* 1.8.14, 2012-07-18
- The malloc allocator would return null instead of throwing in the event of
an allocation failure, which could cause an application crash due to null
pointer dereference where normally an exception would occur.
- Recent versions of OpenSSL include extra information in ECC private keys,
the presence of which caused an exception when such a key was loaded by
botan. The decoding of ECC private keys has been changed to ignore these
fields if they are set.
- AutoSeeded_RNG has been changed to prefer /dev/random over /dev/urandom
- Fix detection of s390x (Debian bug 638347)
1) Update two configuration files to include DragonFly, which results in
additional generated files.
2) Update PLIST.DragonFly (it was wrong in any case)
platform files except Darwin. Also add the *_sse2 entries to Darwin.
Note that both *_amd64 and *_sse2 are conditional on x86_64, so this
division of files per platform is easier to do by PLIST tweaks than by
further Makefile conditionals.
This fixes the build of botan under OS X Lion with ABI=64 and should be
a no-op for all other platforms.
* 1.8.13, 2011-07-02
- A race in Algorithm_Factory that could cause crashes in multithreaded
code has been fixed.
* 1.8.12, 2011-06-20
- If EMSA3(Raw) was used for more than one signature, it would produce
incorrect output.
- Fix the --enable-debug option to configure.py
- Improve OS detection on Cygwin
- Fix compilation under Sun Studio 12 on Solaris
- Fix a memory leak in the constructors of DataSource_Stream and
DataSink_Stream which would occur if opening the file failed. PR 144
* 1.8.11, 2010-11-02
- Fix a number of CRL encoding and decoding bugs
- When building a debug library under VC++, use the debug runtime
- Fix compilation under Sun Studio on Linux and Solaris
- Add several functions for compatability with 1.9
- In the examples, read most input files as binary
- The Perl build script has been removed in this release
* 1.8.10, 2010-08-31
- Switch default PKCS #8 encryption algorithm from 3DES to AES-256
- Increase default hash iterations from 2048 to 10000 in PBES1 and
PBES2
- Use small tables in the first round of AES
- Add PBKDF typedef and get_pbkdf for better compatability with 1.9
- Add version of S2K::derive_key taking salt and iteration count
- Enable the /proc-walking entropy source on NetBSD
- Fix the doxygen makefile target
* 1.8.9, 2010-06-16
- Use constant time multiplication in IDEA
- Avoid possible timing attack against OAEP decoding
- Add new X509::BER_encode and PKCS8::BER_encode
- Enable DLL builds under Windows
- Add Win32 installer support
- Add support for the Clang compiler
- Fix problem in semcem.h preventing build under Clang or GCC 3.4
- Fix bug that prevented creation of DSA groups under 1024 bits
- Fix crash in GMP_Engine if library is shutdown and reinitialized
- Work around problem with recent binutils in x86-64 SHA-1
- The Perl build script is no longer supported and refuses to run by
default
* 1.8.8, 2009-11-03
- Alter Skein-512 to match the tweaked 1.2 specification
- Fix use of inline asm for access to x86 bswap function
- Allow building the library without AES enabled
- Add 'powerpc64' alias to ppc64 arch for Gentoo ebuild
This update is quite delicate and I'm sure it'll break somewhere. So far
I've only been able to test it in NetBSD/amd64 and Mac OS X Leopard.
I'm bumping the dependency version in buildlink3.mk because the only package
using this seems to be Monotone, and I'll updating it right away.
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
