Overview

File _patchinfo of Package patchinfo.30921

<patchinfo incident="30921">
  <issue tracker="bnc" id="1215657">VUL-0: CVE-2023-42811: rage-encryption: aes-gcm: chosen ciphertext attack via `decrypt_in_place*` APIs</issue>
  <issue tracker="cve" id="2023-42811"></issue>
  <packager>firstyear</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for rage-encryption</summary>
  <description>This update for rage-encryption fixes the following issues:

 -CVE-2023-42811: chosen ciphertext attack possible against aes-gcm (bsc#1215657)

  * update vendor.tar.zst to contain aes-gcm &gt;= 0.10.3

- Update to version 0.9.2+0:

  * CI: Ensure `apt` repository is up-to-date before installing build deps
  * CI: Build Linux releases using `ubuntu-20.04` runner
  * CI: Remove most uses of `actions-rs` actions

- Update to version 0.9.2+0:

  * Fix changelog bugs and add missing entry
  * Document `PINENTRY_PROGRAM` environment variable
  * age: Add `Decryptor::new_async_buffered`
  * age: `impl AsyncBufRead for ArmoredReader`
  * Pre-initialize vectors when the capacity is known, or use arrays
  * Use `PINENTRY_PROGRAM` as environment variable for `pinentry`
  * Document why `impl AsyncWrite for StreamWriter` doesn't loop indefinitely
  * cargo update
  * cargo vet prune
  * Migrate to `cargo-vet 0.7`
  * build(deps): bump svenstaro/upload-release-action from 2.5.0 to 2.6.1
  * Correct spelling in documentation
  * build(deps): bump codecov/codecov-action from 3.1.1 to 3.1.4
  * StreamWriter AsyncWrite: fix usage with futures::io::copy()
  * rage: Use `Decryptor::new_buffered`
  * age: Add `Decryptor::new_buffered`
  * age: `impl BufRead for ArmoredReader`
  * Update Homebrew formula to v0.9.1
  * feat/pinentry: Use env var to define pinentry binary

- Update to version 0.9.1+0:

  * ssh: Fix parsing of OpenSSH private key format
  * ssh: Support `aes256-gcm@openssh.com` ciphers for encrypted keys
  * ssh: Add `aes256-gcm@openssh.com` cipher to test cases
  * ssh: Extract common key material derivation logic for encrypted keys
  * ssh: Use associated constants for key and IV sizes
  * ssh: Add test cases for encrypted keys
- Add shell completions for fish and zsh.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places