Overview

File _patchinfo of Package patchinfo.18273

<patchinfo incident="18273">
  <issue tracker="jsc" id="SLE-14723"/>
  <issue tracker="bnc" id="1179319">SLES 15 SP3 Beta1 -  Two additional fixes for openCryptoki 3.15.1</issue>
  <issue tracker="bnc" id="1182120">SLES 15 SP3 Beta4 - openCryptoki: pkcscca migration fails with usr/sb2 is not a valid slot ID</issue>
  <issue tracker="bnc" id="1182190">SLES 15 SP3 - Opencryptoki 3.15: token_specific_sha_update() causes segmentation fault in main_arena () from /usr/lib64/libc.so.6 (opencryptoki)</issue>
  <issue tracker="jsc" id="ECO-2377"/>
  <issue tracker="bnc" id="1182726">p11sak list-key segfault</issue>
  <issue tracker="bnc" id="1185976">SLES 15 SP3 / SLES 15 SP2 / SLES 15 SP1 - openCryptoki: Soft token does not check if an EC key is valid</issue>
  <issue tracker="bnc" id="1188879">SLES 15 SP3 / SLES 15 SP2: pkcstok_migrate leaves options with multiple strings in opencryptoki.conf file options without double-quotes (openCryptoki)</issue>
  <packager>markkp</packager>
  <rating>moderate</rating>
  <category>recommended</category>
  <summary>Recommended update for openCryptoki</summary>
  <description>This update for openCryptoki fixes the following issues:

- Fixed a bug where the pkcscca migration fails with usr/sb2 is not a valid slot ID (bsc#1182120)
- Fixed a segmentation fault of the sess_opstate test on the Soft Token (bsc#1182190)
- Fixed a segmentation fault of the p11sak list-key (bsc#1182726)
- Fixed an issue when soft token does not check if an EC key is valid. (bsc#1185976)
- Fixed an issue when the rendered config file incompatible and opencryptoki slot daemon is not able to start up again after migration. (bsc#1188879)

Upgraded from version 3.12.1 to 3.15.1 (jsc#SLE-14723)

- Conform to PKCS 11 3.0 Baseline Provider profile
- Introduce new vendor defined interface named "Vendor IBM"
- Support C_IBM_ReencryptSingle via "Vendor IBM" interface
- CCA: support key wrapping
- SOFT: support ECC
- p11sak tool: add remove-key command
- EP11: Dilitium support stage 2
- Common: Rework on process, thread, btree and object locking
- TPM, ICA, ICSF: support multiple token instances
- new tool p11sak
- EP11: Dilithium support
- EP11: EdDSA support
- EP11: support RSA-OAEP with non-SHA1 hash and MGF
- Fix compiling with C++ (bsc#1179319)
- Added error message handling for p11sak remove-key command. (bsc#1179319)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places