File _patchinfo of Package patchinfo.167

<patchinfo incident="167">
  <packager>jluce2</packager>
  <issue tracker="bnc" id="810759"></issue>
  <issue tracker="bnc" id="831359"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>libgcrypt: update to 1.5.3</summary>
  <description>libgcrypt was updated to 1.5.3 [bnc#831359] to fix  a
   security issue, bugs and get some new features:

   Security issue fixed:
   * Mitigate the Yarom/Falkner flush+reload side-channel
   attack on RSA secret keys.  See
   &lt;http://eprint.iacr.org/2013/448&gt;.

   - contains changes from 1.5.2
   * The upstream sources now contain the IDEA algorithm,
   dropping: idea.c.gz libgcrypt-1.5.0-idea.patch
   libgcrypt-1.5.0-idea_codecleanup.patch
   * Made the Padlock code work again (regression since
   1.5.0).
   * Fixed alignment problems for Serpent.
   * Fixed two bugs in ECC computations.
   - add GPL3.0+ to License tag because of dumpsexp
   (bnc#810759)
   - contains changes from 1.5.1
   * Allow empty passphrase with PBKDF2.
   * Do not abort on an invalid algorithm number in
   gcry_cipher_get_algo_keylen and
   gcry_cipher_get_algo_blklen.
   * Fixed some Valgrind warnings.
   * Fixed a problem with select and high fd numbers.
   * Improved the build system
   * Various minor bug fixes.
   * Interface changes relative to the 1.5.0 release:
   GCRYCTL_SET_ENFORCED_FIPS_FLAG         NEW.
   GCRYPT_VERSION_NUMBER                  NEW.</description>
</patchinfo>
openSUSE Build Service is sponsored by