Overview Repositories Revisions Requests Users Attributes Meta

Revisions of opensc

buildservice-autocommit accepted request 1166193 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 87) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) accepted request 1165704 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 86) 
- Update to verion 0.25.1
  General improvements
  * Add missing file to dist tarball to build documentation.
  minidriver
  * Fix RSA decryption with PKCS#1 v1.5 padding.
  * Fix crash when app is not set.
buildservice-autocommit accepted request 1157879 from Otto Hollmann's avatar Otto Hollmann (ohollmann) (revision 85) 
baserev update by copy to link target
Otto Hollmann's avatar Otto Hollmann (ohollmann) accepted request 1157766 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 84) 
- Build with support for libeac (OpenPACE)
buildservice-autocommit accepted request 1156889 from Otto Hollmann's avatar Otto Hollmann (ohollmann) (revision 83) 
baserev update by copy to link target
Otto Hollmann's avatar Otto Hollmann (ohollmann) accepted request 1156722 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 82) 
- Update to version 0.25.0
  Security
  * CVE-2023-5992: Fix Side-channel leaks while stripping
    encryption PKCS#1.5 padding in OpenSC.
  * CVE-2024-1454: Fix Potential use-after-free in AuthentIC driver
    during card enrollment in pkcs15init.
  General improvements
  * Remove support for old card drivers Akis, GPK, Incrypto34 and
    Westcos, disable Cyberflex driver.
  * Fix 64b to 32b conversions.
  * Improvements for the p11test.
  * Fix reader initialization without SCardControl.
  * Make RSA PKCS#1 v1.5 depadding constant-time.
  * Add option for disabling PKCS#1 v1.5 depadding (type 01 and 02)
    on the card.
  * Fixed various issues reported by OSS-Fuzz and Coverity in
    drivers, PKCS#11 and PKCS#15 layer.
- Add patch:
  * opensc-docbook-xsl-fix.patch
- Drop not longer needed patches:
  * CVE-2024-1454.patch
- Introduce subpackage for bash-completion
buildservice-autocommit accepted request 1153161 from Otto Hollmann's avatar Otto Hollmann (ohollmann) (revision 81) 
baserev update by copy to link target
Otto Hollmann's avatar Otto Hollmann (ohollmann) accepted request 1152250 from Dominique Leuenberger's avatar Dominique Leuenberger (dimstar) (revision 80) 
bnc => bsc... it's been many moons that SUSE was not part of
Novell anymore and we are not using Novell's bugzilla instance

  Fix for CVE-2024-1454 / bsc#1219868.
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) accepted request 1150515 from Martin Schreiner's avatar Martin Schreiner (mschreiner) (revision 79) 
- Add CVE-2024-1454.patch.
  Fix for CVE-2024-1454 / bnc#1219868.
buildservice-autocommit accepted request 1132880 from Otto Hollmann's avatar Otto Hollmann (ohollmann) (revision 78) 
baserev update by copy to link target
Otto Hollmann's avatar Otto Hollmann (ohollmann) accepted request 1132875 from Otto Hollmann's avatar Otto Hollmann (ohollmann) (revision 77) 
- Update to OpenSC 0.24.0:
  * Security
    - CVE-2023-40660: Fix Potential PIN bypass
      (#2806, frankmorgner/OpenSCToken#50, #2807)
    - CVE-2023-40661: Important dynamic analyzers reports
    - CVE-2023-4535: Out-of-bounds read in MyEID driver handling encryption
      using symmetric keys (f1993dc)
  * General improvements
    - Fix compatibility of EAC with OpenSSL 3.0 (#2674)
    - Enable use_file_cache by default (#2501)
    - Use custom libctx with OpenSSL >= 3.0 (#2712, #2715)
    - Fix record-based files (#2604)
    - Fix several race conditions (#2735)
    - Run tests under Valgrind (#2756)
    - Test signing of data bigger than 512 bytes (#2789)
    - Update to OpenPACE 1.1.3 (#2796)
    - Implement logout for some of the card drivers (#2807)
    - Fix wrong popup position of opensc-notify (#2901)
    - Fixed various issues reported by OSS-Fuzz and Coverity regarding card
      drivers, PKCS#11 and PKCS#15 init
  * PKCS#11
    - Check card presence state in C_GetSessionInfo (#2740)
    - Remove onepin-opensc-pkcs11 module (#2681)
    - Do not use colons in the token info label (#2760)
    - Present profile objects in all slots with the CKA_TOKEN attribute to
      resolve issues with NSS (#2928, #2924)
    - Use secure memory for PUK (#2906)
    - Don't logout to preserve concurrent access from different processes
      (#2907)
    - Add more examples to manual page (#2936)
buildservice-autocommit accepted request 1116670 from Otto Hollmann's avatar Otto Hollmann (ohollmann) (revision 76) 
baserev update by copy to link target
Otto Hollmann's avatar Otto Hollmann (ohollmann) accepted request 1116477 from Otto Hollmann's avatar Otto Hollmann (ohollmann) (revision 75) 
- Security Fix: [CVE-2023-40661, bsc#1215761]
  * opensc: multiple memory issues with pkcs15-init (enrollment tool)
  * Add patches:
    - opensc-CVE-2023-40661-1of12.patch
    - opensc-CVE-2023-40661-2of12.patch
    - opensc-CVE-2023-40661-3of12.patch
    - opensc-CVE-2023-40661-4of12.patch
    - opensc-CVE-2023-40661-5of12.patch
    - opensc-CVE-2023-40661-6of12.patch
    - opensc-CVE-2023-40661-7of12.patch
    - opensc-CVE-2023-40661-8of12.patch
    - opensc-CVE-2023-40661-9of12.patch
    - opensc-CVE-2023-40661-10of12.patch
    - opensc-CVE-2023-40661-11of12.patch
    - opensc-CVE-2023-40661-12of12.patch

- Security Fix: [CVE-2023-4535, bsc#1215763]
  * Add patches:
    - opensc-CVE-2023-4535.patch
    - opensc-NULL_pointer_fix.patch

- Security Fix: [CVE-2023-40660, bsc#1215762]
  * opensc: PIN bypass when card tracks its own login state
  * Add patches:
    - opensc-CVE-2023-40660-1of2.patch
    - opensc-CVE-2023-40660-2of2.patch
buildservice-autocommit accepted request 1090293 from Otto Hollmann's avatar Otto Hollmann (ohollmann) (revision 74) 
baserev update by copy to link target
Otto Hollmann's avatar Otto Hollmann (ohollmann) accepted request 1090292 from Otto Hollmann's avatar Otto Hollmann (ohollmann) (revision 73) 
- Security Fix: [CVE-2023-2977, bsc#1211894]
  * opensc: out of bounds read in pkcs15 cardos_have_verifyrc_package()
  * Add opensc-CVE-2023-2977.patch
buildservice-autocommit accepted request 1039187 from Jason Sikes's avatar Jason Sikes (jsikes) (revision 72) 
baserev update by copy to link target
Jason Sikes's avatar Jason Sikes (jsikes) accepted request 1038952 from Michael Ströder's avatar Michael Ströder (stroeder) (revision 71) 
Update to OpenSC 0.23.0
Jason Sikes's avatar Jason Sikes (jsikes) accepted request 932929 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 70) 
  * CVE-2019-19480: improper free operation in sc_pkcs15_decode_prkdf_entry (boo#1158307)
  * CVE-2019-20792: double free in coolkey_free_private_dat (bsc#1170809)
Jason Sikes's avatar Jason Sikes (jsikes) accepted request 932428 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 69) 
Add th tracker bug into changelog, align with 15 codestream.
Jason Sikes's avatar Jason Sikes (jsikes) accepted request 928634 from Stanislav Brabec's avatar Stanislav Brabec (sbrabec) (revision 68) 
Add refereces to security issues fixed in 0.22.0.
Displaying revisions 1 - 20 of 87
openSUSE Build Service is sponsored by
Places