From owner-cvs-all@FreeBSD.ORG Sat Feb 18 08:42:08 2006 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3FFF116A420; Sat, 18 Feb 2006 08:42:08 +0000 (GMT) (envelope-from aaron@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0EE3843D48; Sat, 18 Feb 2006 08:42:08 +0000 (GMT) (envelope-from aaron@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k1I8g7oQ006026; Sat, 18 Feb 2006 08:42:07 GMT (envelope-from aaron@repoman.freebsd.org) Received: (from aaron@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k1I8g7Gb006025; Sat, 18 Feb 2006 08:42:07 GMT (envelope-from aaron) Message-Id: <200602180842.k1I8g7Gb006025@repoman.freebsd.org> From: Aaron Dalton Date: Sat, 18 Feb 2006 08:42:07 +0000 (UTC) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: HEAD Cc: Subject: cvs commit: ports/security/p5-Crypt-CBC Makefile distinfo X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Feb 2006 08:42:08 -0000 aaron 2006-02-18 08:42:07 UTC FreeBSD ports repository Modified files: security/p5-Crypt-CBC Makefile distinfo Log: - update from v2.15 to v2.17 Approved by: tobez (implicit) 2.17 Mon Jan 9 18:22:51 EST 2006 -IMPORTANT NOTE: Versions of this module prior to 2.17 were incorrectly using 8 byte IVs when generating the old-style RandomIV style header (as opposed to the new-style random salt header). This affects data encrypted using the Rijndael algorithm, which has a 16 byte blocksize, and is a significant security issue. The bug has been corrected in versions 2.17 and higher by making it impossible to use 16-byte block ciphers with RandomIV headers. You may still read legacy encrypted data by explicitly passing the -insecure_legacy_decrypt option to Crypt::CBC->new(). -The salt, iv and key are now reset before each complete encryption cycle. This avoids inadvertent reuse of the same salt. -A new -header option has been added that allows you to select among the various types of headers, and avoids the ambiguity of having multiple interacting options. -A new random_bytes() method provides access to /dev/urandom on suitably-equipped hardware. 2.16 Tue Dec 6 14:17:45 EST 2005 - Added two new options to new(): -keysize => Force the keysize -- useful for Blowfish -blocksize => Force the blocksize -- not known to be useful ("-keysize=>16" is necessary to decrypt OpenSSL messages encrypted with Blowfish) Revision Changes Path 1.20 +1 -1 ports/security/p5-Crypt-CBC/Makefile 1.10 +3 -3 ports/security/p5-Crypt-CBC/distinfo