Open kloczek opened 3 years ago
I second this request, for the same reason. I've been talking with @sjaeckel on irc about this already quite some time ago and afaiu some steps toward a release have been made, but it did not materialized yet.
we also need a new release.
Hello all,
Is there a current development for the library or it stopped by the last release in 2018? I hope @sjaeckel gives a current status for development. Thanks
@babelouest could you please check whether we could still make it for debian 12 if we tagged either
I don't think so, but still asking whether it'd maybe be worth the effort...
Hello @sjaeckel ,
I've tested both branches master and add-pem-support
. They both build and package fine, and the autopkgtests pass too.
In the branch add-pem-support
, I have some warnings but they don't make the build to fail since there seem to be the compile flag -Werror -Wall
not present.
Both branches are in the salsa repo:
Do you want to run other tests with the debian package?
I've tested both branches master and
add-pem-support
. They both build and package fine, and the autopkgtests pass too.
Cool, thanks.
Could you please check https://github.com/libtom/libtommath/issues/418#issuecomment-1369023525 and recreate what @dod38fr did with the two library versions? I'm nearly certain that ltc would also need an ABI major bump, which in turn would also mean that we won't be able to bring it to Bookworm!?
Indeed, the symbols file will have a huge change, I haven't seen it yesterday. The library will probably need a transition process before migrating to testing.
Due to the timing, I'm not sure the new version will be available in Bookworm though, because it requires a new release, then the new package will need to go through the NEW queue process.
And no new transition will be possible after jan 12th due to first stage of freeze.
@sjaeckel is there an upcoming release for libtomcrypt in the near future?
I'm also looking for a new release that includes the fix for CVE-2019-17362 (see https://github.com/libtom/libtomcrypt/issues/507)
I will have a look next week.
Dear @libtom team,
We are in 2024, the latest release build is 1.18.2 (2018-07-02) - 6 years, 2 moths soon:
It is time to create a new release build with CVE-2019-17362 fix!
Thanks in advance.
PS: Thanks to @kloczek for this ticket from 2021-04-19 - 3 years, 4 months already.
FTR: even though @kloczek is right and this library should get a new release - I've blocked @Neustradamus from this organisation and all the others I have access to.
A short version of why: https://github.com/sjaeckel/sjaeckel.github.io/issues/1
Is it possible to make new release soon? I'm asking because lat latest perl CryptX seems is using featires which are not included in 1.18.2 and are only available in commits added after last release. Here is build fail log on building perl CryptX against libtomcrypt 1.18.2.