File oath-toolkit.changes of Package oath-toolkit_BR
-------------------------------------------------------------------
Tue Apr 4 11:07:27 UTC 2017 - AxelKoellhofer@web.de - 2.6.2
- updated to version 2.6.2
* doc:
- Version controlled source code repository moved to GitLab.
* oathtool:
- The --totp parameter now take an optional argument to specify MAC.
- For example use --totp=sha256 to use HMAC-SHA256. When --totp is used
the default HMAC-SHA1 is used, as before.
* pam_oath:
- Mention in README that you shouldn't use insecure keys.
Suggested by Robin.
- Check return value from strdup. Patch by Eero Häkkinen.
* The files 'gdoc' and 'expect.oath' are now included in the tarball.
Suggested by Jaroslav Škarvada.
* liboath:
- Support TOTP with HMAC-SHA256 and HMAC-SHA512.
- Fix 'make check' on 32-bit systems.
Report and patch by Christian Hesse.
- This adds new APIs oath_totp_generate2, oath_totp_validate4 and
oath_totp_validate4_callback.
- Fix usersfile bug that caused it to update the wrong line.
When an usersfile contain multiple lines for the same user but with an
unparseable token type (e.g., HOTP vs TOTP), the code would update the
wrong line of the file. Since the then updated line could be a
commented out line, this can lead to the same OTP being accepted
multiple times which is a security vulnerability. Reported by Bas van
Schaik <bas@sj-vs.net> and patch provided by Ilkka Virta
<itvirta@iki.fi>. CVE-2013-7322
-------------------------------------------------------------------
Sat Aug 3 14:30:19 UTC 2013 - AxelKoellhofer@web.de - 2.4.0
- updated to version 2.4.0
* liboath:
- Add new API methods for validating TOTP OTPs
The new methods (oath_totp_validate3 and oath_totp_validate3_callback)
introduce a new parameter *otp_counter, which is set to the actual
counter used to calculate the OTP (unless it is a NULL pointer). This
allows for easier OTP replay detection in applications using liboath.
Patch from Fabian Grünbichler <fabian.gruenbichler@tuwien.ac.at>.
- Permit different passwords for different tokens for the same user.
- Make header file usable from C++ (extern "C" guard).
* libpskc:
- Add functions for setting PSKC data.
The new functions are pskc_add_keypackage and all pskc_set_* functions
(see libpskc/include/pskc/keypackage.h). This allow you to write
programs that generate new PSKC structures.
Thanks to Christian Hesse <list@eworm.de>.
* build:
- Improve building from git with most recent automake and gengetopt.
Thanks to Christian Hesse <list@eworm.de>.
- Valgrind is not enabled by default.
It causes too much false positives. For developers who want, use
--enable-valgrind-tests.
It is still enabled by default when building from the version controlled sources (see cfg.mk).
Thanks to Christian Hesse <list@eworm.de>.
Reported by Alan Markus <alan.markus@gmail.com>.
- patches refreshed
-------------------------------------------------------------------
Mon May 20 09:21:51 UTC 2013 - AxelKoellhofer@web.de - 2.0.2
- build an extra oathtool package
- use seperate licensing strings for packaged binaries (GPL-3.0+) and libraries (LGPL-2.1+)
- package man3/pskc_* and man3/oath_* inside the respective library packages
-------------------------------------------------------------------
Sun May 19 23:34:18 UTC 2013 - AxelKoellhofer@web.de - 2.0.2
- enabled building of pskc packages
- spec cleanup
-------------------------------------------------------------------
Sun May 19 12:56:55 UTC 2013 - AxelKoellhofer@web.de - 2.0.2
- updated to version 2.0.2
- fixed build (removed call to autoreconf)
- split off doc package
-------------------------------------------------------------------
Fri Feb 11 00:04:02 UTC 2011 - cristian.rodriguez@opensuse.org
- Update to version 1.4.6
-------------------------------------------------------------------
Sat Feb 5 18:41:54 UTC 2011 - cristian.rodriguez@opensuse.org
- Use libgcrypt for crypto
-------------------------------------------------------------------
Sat Feb 5 14:46:45 UTC 2011 - cristian.rodriguez@opensuse.org
- Initial version
