From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost.localdomain (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 3AE253858C31 for ; Sat, 8 Apr 2023 21:28:32 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3AE253858C31 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; s=default; t=1680989312; bh=4JDaONWtFtMnayIb8K+8mXAguctm1ciPOHPycDBFKq0=; h=To:Date:Subject:From:Reply-To:Cc:From; b=QC6OgJ1oLHpm6Gg9hRiuB4CowdAE7KzdBxoxGxcNTE/qMv6XrHOM7E0e8/qivrJcK T5bWBvR6v3RHnZ4wpMCMWltET6iS1d1yQo6zl7LA28/61NG3KWXxmI1m3IJlRdnBxp 9gHZa42dFoO7gjsHls6EGe7aUlXsxsHs8y4ZxlyA= DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0001F3858C50 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; s=default; t=1680989312; bh=4JDaONWtFtMnayIb8K+8mXAguctm1ciPOHPycDBFKq0=; h=To:Date:Subject:List-Id:List-Unsubscribe:List-Archive:List-Help: List-Subscribe:From:Reply-To:Cc:From; b=VTLYttvnwXn3G/P5dvKATPkVK+JSL+emaf89lYQVV4e3g5Vsv7mL6Va7XJJoL0OkF Y7PFlaNDhKQXWJJPN++FvVQ20BrQnD3ddbXGuUnbbfdBv6LS2+CGP/NJLpwJx1PQol thVXv0ChV/dNTAaLuhCliyHYGPmNfJE0z0Pch8s0= DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 5D5C23858D1E X-Authority-Analysis: v=2.4 cv=XZqaca15 c=1 sm=1 tr=0 ts=6431dc72 a=DxHlV3/gbUaP7LOF0QAmaA==:117 a=DxHlV3/gbUaP7LOF0QAmaA==:17 a=GwUem0DFAAAA:8 a=zZfI2map4031GzvG1qIA:9 a=r0dl5i_q2XGqDZkti5dn:22 To: cygwin@cygwin.com Date: Sat, 08 Apr 2023 15:25:20 -0600 Message-Id: Subject: [ANNOUNCEMENT] Updated: libgcrypt20 libgcrypt-devel 1.10.2 X-CMAE-Envelope: MS4xfHXJgtPgp8aA11+hyqqPs5bDVz4LkhhYBrrqpPHy3z3IMP6V0LOLv1/E7FTU0wcV8DneyD7nX43evggbU0eeNSxpvFOCxTVezfVedhv8ut0TLm3Sj+TD /S8cGhHsxx12chBRIGLSVZeQN9unMUSi+fOgU8BOE5tArSaaa0ADpLJ4IMi3uCxXu4gA0ST8jbOEcLNhTgJQpUoDSO8kfeQoC4Y= X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, KAM_NUMSUBJECT, LIKELY_SPAM_BODY, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: cygwin-announce@cygwin.com X-Mailman-Version: 2.1.29 From: Cygwin libgcrypt Maintainer via Cygwin-announce Reply-To: cygwin@cygwin.com Cc: Cygwin libgcrypt Maintainer Errors-To: cygwin-announce-bounces+cygwin-announce-resender=cygwin.com@cygwin.com X-Mailer: Perl5 Mail::Internet v2.20 Sender: Kernel Overflow User List-Id: The following packages have been upgraded in the Cygwin distribution: * libgcrypt20 1.10.2 * libgcrypt-devel 1.10.2 Libgcrypt is a general purpose cryptography library based on the code used in GnuPG. For more information please see the project home page: https://gnupg.org/software/libgcrypt/ As there are multiple changes each release please see below or read /usr/share/doc/libgcrypt/NEWS after installation; for complete details of changes please see the release info links below, or read /usr/share/doc/libgcrypt/ChangeLog after installation. Noteworthy changes in version 1.10.2 2023-04-06 Release-info: https://dev.gnupg.org/T5905 * Bug fixes: - Fix Argon2 for the case output > 64. - Fix missing HWF_PPC_ARCH_3_10 in HW feature. - Fix RSA key generation failure in forced FIPS mode. - Fix gcry_pk_hash_verify for explicit hash. - Fix a wrong result of gcry_mpi_invm. - Allow building with --disable-asm for HPPA. - Fix Jitter RNG for building native on Windows. - Allow building with -Oz. - Enable the fast path to ChaCha20 only when supported. - Use size_t to avoid counter overflow in Keccak when directly feeding more than 4GiB. * Other: - Do not use secure memory for a DRBG instance. - Do not allow PKCS#1.5 padding for encryption in FIPS mode. - Fix the behaviour for child process re-seeding in the DRBG. - Allow verification of small RSA signatures in FIPS mode. - Allow the use of a shorter salt for KDFs in FIPS mode. - Run digest+sign self tests for RSA and ECC in FIPS mode. - Add function-name based FIPS indicator function. GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered an ABI changes because the new FIPS features were not yet approved. - Improve PCT in FIPS mode. - Use getrandom (GRND_RANDOM) in FIPS mode. - Disable RSA-OAEP padding in FIPS mode. - Check minimum allowed key size in PBKDF in FIPS mode. - Get maximum 32B of entropy at once in FIPS mode. - Prefer gpgrt-config when available. - Mark AESWRAP as approved FIPS algorithm. - Prevent usage of long salt for PSS in FIPS mode. - Prevent usage of X9.31 keygen in FIPS mode. - Remove GCM mode from the allowed FIPS indicators. - Add explicit FIPS indicators for hash and MAC algorithms.