openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of cjose

buildservice-autocommit accepted request 1099228 from

Dirk Mueller (dirkmueller) 10 months ago (revision 10)

baserev update by copy to link target

Dirk Mueller (dirkmueller) accepted request 1099220 from

Danilo Spinella (dspinella) 10 months ago (revision 9)

- Switch to OpenIDC fork of cjose
- Update to 0.6.2.2:
  * use fixed authentication tag length of 16 octets in AES GCM decryption
  * avoid use of assert
  * fix make on srcdir != builddir
- Update to 0.6.2.1:
  * preserve key order in cjose_header_get_raw as well
  * fix a memory leak in cjose_jws_import() for invalid JWS
  * don't use STACK_ALLOC in cjose_concatkdf_derive
- Update to 0.6.2.0:
  * add support for A128GCM and A192GCM encryption
  * extract cjose_jwe_encrypt_iv to allow explicit IV
  * allow compilation against OpenSSL 3 with #define OPENSSL_API_COMPAT 0x10000000L
  * cleanup some warnings about \param lines in header files
  * preserve key order in order to be able to compare serialized JWTs
  * minor updates for conformance
  * check that JWE object has any CEK at all, return error if it doesn't
  * fix double free on decrypt ek rsa padding failure
  * replace calls to free() with cjose_get_dealloc() in _cjose_jws_build_hdr
  * fix buffer overflow in test_cjose_jwe_multiple_recipients
  * use fixed size of IV size of 16 bytes for AES-CBC
  * fix memory leak already addressed in cjose_jws_build_dig_sha when a JWS is reused for validation
  * compile against older versions of check
  * rename free() to free_func() in struct key_fntable for memory leak detectors
  * check result of cek = cjose_get_alloc()(cek_len) in jwe.c
- Fix CVE-2023-37464, AES GCM decryption routine incorrectly uses the Tag
  length from the actual Authentication Tag, bsc#1213385
- Remove unneeded patches:
  * cjose-0.6.1-concatkdf.patch
  * cjose-ck_assert_bin_eq.patch

buildservice-autocommit accepted request 1063647 from

Marcus Meissner (msmeissn) about 1 year ago (revision 8)

baserev update by copy to link target

Marcus Meissner (msmeissn) accepted request 1063395 from

Marcus Meissner (msmeissn) about 1 year ago (revision 7)

- disable depreacted declarations warnings for openssl 3 for now.

buildservice-autocommit accepted request 744472 from

Adam Majer (adamm) over 4 years ago (revision 6)

baserev update by copy to link target

Adam Majer (adamm) accepted request 744265 from

Kristyna Streitova (kstreitova) over 4 years ago (revision 5)

- add cjose-0.6.1-concatkdf.patch to fix concatkdf failures on big
  endian architectures [bsc#1149887]
- re-enable tests on s390

buildservice-autocommit accepted request 731051 from

Marcus Meissner (msmeissn) over 4 years ago (revision 4)

baserev update by copy to link target

Marcus Meissner (msmeissn) accepted request 729512 from

Vítězslav Čížek (vitezslav_cizek) over 4 years ago (revision 3)

- Fix a bug in an assert message macro
  * add cjose-ck_assert_bin_eq.patch

- Temporarily disable tests on s390 as they are broken there
  (bsc#1149887)

Dominique Leuenberger (dimstar_suse) accepted request 649644 from

Kristyna Streitova (kstreitova) over 5 years ago (revision 2)

initialized devel package after accepting 649644

Adam Majer (adamm) accepted request 606426 from

Vítězslav Čížek (vitezslav_cizek) almost 6 years ago (revision 1)

New package.
It's a dependency for apache2-mod_auth_openidc which was requested in fate#323817.

Browse Source

Displaying all 10 revisions

Places

Revisions of cjose

Places