- Update from version 3.9 to 3.10 - Update of rootfile - Changelog 3.10 This is a maintenance release, including a few each of bug fixes, new features and optimizations. The new version is intended to be fully source and binary compatible with Nettle-3.6. The shared library names are libnettle.so.8.9 and libhogweed.so.6.9, with sonames libnettle.so.8 and libhogweed.so.6. Bug fixes: * Add missing hash functions sha512_224 and sha512_256 to the nettle_get_hashes() list. The name values in the corresponding nettle_hash structs also changed to use underscore instead of dash, for consistency. * Fix a few cases of formally undefined calls to memcpy(dst, NULL, 0), resulting from valid calls to, e.g., sha256_update(ctx, 0, NULL). New features: * Support RSA-OAEP encryption. Contributed by Nicolas Mora and Daiki Ueno. * New function sha3_256_shake_output, new functions sha3_128_init, sha3_128_update, sha3_128_shake, sha3_128_shake_output. Contributed by Daiki Ueno. * Added DRBG-CTR with AES256, contributed by Simon Josefsson. Optimizations: * New combined gcm-aes assembly for powerpc64, contributed by Danny Tsen. * New sha256 assembly for powerpc64, contributed by Eric Richter. * Improved performance for powerpc64 AES decrypt, by skipping subkey transformations that don't suit the vncipher instructions. * Add arm64 CPU feature detection for Android and for Apple systems, contributed by Foolbar and Tim Kosse, prespectively. Miscellaneous: * New tests for side-channel silence, based on valgrind. * Delete all md5 assembly code. Delete all sparc32 assembly code. 3.9.1 This is a bugfix release, fixing a few bugs reported for Nettle-3.9. The bug in the new OCB code may be exploitable for denial of service or worse, since triggering it leads to memory corruption. Upgrading from Nettle-3.9 to the new version is strongly recommended. The new version is intended to be fully source and binary compatible with Nettle-3.6. The shared library names are libnettle.so.8.8 and libhogweed.so.6.8, with sonames libnettle.so.8 and libhogweed.so.6. Bug fixes: * Fix OCB loop for processing messages of size 272 bytes or larger. Reported and fixed by Jussi Kivilinna. * Fix alignment bug in the new x86_64 non-pclmul assembly implementation of ghash. Reported by Henrik Grubbström. * Fix build-time memory leak in eccdata. Reported by Noah Watkins.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/nettle | 5 +++-- lfs/nettle | 12 ++++++------ 2 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/config/rootfiles/common/nettle b/config/rootfiles/common/nettle index 3c0331406..26ac7bd29 100644 --- a/config/rootfiles/common/nettle +++ b/config/rootfiles/common/nettle @@ -26,6 +26,7 @@ #usr/include/nettle/curve25519.h #usr/include/nettle/curve448.h #usr/include/nettle/des.h +#usr/include/nettle/drbg-ctr.h #usr/include/nettle/dsa-compat.h #usr/include/nettle/dsa.h #usr/include/nettle/eax.h @@ -78,9 +79,9 @@ #usr/include/nettle/yarrow.h usr/lib/libhogweed.so usr/lib/libhogweed.so.6 -usr/lib/libhogweed.so.6.7 +usr/lib/libhogweed.so.6.9 #usr/lib/libnettle.so usr/lib/libnettle.so.8 -usr/lib/libnettle.so.8.7 +usr/lib/libnettle.so.8.9 #usr/lib/pkgconfig/hogweed.pc #usr/lib/pkgconfig/nettle.pc diff --git a/lfs/nettle b/lfs/nettle index 2d01f9557..cd902b8d5 100644 --- a/lfs/nettle +++ b/lfs/nettle @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2024 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 3.9 +VER = 3.10
THISAPP = nettle-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 80885fa380de58765155a5d4b209e524f4bd0336156ba6f5189702007438998094df0e4e801370fd0a74251b8cf91f46638b0c0139388c2c2098b1207ed3415c +$(DL_FILE)_BLAKE2 = edf0ba6375f06e2dd4b1e3ed4bab5f592ac04a36f748ce0461bbec32622eb3d5f96f89350926c24b5bbbf37dbe14a1ad64bba5df7cb7ad5987ec634573aabbb5
install : $(TARGET)
@@ -71,9 +71,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure \ - --prefix=/usr \ - --disable-documentation \ - --disable-static + --prefix=/usr \ + --disable-documentation \ + --disable-static cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install chmod -v 755 /usr/lib/lib{hogweed,nettle}.so