botan1.10 (1.10.17-0.1) unstable; urgency=medium . * Non-maintainer upload. * New upstream release 1.10.17 (Closes: #877436) + [CVE-2017-14737]: Side channel affecting modular exponentiation + Upstream has imported Debian architecture support patches, removed them. botan1.10 (1.10.16-1) unstable; urgency=high . * Update d/watch to match new upstream download directory * New upstream version 1.10.16 + [CVE-2017-2801]: Incorrect comparison in X.509 DN strings botan1.10 (1.10.15-1) unstable; urgency=medium . * New upstream version 1.10.15 botan1.10 (1.10.14-1) unstable; urgency=medium . * Imported Upstream version 1.10.14 * Rebase patches using gbp pq on top of 1.10.14 release botan1.10 (1.10.13-1) unstable; urgency=medium . * Imported Upstream version 1.10.13 * Disable OpenSSL module to mitigate OpenSSL 1.1.0 transition (Closes: #828252) botan1.10 (1.10.12-1.1) unstable; urgency=medium . * Non-maintainer upload. * Correctly disable test suite when building with nocheck (Closes: #813633) * Add missing dependencies to libbotan1.10-dev (Closes: #816535) botan1.10 (1.10.12-1) unstable; urgency=medium . * Update a final symbols file prepared using pkgkde-symbolshelper batchpatch * Imported Upstream version 1.10.11 * Imported Upstream version 1.10.12 * Relax symbols check (for now) botan1.10 (1.10.10-6) unstable; urgency=medium . * Use pkgkde-symbolshelper to maintain a single symbols file (that needs to be updated after, so we don't fail at all) * Install docs for libbotan-1.10-1 botan1.10 (1.10.10-5) unstable; urgency=medium . * Add starting symbols file for all supported architectures and lower the checking level of dpkg-gensymbols to 1 to allow first run to succeed botan1.10 (1.10.10-4) unstable; urgency=medium . * Update amd64 symbols to match the current version botan1.10 (1.10.10-3) unstable; urgency=medium . * Make the symbols tied to the architecture, so we don't have to have hundreds of arch= tags in symbols file (Closes: #795888) * Add i386 symbols file for libbotan-1.10-1 package in addition to amd64 botan1.10 (1.10.10-2) unstable; urgency=medium . * Update symbols with any-amd64 for for amd64 specific symbols botan1.10 (1.10.10-1) unstable; urgency=medium . * Imported Upstream version 1.10.10 * Add symbols file for libbotan-1.10-0v5 library * Rebuild with gcc-5 and libstdc++6 (Closes: #790987) * Add DPKG_GENSYMBOLS_CHECK_LEVEL=4 to d/rules * Upstream bumped SOVERSION to 1, so rename the shared library package to libbotan-1.10-1 botan1.10 (1.10.8-2) unstable; urgency=medium . * Add ppc64el and arm64 support (Closes: #741691) * Add support for or1k (Closes: #749267) * Use correct Vcs-* links botan1.10 (1.10.8-1) unstable; urgency=medium . * New upstream version 1.10.8 * Use debhelper 9 (dpkg-buildflags) instead of hardening-wrapper * Update watch file to look for v.1.10.x * Update patches for 1.10.8 release botan1.10 (1.10.5-1) unstable; urgency=low . * Imported Upstream version 1.10.4 + Avoid a conditional operation in the power mod implementations on if a nibble of the exponent was zero or not. This may help protect against certain forms of side channel attacks. + The SRP6 code was checking for invalid values as specified in RFC 5054, specifically values equal to zero mod p. However SRP would accept negative A/B values, or ones larger than p, neither of which should occur in a normal run of the protocol. These values are now rejected. Credits to Timothy Prepscius for pointing out these values are not normally used and probably signal something fishy. + The return value of version_string is now a compile time constant string, so version information can be more easily extracted from binaries. * Imported Upstream version 1.10.5 + A potential crash in the AES-NI implementation of the AES-192 key schedule (caused by misaligned loads) has been fixed. + A previously conditional operation in Montgomery multiplication and squaring is now always performed, removing a possible timing channel. + Use correct flags for creating a shared library on OS X under Clang. + Fix a compile time incompatibility with Visual C++ 2012. botan1.10 (1.10.3-1) unstable; urgency=high * Imported Upstream version 1.10.3 + A change in 1.10.2 accidentally broke ABI compatibility with 1.10.1 and earlier versions, causing programs compiled against 1.10.1 to crash if linked with 1.10.2 at runtime. (Closes: #681066) + Recent versions of OpenSSL include extra information in ECC private keys, the presence of which caused an exception when such a key was loaded by botan. The decoding of ECC private keys has been changed to ignore these fields if they are set. botan1.10 (1.10.2-1) unstable; urgency=low * Imported Upstream version 1.10.2 * Remove s390x patch as it was merged upstream botan1.10 (1.10.1-1) unstable; urgency=low * Imported Upstream version 1.10.1 botan1.10 (1.10.0-3) unstable; urgency=low * Don't canonicalize s390x to s390/s390 (Closes: #639564) botan1.10 (1.10.0-2) unstable; urgency=low * Rename manpage to botan-config-1.10 (Closes: #639264) botan1.10 (1.10.0-1) unstable; urgency=low * Imported Upstream version 1.10.0 * Don't Conflict with libbotan1.8-dev, it's no longer needed * Rename libbotan-1.9 to libbotan-1.10-0 to match its SONAME botan1.10 (1.10~1.9.18-1) unstable; urgency=low * Imported Upstream version 1.10~1.9.18 + Remove all local patches; merged upstream * Update Vcs-* links * Update *.install to reflect the versioning changes in upstream + botan-config is now botan-config-. + headers are installed to /usr/include/botan-./botan + pkg-config is botan-..pc botan1.10 (1.10~1.9.17-1) unstable; urgency=low * Fork botan1.8 package to botan1.10 * Imported Upstream version 1.9.17 * Fix spelling error recieved vs received in library * Debian packaging: + Bump standards version to 3.9.2 + Adjust patches to the new release + Enable full build including the checks on all platforms + Update install and docs files to the new release + Rename library to libbotan-1.9.so to match SONAME + Exclude duplicate license.txt file from package