From: Wang Mingyu Date: Wed, 22 Nov 2023 08:59:44 +0000 (+0800) Subject: libgcrypt: upgrade 1.10.2 -> 1.10.3 X-Git-Tag: yocto-5.2~4504 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e21583896116cf37bf6b95aea466854e4fd5e54b;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git libgcrypt: upgrade 1.10.2 -> 1.10.3 Changelog: ========== - Fix public key computation for other EdDSA curves. - Remove out of core handler diagnostic in FIPS mode. - Check that the digest size is not zero in gcry_pk_sign_md and gcry_pk_verify_md. - Make store an s-exp with \0 is considered to be binary. - Various constant-time improvements. - Use getrandom call only when supported by the platform. - Change the default for --with-libtool-modification to never. Signed-off-by: Wang Mingyu Signed-off-by: Alexandre Belloni --- diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.10.2.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb similarity index 96% rename from meta/recipes-support/libgcrypt/libgcrypt_1.10.2.bb rename to meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb index 524b06ca22b..1c4f4d6038c 100644 --- a/meta/recipes-support/libgcrypt/libgcrypt_1.10.2.bb +++ b/meta/recipes-support/libgcrypt/libgcrypt_1.10.3.bb @@ -27,7 +27,7 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \ file://no-bench-slope.patch \ file://run-ptest \ " -SRC_URI[sha256sum] = "3b9c02a004b68c256add99701de00b383accccf37177e0d6c58289664cce0c03" +SRC_URI[sha256sum] = "8b0870897ac5ac67ded568dcfadf45969cfa8a6beb0fd60af2a9eadc2a3272aa" CVE_STATUS[CVE-2018-12433] = "disputed: CVE is disputed and not affecting crypto libraries for any distro." CVE_STATUS[CVE-2018-12438] = "disputed: CVE is disputed and not affecting crypto libraries for any distro."