[git] GCRYPT - branch, LIBGCRYPT-1.8-BRANCH, updated. libgcrypt-1.8.2-18-g6ca6344

by Werner Koch cvs at cvs.gnupg.org
Wed Jun 13 10:01:37 CEST 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, LIBGCRYPT-1.8-BRANCH has been updated
       via  6ca6344429e5ee1657e164509c6b50a717ebec68 (commit)
       via  5600d2d6b23640b0114655214f18959ee81fe58e (commit)
      from  9be06c6b2e5c96edf40e566bbf51d44c4d46fb07 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 6ca6344429e5ee1657e164509c6b50a717ebec68
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Jun 13 10:01:57 2018 +0200

    Post release updates
    
    --

diff --git a/NEWS b/NEWS
index b77980c..b368d76 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,7 @@
+Noteworthy changes in version 1.8.4 (unreleased)  [C22/A2/R4]
+------------------------------------------------
+
+
 Noteworthy changes in version 1.8.3 (2018-06-13)  [C22/A2/R3]
 ------------------------------------------------
 
@@ -16,6 +20,8 @@ Noteworthy changes in version 1.8.3 (2018-06-13)  [C22/A2/R3]
 
    - Fix rare assertion failure in gcry_prime_check.
 
+ Release info at <https://dev.gnupg.org/T4016>.
+
 
 Noteworthy changes in version 1.8.2 (2017-12-13)  [C22/A2/R2]
 ------------------------------------------------
diff --git a/configure.ac b/configure.ac
index dfcd4ef..ce11162 100644
--- a/configure.ac
+++ b/configure.ac
@@ -30,7 +30,7 @@ min_automake_version="1.14"
 # for the LT versions.
 m4_define(mym4_version_major, [1])
 m4_define(mym4_version_minor, [8])
-m4_define(mym4_version_micro, [3])
+m4_define(mym4_version_micro, [4])
 
 # Below is m4 magic to extract and compute the revision number, the
 # decimalized short revision number, a beta version string, and a flag
@@ -56,7 +56,7 @@ AC_INIT([libgcrypt],[mym4_full_version],[http://bugs.gnupg.org])
 #   (No interfaces changed:                   REVISION++)
 LIBGCRYPT_LT_CURRENT=22
 LIBGCRYPT_LT_AGE=2
-LIBGCRYPT_LT_REVISION=3
+LIBGCRYPT_LT_REVISION=4
 
 
 # If the API is changed in an incompatible way: increment the next counter.

commit 5600d2d6b23640b0114655214f18959ee81fe58e
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Jun 13 09:37:25 2018 +0200

    Release 1.8.3

diff --git a/AUTHORS b/AUTHORS
index 0d1da12..ab7a525 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -21,7 +21,7 @@ year that would otherwise be listed individually.
 List of Copyright holders
 =========================
 
-  Copyright (C) 1989,1991-2017 Free Software Foundation, Inc.
+  Copyright (C) 1989,1991-2018 Free Software Foundation, Inc.
   Copyright (C) 1994 X Consortium
   Copyright (C) 1996 L. Peter Deutsch
   Copyright (C) 1997 Werner Koch
@@ -30,7 +30,7 @@ List of Copyright holders
   Copyright (C) 1996-2006 Peter Gutmann, Matt Thomlinson and Blake Coverett
   Copyright (C) 2003 Nikos Mavroyanopoulos
   Copyright (C) 2006-2007 NTT (Nippon Telegraph and Telephone Corporation)
-  Copyright (C) 2012-2017 g10 Code GmbH
+  Copyright (C) 2012-2018 g10 Code GmbH
   Copyright (C) 2012 Simon Josefsson, Niels Möller
   Copyright (c) 2012 Intel Corporation
   Copyright (C) 2013 Christian Grothoff
diff --git a/NEWS b/NEWS
index 204ca66..b77980c 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,21 @@
-Noteworthy changes in version 1.8.3 (unreleased)  [C22/A2/R3]
+Noteworthy changes in version 1.8.3 (2018-06-13)  [C22/A2/R3]
 ------------------------------------------------
 
+ * Bug fixes:
+
+   - Use blinding for ECDSA signing to mitigate a novel side-channel
+     attack.  [#4011,CVE-2018-0495]
+
+   - Fix incorrect counter overflow handling for GCM when using an IV
+     size other than 96 bit.  [#3764]
+
+   - Fix incorrect output of AES-keywrap mode for in-place encryption
+     on some platforms.
+
+   - Fix the gcry_mpi_ec_curve_point point validation function.
+
+   - Fix rare assertion failure in gcry_prime_check.
+
 
 Noteworthy changes in version 1.8.2 (2017-12-13)  [C22/A2/R2]
 ------------------------------------------------
diff --git a/README b/README
index c14181a..7ac8e4a 100644
--- a/README
+++ b/README
@@ -1,10 +1,10 @@
 		    Libgcrypt - The GNU Crypto Library
 		   ------------------------------------
-                             Version 1.7
+                             Version 1.8
 
-       Copyright (C) 1989,1991-2017 Free Software Foundation, Inc.
-       Copyright (C) 2012-2017 g10 Code GmbH
-       Copyright (C) 2013-2017 Jussi Kivilinna
+       Copyright (C) 1989,1991-2018 Free Software Foundation, Inc.
+       Copyright (C) 2012-2018 g10 Code GmbH
+       Copyright (C) 2013-2018 Jussi Kivilinna
 
     Libgcrypt is free software.  See the file AUTHORS for full copying
     notices, and LICENSES for notices about contributions that require
diff --git a/compat/compat.c b/compat/compat.c
index b835293..8b001de 100644
--- a/compat/compat.c
+++ b/compat/compat.c
@@ -30,9 +30,9 @@ _gcry_compat_identification (void)
   static const char blurb[] =
     "\n\n"
     "This is Libgcrypt " PACKAGE_VERSION " - The GNU Crypto Library\n"
-    "Copyright (C) 2000-2017 Free Software Foundation, Inc.\n"
-    "Copyright (C) 2012-2017 g10 Code GmbH\n"
-    "Copyright (C) 2013-2017 Jussi Kivilinna\n"
+    "Copyright (C) 2000-2018 Free Software Foundation, Inc.\n"
+    "Copyright (C) 2012-2018 g10 Code GmbH\n"
+    "Copyright (C) 2013-2018 Jussi Kivilinna\n"
     "\n"
     "(" BUILD_REVISION " " BUILD_TIMESTAMP ")\n"
     "\n\n";
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
index d2e6293..c18b498 100644
--- a/doc/gcrypt.texi
+++ b/doc/gcrypt.texi
@@ -2651,10 +2651,10 @@ S-expression returned is:
 Where @var{r-mpi} and @var{s-mpi} are the result of the DSA sign
 operation.
 
-For Elgamal signing (which is slow, yields large numbers and probably
-is not as secure as the other algorithms), the same format is used
-with "elg" replacing "dsa"; for ECDSA signing, the same format is used
-with "ecdsa" replacing "dsa".
+For Elgamal signing (which is slow, yields large numbers, hard to use
+correctly and probably is not as secure as the other algorithms), the
+same format is used with "elg" replacing "dsa"; for ECDSA signing, the
+same format is used with "ecdsa" replacing "dsa".
 
 For the EdDSA algorithm (cf. Ed25515) the required input parameters are:
 
diff --git a/src/versioninfo.rc.in b/src/versioninfo.rc.in
index b85d494..ea06612 100644
--- a/src/versioninfo.rc.in
+++ b/src/versioninfo.rc.in
@@ -39,7 +39,7 @@ BEGIN
             VALUE "FileDescription", "Libgcrypt - The GNU Crypto Library\0"
             VALUE "FileVersion", "@LIBGCRYPT_LT_CURRENT at .@LIBGCRYPT_LT_AGE at .@LIBGCRYPT_LT_REVISION at .@BUILD_REVISION@\0"
             VALUE "InternalName", "libgcrypt\0"
-            VALUE "LegalCopyright", "Copyright © 2017 Free Software Foundation, Inc.\0"
+            VALUE "LegalCopyright", "Copyright © 2018 Free Software Foundation, Inc.\0"
             VALUE "LegalTrademarks", "\0"
             VALUE "OriginalFilename", "libgcrypt.dll\0"
             VALUE "PrivateBuild", "\0"

-----------------------------------------------------------------------

Summary of changes:
 AUTHORS               |  4 ++--
 NEWS                  | 23 ++++++++++++++++++++++-
 README                |  8 ++++----
 compat/compat.c       |  6 +++---
 configure.ac          |  4 ++--
 doc/gcrypt.texi       |  8 ++++----
 src/versioninfo.rc.in |  2 +-
 7 files changed, 38 insertions(+), 17 deletions(-)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org

More information about the Gnupg-commits mailing list