--- - branch: MAIN date: Tue May 23 13:25:32 UTC 2023 files: - new: '1.30' old: '1.29' path: pkgsrc/security/nettle/Makefile pathrev: pkgsrc/security/nettle/Makefile@1.30 type: modified - new: '1.13' old: '1.12' path: pkgsrc/security/nettle/PLIST pathrev: pkgsrc/security/nettle/PLIST@1.13 type: modified - new: '1.27' old: '1.26' path: pkgsrc/security/nettle/distinfo pathrev: pkgsrc/security/nettle/distinfo@1.27 type: modified - new: '1.11' old: '1.10' path: pkgsrc/security/nettle/patches/patch-Makefile.in pathrev: pkgsrc/security/nettle/patches/patch-Makefile.in@1.11 type: modified id: 20230523T132532Z.1d84d326beb0e653169c74ad95326e9caf626670 log: "nettle: update to 3.9.\n\nNEWS for the Nettle 3.9 release\n\n\tThis release includes bug fixes, several new features, a few\n\tperformance improvements, and one performance regression\n\taffecting GCM on certain platforms.\n\n\tThe new version is intended to be fully source and binary\n\tcompatible with Nettle-3.6. The shared library names are\n\tlibnettle.so.8.7 and libhogweed.so.6.7, with sonames\n\tlibnettle.so.8 and libhogweed.so.6.\n\n\tThis release includes a rewrite of the C implementation of\n\tGHASH (dating from 2011), as well as the plain x86_64 assembly\n\tversion, to use precomputed tables in a different way, with\n\ttables always accessed in the same sequential manner.\n\n\tThis should make Nettle's GHASH implementation side-channel\n\tsilent on all platforms, but considerably slower on platforms\n\twithout carry-less mul instructions. E.g., benchmarks of the C\n\timplementation on x86_64 showed a slowdown of 3 times.\n\n\tBug fixes:\n\n\t* Fix bug in ecdsa and gostdsa signature verify operation, for\n\t the unlikely corner case that point addition really is point\n\t duplication.\n\n\t* Fix for chacha on Power7, nettle's assembly used an\n\t instruction only available on later processors. Fixed by\n\t Mamone Tarsha.\n\n\t* GHASH implementation should now be side-channel silent on\n\t all architectures.\n\n\t* A few portability fixes for *BSD.\n\n\tNew features:\n\n\t* Support for the SM4 block cipher, contributed by Tianjia\n Zhang.\n\n\t* Support for the Balloon password hash, contributed by Zoltan\n Fridrich.\n\n\t* Support for SIV-GCM authenticated encryption mode,\n contributed by Daiki Ueno.\n\n\t* Support for OCB authenticated encryption mode.\n\n\t* New exported functions md5_compress, sha1_compress,\n\t sha256_compress, sha512_compress, based on patches from\n\t Corentin Labbe.\n\n\tOptimizations:\n\n\t* Improved sha256 performance, in particular for x86_64 and\n\t s390x.\n\n\t* Use GMP's mpn_sec_tabselect, which is implemented in\n\t assembly on many platforms, and delete the similar nettle\n\t function. Gives a modest speedup to all ecc operations.\n\n\t* Faster poly1305 for x86_64 and ppc64. New ppc code\n\t contributed by Mamone Tarsha.\n\n\tMiscellaneous:\n\n\t* New ASM_FLAGS variable recognized by configure.\n\n\t* Delete all arcfour assembly code. Affects 32-bit x86, 32-bit\n\t and 64-bit sparc.\n\n\tKnown issues:\n\n\t* Version 6.2.1 of GNU GMP (the most recent GMP release as of\n\t \ this writing) has a known issue for MacOS on 64-bit ARM: GMP\n\t assembly files use the reserved x18 register. On this\n\t platform it is recommended to use a GMP snapshot where this\n\t bug is fixed, and upgrade to a later GMP release when one\n\t becomes available.\n\n\t* Also on MacOS, Nettle's testsuite may still break due to\n\t DYLD_LIBRARY_PATH being discarded under some circumstances.\n\t \ As a workaround, use\n\n\t make check EMULATOR='env DYLD_LIBRARY_PATH=$(TEST_SHLIB_DIR)'\n" module: pkgsrc subject: 'CVS commit: pkgsrc/security/nettle' unixtime: '1684848332' user: wiz