python3-botan-3.11.1-1.1 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

This package contains the python bindings to libbotan's C98 interface.

Provides

• python3-botan
• python3-botan(x86-64)

Requires

• python(abi) = 3.13
• python3
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

BSD-2-Clause

Changelog

* Tue Apr 14 2026 Angel Yankov <angel.yankov@suse.com>
  - Update to 3.11.1
    * CVE-2026-35580: Resolve certificate verification bypass bug introduced in 3.11.0 (GH #5500)
    * CVE-2026-35582: Resolve TLS 1.3 client authentication bypass (GH #5599)
    * Add optimized Argon2 implementation using AVX512 (GH #5471)
    * Add optimized and constant-time Twofish implementation using AVX512/GFNI (GH #5465)
    * Add optimized and constant-time SEED implementation using AVX512/GFNI (GH #5472)
    * Add optimized and constant-time Whirlpool implementations using AVX2 and AVX512 (GH #5453 #5473)
    * Add SSSE3/NEON and AVX2 optimized codepaths for CTR (GH #5474 #5480)
    * Add constant time implementations of Camellia, ARIA, SEED and SM4 using AES-NI or ARMv8 AES instructions to implement sbox lookups (GH #5476 #5477 #5479 #5481 #5485 #5492)
    * Improve performance of the AVX512 implementation of SHA-512 especially for Clang (GH #5490)
    * Optimizations for the IDEA modular multiplication (GH #5484)
    * Fix various minor TLS conformance issues flagged by TLS-Anvil (GH #5494 #5498)
    * Fix bug in Ed25519 where an invalid signature checked with PK_Verifier might cause a later valid signature to be rejected. (GH #5454)
    * Fix a bug in handling of ECDSA DER-encode signatures where an invalid signature checked with PK_Verifier might cause a later valid signature to be   * rejected. (GH #5455)
    * Fix a problem introduced in 3.11.0 which could cause crashes on processors without SSSE3 support, particularly when compiled by GCC. (GH #5460 #5463   #5469)
    * Fix various new warnings from clang-tidy 22 (GH #5456)
    * Fix a compilation error introduced in 3.11.0 which prevented using ffi unless bcrypt was also enabled. (GH #5462)
    * Avoid a macro collision with Microsoft headers that could cause a compilation problem in amalgamation mode. (GH #5486)
    * Enable explicit_bzero, getentropy, getrandom on Hurd (GH #5488)
* Mon Nov 17 2025 Angel Yankov <angel.yankov@suse.com>
  - Bump to Botan 3.10.0
    * Add support for Ascon AEAD, hash and XOF from NIST SP 800-232 (GH #5061 #5076 #5097)
    * Add support for building with clang-cl (GH #4255)
    * Optimizations for base58 encoding and decoding (GH #5051)
    * Optimizations for SHA-3/SHAKE (GH #5133)
    * Optimizations for SEED (GH #5147)
    * Optimizations and cleanups for BLAKE2s (GH #5117)
    * Optimizations for Streebog (GH #5111)
    * Add new interface to Certificate_Store allowing search by issuer DN plus serial. (GH #5072)
    * Fix a bug preventing botan_srp6_server_session_step1 from being reinvoked (GH #5112 #5135)
    * Modify some bit operation functions to reduce risk of compilers introducing non-constant time behavior (GH #5066)
    * Add new FFI functions for loading elliptic curve keys in SEC1 format (GH #5083)
    * Add new FFI functions for viewing the value of a botan_mp_t (GH #5131)
    * New faster implementation of Jacobi function (GH #5057)
    * Add optimized integer division logic for various special cases (GH #5068 #5077)
    * Correct documentation/comments relating to the maximum output length that botan_mp_to_hex might write (GH #5131 #5129)
    * Fix an issue when trying to use CMake older than 3.18 (GH #5098 #5099)
    * Add typing hints to the Python binding (GH #5086 #5092)
    * Fix various issues flagged by the ruff Python linter (GH #5089)
    * Fix a bug in the Python binding which prevented signing raw bytes with PKSign (GH #5082)
    * Update configure to check for Fedora’s new location for trust roots (GH #5052)
    * Remove various internal references to “EME”, an obsolete term used for RSA encryption padding that originates from IEEE 1363. (GH #5055)
    * Fix various typos in the source and documentation (GH #5071 #5075 #5114)
    * Add a .devcontainer setup (GH #5094)
    For full release notes, see: https://botan.randombit.net/news.html#version-3-10-0-2025-11-06
* Fri Aug 22 2025 Angel Yankov <angel.yankov@suse.com>
  - Bump to Botan 3.9.0
    * Add SHA-1 implementation using AVX2/BMI2 (GH #4852)
    * Add Camellia implementation using GFNI/AVX2 (GH #4848)
    * Add SHACAL2 implementation using AVX512 (GH #4878)
    * The eFrodoKEM TLS 1.3 ciphersuites have changed the suite code to match changes in OQS. (GH #4900)
    * Add support for TLS 1.2 NULL cipher suites. These suites are disabled in the build by default, enable tls_null module to use. (GH #4776)
    * Add support for X.509 extensions from RFC 3779 (GH #4699 #4883 #4884 #4886)
    * Elliptic curve improvements (GH #4841 #4934 #4935 #4937 #4949 $4953 #4991)
    * Add EC_Scalar::hash following RFC 9380’s hash_to_field (GH #4950)
    * Modify the OID lookup system to use a static switch for builtin OIDs. (GH #4896 #4888)
    * Optimizations for X448 and Ed448 (GH #5037)
    * Modify BOTAN_CLEAR_CPUID so that clearing ssse3 also disables AVX2/AVX512 (GH #4853)
    * Remove various internal references to “EMSA”, an obsolete term used for RSA signature padding that originates from IEEE 1363. (GH #5008 #5024)
    For full release notes, see: https://botan.randombit.net/news.html#version-3-9-0-2025-08-05
* Tue Jun 17 2025 Angel Yankov <angel.yankov@suse.com>
  - Bump to 3.8.1
    * Discussion has started regarding plans for Botan4, current ETA 2027.
    * Ongoing elliptic curve optimizations and cleanups
    * Add support for SM4 instructions added in upcoming Intel processors
    * Add support for extended private keys in ML-KEM to handle certain implementations which do not use the seed encoding.
    * Add support for SHA-512 instructions added in upcoming Intel processors
    * The SHA-1 implementation using SSE2 has been extended to support NEON and LoongArch LSX.
    * The default TLS policy now prefers AES/GCM over ChaCha20Poly1305
    * Add support for TLS 1.3 post-quantum KEM secp384r1/ML-KEM-1024
    For a full changelog, see: https://botan.randombit.net/news.html#version-3-8-1-2025-05-07
* Wed Mar 12 2025 Angel Yankov <angel.yankov@suse.com>
  - Botan 3.7.1, latest stable release
    * Revert a change that prevented build.h from being usable from C applications.
    * Add post-quantum scheme Classic McEliece
    * In TLS enable the hybrid x25519/ML-KEM-768 post quantum secure key exchange by default for clients and servers.
    * Support for the pre-standard Kyber-r3 key exchange has been removed from TLS
    * In TLS add support for “pure” ML-KEM key exchange, in addition to the existing hybrid ML-KEM + EC suites.
    * Add new EC key constructors
    * Internal EC optimizations and improvements
    * Fix a regression introduced in 3.6.0 which would cause many P-521 secret keys to be rejected as invalid due to not having the expected length.
    * Fix a bug preventing parsing of OCSP responses containing more than one pinned certificate
    * TPM 2.0 improvements
    * Fix a build issue when compiling with MSVC on ARM
    * Find full changelog at: https://botan.randombit.net/news.html
* Tue Nov 05 2024 Stephan Hemeier <Sauerlandlinux@gmx.de>
  - Botan 3.6.1, the latest stable release of the Botan 3 series
    * Notice: Botan 3.7.0 will remove support for the currently supported experimental Kyber r3 TLS ciphersuites, leaving only the standardized ML-KEM suites. (GH #4407 #4403)
    * Fix a bug in x86 CPUID detection introduced in 3.6.0 which would cause crashes on systems which have BMI1 but not BMI2. (GH #4402 #4401)
    * Fix a bug in SLH-DSA signing, which did not default to the FIPS required randomized variant. (GH #4398)
    * Modify how elliptic curve blinding is performed, reducing the number of self-additions that may occur during multiplication. (GH #4408)
    * In speed command line utility, also iterate keygen several times. (GH #4381)
* Fri Oct 25 2024 Angel Yankov <angel.yankov@suse.com>
  - Botan 3.6.0, the latest stable release of the Botan 3 series
    * Fully integrate and further optimize the new ECC library first introduced in 3.5.0. For common curves, operations are 2 to 3 times faster. This also introduces a new API for low level EC operations, such a point multiplication, using EC_Scalar and EC_AffinePoint types
    * Add support for AVX2-VAES instructions
    * Add support for new ECC curves
    * Fix: CVE-2024-50382
    For full changelog, see: https://botan.randombit.net/news.html#version-3-6-0-2024-10-21
* Tue Jul 30 2024 Andreas Stieger <andreas.stieger@gmx.de>
  - Botan 3.5.0, the latest stable release of the Botan 3 series
    * TLS 1.3 supported
    * large header cleanup compared to v2
    * start support of Post Quantum Crypto
    * removed: CAST-256, MISTY1, Kasumi, DESX, XTEA, PBKDF1, MCEIES,
      CBC-MAC, Tiger, CECPQ1, and NewHope
  - The legacy Botan 2 series moved to Botan2 source package. It is
    EOL at the end of 2024.
* Mon Jul 15 2024 Angel Yankov <angel.yankov@suse.com>
  - Update to 2.19.5:
    * Fix multiple Denial of service attacks due to X.509 cert processing:
    * CVE-2024-34702 - bsc#1227238
    * CVE-2024-34703 - bsc#1227607
    * CVE-2024-39312 - bsc#1227608
    * Fix a crash in OCB
    * Fix a test failure in compression with certain versions of zlib
    * Fix some iterator debugging errors in TLS CBC decryption.
    * Avoid a miscompilation in ARIA when using XCode 14
* Fri Nov 17 2023 Marcus Meissner <meissner@suse.com>
  - remove botan binary (moves to Botan3)

Files

/usr/lib64/python3.13/site-packages/botan3.py
/usr/share/licenses/python3-botan
/usr/share/licenses/python3-botan/license.txt

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Apr 21 22:32:08 2026