Updated: libgcrypt20 libgcrypt-devel 1.10.2

public inbox for cygwin-announce@cygwin.com
 help / color / mirror / Atom feed

* Updated: libgcrypt20 libgcrypt-devel 1.10.2
@ 2023-04-08 21:25 Cygwin libgcrypt Maintainer
  0 siblings, 0 replies; only message in thread
From: Cygwin libgcrypt Maintainer @ 2023-04-08 21:25 UTC (permalink / raw)
  To: Cygwin Announcements

The following packages have been upgraded in the Cygwin distribution:

* libgcrypt20		1.10.2
* libgcrypt-devel	1.10.2

Libgcrypt is a general purpose cryptography library based on the
code used in GnuPG.

For more information please see the project home page:

	https://gnupg.org/software/libgcrypt/

As there are multiple changes each release please see below or read
/usr/share/doc/libgcrypt/NEWS after installation; for complete details
of changes please see the release info links below, or read
/usr/share/doc/libgcrypt/ChangeLog after installation.


Noteworthy changes in version 1.10.2	2023-04-06

Release-info: https://dev.gnupg.org/T5905

* Bug fixes:

  - Fix Argon2 for the case output > 64.
  - Fix missing HWF_PPC_ARCH_3_10 in HW feature.
  - Fix RSA key generation failure in forced FIPS mode.
  - Fix gcry_pk_hash_verify for explicit hash.
  - Fix a wrong result of gcry_mpi_invm.
  - Allow building with --disable-asm for HPPA.
  - Fix Jitter RNG for building native on Windows.
  - Allow building with -Oz.
  - Enable the fast path to ChaCha20 only when supported.
  - Use size_t to avoid counter overflow in Keccak when directly
    feeding more than 4GiB.

* Other:

  - Do not use secure memory for a DRBG instance.
  - Do not allow PKCS#1.5 padding for encryption in FIPS mode.
  - Fix the behaviour for child process re-seeding in the DRBG.
  - Allow verification of small RSA signatures in FIPS mode.
  - Allow the use of a shorter salt for KDFs in FIPS mode.
  - Run digest+sign self tests for RSA and ECC in FIPS mode.
  - Add function-name based FIPS indicator function.
    GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered
    an ABI changes because the new FIPS features were not yet
    approved.
  - Improve PCT in FIPS mode.
  - Use getrandom (GRND_RANDOM) in FIPS mode.
  - Disable RSA-OAEP padding in FIPS mode.
  - Check minimum allowed key size in PBKDF in FIPS mode.
  - Get maximum 32B of entropy at once in FIPS mode.
  - Prefer gpgrt-config when available.
  - Mark AESWRAP as approved FIPS algorithm.
  - Prevent usage of long salt for PSS in FIPS mode.
  - Prevent usage of X9.31 keygen in FIPS mode.
  - Remove GCM mode from the allowed FIPS indicators.
  - Add explicit FIPS indicators for hash and MAC algorithms.


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2023-04-08 21:28 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-04-08 21:25 Updated: libgcrypt20 libgcrypt-devel 1.10.2 Cygwin libgcrypt Maintainer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).