Summary: | security/botan2: RFC4880_encode_count doesn't return consistent results when processing exact iterations | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Dmitri Goutnik <dmgk> | ||||||
Component: | Individual Port(s) | Assignee: | Jan Beich <jbeich> | ||||||
Status: | Closed FIXED | ||||||||
Severity: | Affects Only Me | CC: | tremere | ||||||
Priority: | --- | Flags: | tremere:
maintainer-feedback+
|
||||||
Version: | Latest | ||||||||
Hardware: | Any | ||||||||
OS: | Any | ||||||||
URL: | https://github.com/randombit/botan/issues/1853 | ||||||||
Bug Depends on: | |||||||||
Bug Blocks: | 236449 | ||||||||
Attachments: |
|
Description
Dmitri Goutnik
2019-03-10 12:35:29 UTC
Upstream pull request: https://github.com/randombit/botan/pull/1854 Created attachment 202977 [details]
Replace upper_bound with lower_bound in pgp_s2k #1854
I've added the patch from the upstream PR. Since I don't run EncryptPad myself, I cannot confirm if this actually fixes the issue. poudriere buildlog: https://pkg.cainites.net/data/latest-per-pkg/botan2/2.9.0_1/freebsd_12x64-system.log Created attachment 203287 [details] Update to 2.10.0 (includes fix for: Replace upper_bound with lower_bound in pgp_s2k #1853, #1854) The fix is included in the recently released 2.10.0, so I've replaced my previous patch. Changelog: https://botan.randombit.net/news.html#version-2-10-0-2019-03-30 Poudriere buildlog: https://pkg.cainites.net/data/latest-per-pkg/botan2/2.10.0/freebsd_12x64-system.log A commit references this bug: Author: jbeich Date: Mon Apr 8 11:51:33 UTC 2019 New revision: 498367 URL: https://svnweb.freebsd.org/changeset/ports/498367 Log: security/botan2: update to 2.10.0 PR: 236450 237019 Submitted by: Ralf van der Enden (maintainer) Changes: head/dns/powerdns/Makefile head/dns/powerdns-recursor/Makefile head/editors/encryptpad/Makefile head/security/botan2/Makefile head/security/botan2/distinfo |