused 2017-10-24 14:21:07 +02:00
Tuomas Tynkkynen 6e3499efc5 botan: Broken on aarch64
https://nix-cache.s3.amazonaws.com/log/2vjsb2fs5z9nkr4h4sjwvgy0vflbq4hg-botan-1.10.15.drv
2017-06-11 04:41:47 +03:00
Matthew Bauer 3baff95efd
botan: fix macOS build 2017-04-08 23:49:55 -05:00
Michael Raskin 6962e84b8d botan2: init at 2.0.1 2017-03-09 18:47:37 +01:00
Michael Raskin c1f6eeb822 botan: 1.10.14 -> 1.10.14 2017-02-01 19:28:45 +01:00
Michael Raskin 21d4d54a38 botan: 1.11.32 -> 1.11.34 2016-12-28 13:47:01 +01:00
Michael Raskin c12613c111 botan: 1.10.13 -> 1.10.14, enforce c++11 2016-12-28 13:47:01 +01:00
Michael Raskin ea6f03d1ca botan: 1.11.31 -> 1.11.32 2016-10-03 17:35:18 +02:00
Franz Pletz 9081109ba0
botanUnstable: 1.11.30 -> 1.11.31 2016-09-24 16:45:47 +02:00
Michael Raskin 30c2a168ce botanUnstable: 1.11.29 -> 1.11.30 2016-08-11 17:57:35 +02:00
Michael Raskin 258f45082e botan: 1.10.12 -> 1.10.13 2016-08-11 17:57:35 +02:00
Vladimír Čunát 97c484a10f treewide: fix #include errors after gcc-5.4
They were mostly missing <cmath> or <math.h>.
2016-06-19 10:18:30 +02:00
Micxjo Funkcio 3c2e932450
botanUnstable: 1.11.28 -> 1.11.29 (security)
This release contains fixes for
  * CVE-2016-2849
  * CVE-2016-2850
2016-04-09 12:18:55 -07:00
Michael Raskin 4e27311fbf botan: 1.10.10 -> 1.10.12 2016-02-14 21:17:07 +01:00
Michael Raskin 126bdab696 botanUnstable: 1.11.25 -> 1.11.28 2016-02-14 21:17:07 +01:00
Michael Raskin 81aa158838 botanUnstable: 1.11.19 -> 1.11.25 2016-01-01 12:30:17 +03:00
Michael Raskin f89b651008 Botan: stable: 1.10.9 -> 1.10.10; unstable: 1.11.16 -> 1.11.19 2015-08-08 21:01:31 +03:00
Luca Bruno 8e56309dd5 botanUnstable: fix installation (ZHF) 2015-07-09 11:48:39 +02:00
Pascal Wittmann 571d878e40 botan: fix build 2015-07-02 00:02:40 +02:00
Spencer Whitt 7145859662 botan: clang fix 2015-05-15 11:58:22 -04:00
Michael Raskin e4ce4e9f5b Update unstable Botan 2015-04-05 20:27:25 +03:00
Michael Raskin 7e285b8b87 Update Botan unstable and fix source link 2015-03-17 11:02:56 +03:00
Michael Raskin 1fdc855b2f Update botan unstable 2015-03-09 01:03:01 +03:00
Luca Bruno 836b3d835e botanUnstable: 1.11.13 doesn't exist, use 1.11.10 2015-02-27 11:08:31 +01:00
Michael Raskin da8828f5cf Botan (unstable): 1.11.12 -> 1.11.13 2015-01-18 18:20:09 +03:00
Michael Raskin 1e659694c5 Fix the download link --- reported by Karn Kallio 2015-01-09 20:26:57 +03:00
Michael Raskin bc159cc816 Update botan and fix the build 2015-01-06 18:47:02 +03:00
John Wiegley 28b6fb61e6 Change occurrences of gcc to the more general cc
This is done for the sake of Yosemite, which does not have gcc, and yet
this change is also compatible with Linux.
2014-12-26 11:06:21 -06:00
William A. Kennington III 617cd15c8e botan: Refactor into generic builder 2014-11-02 17:22:28 -08:00
William A. Kennington III aa3e800be7 boost: Remove boost.lib 2014-11-02 17:22:27 -08:00
William A. Kennington III 31220480d8 boost: Update depdendent packages 2014-09-21 17:20:59 -07:00