diff options
author | Red Davies <red@infect.me> | 2020-11-21 00:44:06 -0500 |
---|---|---|
committer | Red Davies <red@infect.me> | 2020-11-24 14:11:14 -0500 |
commit | 93b523d030aa03b954ac9c42f62e8dc458c376b6 (patch) | |
tree | c5eeefdd096c113a33ee3f3a7110702449f530d9 /pkgs/development/libraries/botan | |
parent | 65c4e2500f25076a2db330b8953410faab817420 (diff) | |
download | nixpkgs-93b523d030aa03b954ac9c42f62e8dc458c376b6.tar nixpkgs-93b523d030aa03b954ac9c42f62e8dc458c376b6.tar.gz nixpkgs-93b523d030aa03b954ac9c42f62e8dc458c376b6.tar.bz2 nixpkgs-93b523d030aa03b954ac9c42f62e8dc458c376b6.tar.lz nixpkgs-93b523d030aa03b954ac9c42f62e8dc458c376b6.tar.xz nixpkgs-93b523d030aa03b954ac9c42f62e8dc458c376b6.tar.zst nixpkgs-93b523d030aa03b954ac9c42f62e8dc458c376b6.zip |
botan2: update 2.7.0 -> 2.9.0
Fixes: CVE-2018-12435: requires >= 2.7.0 (NVD extry is incorrect) "Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected." A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key. CVE-2018-20187: requires >= 2.9.0 "Introduced in 1.11.20, fixed in 2.8.0." A timing side channel during ECC key generation could leak information about the high bits of the secret scalar. Such information allows an attacker to perform a brute force attack on the key somewhat more efficiently than they would otherwise.
Diffstat (limited to 'pkgs/development/libraries/botan')
-rw-r--r-- | pkgs/development/libraries/botan/2.0.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pkgs/development/libraries/botan/2.0.nix b/pkgs/development/libraries/botan/2.0.nix index 91f7f664730..22ddb76b29b 100644 --- a/pkgs/development/libraries/botan/2.0.nix +++ b/pkgs/development/libraries/botan/2.0.nix @@ -1,9 +1,9 @@ { callPackage, ... } @ args: callPackage ./generic.nix (args // { - baseVersion = "2.7"; + baseVersion = "2.9"; revision = "0"; - sha256 = "142aqabwc266jxn8wrp0f1ffrmcvdxwvyh8frb38hx9iaqazjbg4"; + sha256 = "06fiyalvc68p11qqh953azx2vrbav5vr00yvcfp67p9l4csn8m9h"; postPatch = '' sed -e 's@lang_flags "@&--std=c++11 @' -i src/build-data/cc/{gcc,clang}.txt ''; |