gnu: Go standard crypto library: Update to 0.0.0-3.b7391e9 [security fixes]. - ~cnx/guix

diff options

author	Leo Famulari <leo@famulari.name>	2019-03-26 18:36:30 -0400
committer	Leo Famulari <leo@famulari.name>	2019-04-02 13:07:03 -0400
commit	9c1b4316dcf2673dc62dae21bee0f5e52217bf63 (patch)
tree	9bd079ef0581ee6f4afb22ede669bc10799e004c /tests/guix-hash.sh
parent	4a136536e831e6299200174af287236ec8e5b7f3 (diff)
download	guix-9c1b4316dcf2673dc62dae21bee0f5e52217bf63.tar.gz

gnu: Go standard crypto library: Update to 0.0.0-3.b7391e9 [security fixes].

Fixes a vulnerability in 'golang.org/x/crypto/salsa20' where, if more than 256
GiB of keystream is generated, or if the counter otherwise grows greater than 32
bits, the amd64 implementation will first generate incorrect output, and then
cycle back to previously generated keystream.

https://go.googlesource.com/crypto/+/b7391e95e576cacdcdd422573063bc057239113d

* gnu/packages/golang.scm (go-golang-org-x-crypto-bcrypt,
go-golang-org-x-crypto-blowfish, go-golang-org-x-crypto-pbkdf2,
go-golang-org-x-crypto-tea, go-golang-org-x-crypto-salsa20,
go-golang-org-x-crypto-cast5, go-golang-org-x-crypto-twofish,
go-golang-org-x-crypto-xtea, go-golang-org-x-crypto-ed25519,
go-golang-org-x-crypto-ripemd160, go-golang-org-x-crypto-blake2s,
go-golang-org-x-crypto-sha3, go-golang-org-x-crypto-ssh-terminal): Update to
0.0.0-3.b7391e9.
(go-golang-org-x-crypto-blake2s)[propagated-inputs]: Add
go-golang-org-x-sys-cpu.
(go-golang-org-x-crypto-blowfish, go-golang-org-x-crypto-pbkdf2,
go-golang-org-x-crypto-tea, go-golang-org-x-crypto-salsa20,
go-golang-org-x-crypto-cast5, go-golang-org-x-crypto-twofish,
go-golang-org-x-crypto-xtea, go-golang-org-x-crypto-ssh-terminal):
Inherit from go-golang-org-x-crypto-bcrypt.

Diffstat (limited to 'tests/guix-hash.sh')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: