Overview

File opensc.spec of Package opensc.11155

#
# spec file for package opensc
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


Name:           opensc
Version:        0.18.0
Release:        0
Summary:        Smart Card Utilities
License:        LGPL-2.1-or-later
Group:          Productivity/Security
Url:            https://github.com/OpenSC/OpenSC/wiki
Source:         https://github.com/OpenSC/OpenSC/releases/download/%{version}/%{name}-%{version}.tar.gz
Source1:        baselibs.conf
Source2:        %{name}-rpmlintrc
# Register with p11-kit
# https://web.archive.org/web/20111225073733/http://www.opensc-project.org/opensc/ticket/390
Source3:        opensc.module
# PATCH-FIX-UPSTREAM opensc-desktop.patch https://github.com/OpenSC/OpenSC/issues/1402 sbrabec@suse.com -- Fix desktop file.
Patch1:         opensc-desktop.patch
# PATCH-FIX-UPSTREAM opensc-bash-completions.patch sbrabec@suse.com https://github.com/OpenSC/OpenSC/issues/1403 -- Use correct bash-completion path.
Patch2:         opensc-bash-completions.patch
# PATCH-FEATURE-OPENSUSE opensc-desktop2.patch https://github.com/OpenSC/OpenSC/issues/1402 sbrabec@suse.com -- Add GenericName to the desktop file.
Patch3:         opensc-desktop2.patch
# PATCH-FIX_UPSTREAM opensc-fixed-out-of-bounds-reads.patch https://github.com/OpenSC/OpenSC/commit/8fe377e93b4b56060e5bbfb6f3142ceaeca744fa -- Security issues identified by fuzzing.
Patch4:         opensc-fixed-out-of-bounds-reads.patch
# PATCH-FIX_UPSTREAM opensc-fixed-out-of-bounds-writes.patch https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad -- Fixed out-of-bounds writes in several files.
Patch5:         opensc-fixed-out-of-bounds-writes.patch 
# PATCH-FIX_UPSTREAM opensc-iasecc-fixed-unbound-recursion.patch https://github.com/OpenSC/OpenSC/commit/03628449b75a93787eb2359412a3980365dda49b -- iasecc: fixed unbound recursion.
Patch6:         opensc-iasecc-fixed-unbound-recursion.patch
# PATCH-FIX_UPSTREAM opensc-added-bounds-checking.patch https://github.com/OpenSC/OpenSC/commit/83f45cda2af16b65264103fbe0394fd422f0120d -- Added bounds checking to sc_simpletlv_read_tag().
Patch7:         opensc-added-bounds-checking.patch
# PATCH-FIX_UPSTREAM opensc-CVE-2019-6502.patch https://github.com/OpenSC/OpenSC/commit/0d7967549751b7032f22b437106b41444aff0ba9 -- Small memory leak fix.
Patch8:         opensc-CVE-2019-6502.patch
# PATCH-FIX_UPSTREAM opensc-0_18_0-2020-26570.patch https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e -- buffer overflow in sc_oberthur_read_file
Patch9:         opensc-0_18_0-2020-26570.patch
# PATCH-FIX_UPSTREAM opensc-0_18_0-CVE-2020-26572.patch https://github.com/OpenSC/OpenSC/commit/9d294de90d1cc66956389856e60b6944b27b4817 -- prevent out of bounds write
Patch10:        opensc-0_18_0-CVE-2020-26572.patch
# PATCH-FIX_UPSTREAM opensc-0_18_0-CVE-2020-26571.patch https://github.com/OpenSC/OpenSC/commit/ed55fcd2996930bf58b9bb57e9ba7b1f3a753c43 - fix stack-based overflow
Patch11:         opensc-0_18_0-CVE-2020-26571.patch
# PATCH-FIX_UPSTREAM opensc-0_18_0-CVE-2019-19481.patch https://github.com/OpenSC/OpenSC/commit/6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7 - improper handling of buffer limits
Patch12:         opensc-0_18_0-CVE-2019-19481.patch
# PATCH-FIX_UPSTREAM opensc-0_18_0-CVE-2019-15946.patch https://github.com/OpenSC/OpenSC/commit/a3fc7693f3a035a8a7921cffb98432944bb42740 - out of bounds access
Patch13:         opensc-0_18_0-CVE-2019-15946.patch
# PATCH-FIX_UPSTREAM opensc-0_18_0-CVE-2019-15945.patch https://github.com/OpenSC/OpenSC/commit/412a6142c27a5973c61ba540e33cdc22d5608e68 - out of bounds access
Patch14:         opensc-0_18_0-CVE-2019-15945.patch
# PATCH-FIX_UPSTREAM opensc-0_18_0-CVE-2019-19479.patch https://github.com/OpenSC/OpenSC/commit/c3f23b836e5a1766c36617fe1da30d22f7b63de2 - fixed UNKNOWN READ
Patch15:         opensc-0_18_0-CVE-2019-19479.patch
# PATCH-FIX_UPSTREAM opensc-0_18_0-CVE-2019-20792.patch https://github.com/OpenSC/OpenSC/commit/c246f6f69a749d4f68626b40795a4f69168008f4 - coolkey: Make sure the object ID is unique
Patch16:         opensc-0_18_0-CVE-2019-20792.patch
Patch17:         opensc-bsc1114649_fix_pkcs11-tool_segfault.patch
Patch18:         opensc-0_18_0-CVE-2021-42782.patch
# PATCH-FIX_UPSTREAM opensc-tcos-bound-check.patch bsc1192005 CVE-2021-42780 tcos: Fix use after return https://github.com/OpenSC/OpenSC/commit/5df913b7
Patch19:         opensc-tcos-bound-check.patch
# PATCH-FIX_UPSTREAM opensc-oberthur-return-values.patch bsc1191992 CVE-2021-42779 oberthur: Fix use after free https://github.com/OpenSC/OpenSC/commit/1db88374
Patch20:         opensc-oberthur-return-values.patch
# PATCH-FIX_UPSTREAM opensc-oberthur-overflow1.patch bsc1192000 CVE-2021-42781 oberthur: Fix multiple heap buffer overflows https://github.com/OpenSC/OpenSC/commit/17d8980c
Patch21:         opensc-oberthur-overflow1.patch
# PATCH-FIX_UPSTREAM opensc-oberthur-memory-init.patch bsc1192000 CVE-2021-42781 oberthur: Fix multiple heap buffer overflows https://github.com/OpenSC/OpenSC/commit/40c50a3a
Patch22:         opensc-oberthur-memory-init.patch
# PATCH-FIX_UPSTREAM opensc-oberthur-overflow2.patch bsc1192000 CVE-2021-42781 oberthur: Fix multiple heap buffer overflows https://github.com/OpenSC/OpenSC/commit/05648b06
Patch23:         opensc-oberthur-overflow2.patch
# PATCH-FIX_UPSTREAM opensc-oberthur-overflow3.patch bsc1192000 CVE-2021-42781 oberthur: Fix multiple heap buffer overflows https://github.com/OpenSC/OpenSC/commit/5d4daf6c
Patch24:         opensc-oberthur-overflow3.patch
# PATCH-FIX_UPSTREAM opensc-oberthur-invalid-length.patch bsc1192000 CVE-2021-42781 oberthur: Fix multiple heap buffer overflows https://github.com/OpenSC/OpenSC/commit/cae5c71f
Patch25:         opensc-oberthur-invalid-length.patch
BuildRequires:  docbook-xsl-stylesheets
BuildRequires:  libtool
BuildRequires:  libxslt
BuildRequires:  pkgconfig
BuildRequires:  readline-devel
BuildRequires:  pkgconfig(bash-completion)
BuildRequires:  pkgconfig(libpcsclite)
BuildRequires:  pkgconfig(openssl)
Requires:       pcsc-lite
# There is no more devel package.
Obsoletes:      opensc-devel < %{version}
%define completionsdir %(pkg-config --variable completionsdir bash-completion)

%description
OpenSC provides a set of utilities to access smart cards. It mainly
focuses on cards that support cryptographic operations. It facilitates
their use in security applications such as mail encryption,
authentication, and digital signature. OpenSC implements the PKCS#11
API. Applications supporting this API, such as Mozilla Firefox and
Thunderbird, can use it. OpenSC implements the PKCS#15 standard and aims
to be compatible with every software that does so, too.

Before purchasing any cards, please read carefully documentation on the
web pageonly some cards are supported. Not only card type matters, but
also card version, card OS version and preloaded applet. Only subset of
possible operations may be supported for your card. Card initialization
may require third party proprietary software.

%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1

%build
autoreconf -fvi
%configure \
  --docdir=%{_docdir}/%{name} \
  --disable-static \
  --enable-doc \
  --disable-silent-rules
make %{?_smp_mflags}

%install
%make_install
cp COPYING NEWS README %{buildroot}%{_docdir}/%{name}
# Private library.
rm %{buildroot}%{_libdir}/libopensc.so
install -D -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/pkcs11/modules/opensc.module

%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig

%files
%doc %dir %{_docdir}/%{name}
%doc %{_docdir}/%{name}/COPYING
%doc %{_docdir}/%{name}/NEWS
%doc %{_docdir}/%{name}/README
%doc %{_docdir}/%{name}/tools.html
%{_bindir}/*
%{_datadir}/applications/*.desktop
%{_datadir}/opensc
# Note: .la and .so must be in the main package, required by ltdl:
%{_libdir}/*.la
%{_libdir}/*.so*
%dir %{_libdir}/pkcs11
%{_libdir}/pkcs11/*.so
%{_libdir}/pkgconfig/opensc-pkcs11.pc
%{_mandir}/man?/*%{ext_man}
%config %{_sysconfdir}/opensc.conf
%dir %{_sysconfdir}/pkcs11
%config %{_sysconfdir}/pkcs11/modules/
# This is a private library. There is no reason to split it to libopensc* package.
%{_libdir}/libopensc.so.*
%{completionsdir}/*

%changelog
openSUSE Build Service is sponsored by
Places