File opensc.changes of Package opensc.33796

Overview Repositories Revisions Requests Users Attributes Meta

File opensc.changes of Package opensc.33796

-------------------------------------------------------------------
Tue Apr 16 02:41:59 UTC 2024 - Martin Schreiner <martin.schreiner@suse.com>

- Security fix: [CVE-2023-5992, bsc#1219386]
  * Add patch:
    - opensc-CVE-2023-5992.patch
- Build with gcc10. The new patch requires 'static inline' suport.

-------------------------------------------------------------------
Wed Oct 11 07:45:38 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>

- Security Fix: [CVE-2021-42782, bsc#1191957]
  * Stack buffer overflow issues in various places
  * Add opensc-0_13_0-CVE-2021-42782.patch
  * Sourced from:
  [1] https://github.com/OpenSC/OpenSC/commit/78cdab94
  [2] https://github.com/OpenSC/OpenSC/commit/1252aca9
  [3] https://github.com/OpenSC/OpenSC/commit/ae1cf0be

-------------------------------------------------------------------
Fri Oct  6 06:49:24 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>

- Security Fix: [CVE-2023-40661, bsc#1215761]
  * opensc: multiple memory issues with pkcs15-init (enrollment tool)
  * Add patches:
    - opensc-CVE-2023-40661-1of8.patch
    - opensc-CVE-2023-40661-2of8.patch
    - opensc-CVE-2023-40661-3of8.patch
    - opensc-CVE-2023-40661-4of8.patch
    - opensc-CVE-2023-40661-5of8.patch
    - opensc-CVE-2023-40661-6of8.patch
    - opensc-CVE-2023-40661-7of8.patch
    - opensc-CVE-2023-40661-8of8.patch

-------------------------------------------------------------------
Thu Jun  1 12:55:19 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>

- Security Fix: [CVE-2023-2977, bsc#1211894]
  * opensc: out of bounds read in pkcs15 cardos_have_verifyrc_package()
  * Add opensc-CVE-2023-2977.patch

-------------------------------------------------------------------
Tue Oct 26 22:49:18 UTC 2021 - Stanislav Brabec <sbrabec@suse.com>

- tcos: Fix use after return (bsc#1192005, CVE-2021-42780,
  opensc-tcos-bound-check.patch).
- oberthur: Fix use after free (bsc#1191992, CVE-2021-42779,
  opensc-oberthur-return-values.patch).
- oberthur: Fix multiple heap buffer overflows (bsc#1192000,
  CVE-2021-42781, opensc-oberthur-overflow1.patch,
  opensc-oberthur-memory-init.patch,
  opensc-oberthur-overflow2.patch, opensc-oberthur-overflow3.patch,
  opensc-oberthur-invalid-length.patch).

-------------------------------------------------------------------
Sat Oct 23 13:32:42 UTC 2021 - Jason Sikes <jsikes@suse.com>

- bsc#1191957 - Stack buffer overflow issues in various places
  * VUL-0: CVE-2021-42782
  * opensc-0_13_0-CVE-2021-42782.patch
  * Sourced from:
  [1] https://github.com/OpenSC/OpenSC/commit/78cdab94
  [2] https://github.com/OpenSC/OpenSC/commit/1252aca9
  [3] https://github.com/OpenSC/OpenSC/commit/ae1cf0be

-------------------------------------------------------------------
Sun Jul 25 00:00:44 UTC 2021 - Jason Sikes <jsikes@suse.com>

- bsc#1114649 - Opensc software package command error
  * opensc-bsc1114649_fix_pkcs11-tool_segfault.patch
  * Fixes segmentation fault in pkcs11-tool.c

-------------------------------------------------------------------
Mon Mar 22 04:07:12 UTC 2021 - Jason Sikes <jsikes@suse.com>

- bsc#1177380 - VUL-0: CVE-2020-26571
  * gemsafe GPK smart card software driver stack-based buffer overflow
  * opensc-0_13_0-CVE-2020-26571.patch
- bsc#1149747 – VUL-1: CVE-2019-15946
  * out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry
  * opensc-0_13_0-CVE-2019-15946.patch
- bsc#1149746 – VUL-1: CVE-2019-15945
  * out-of-bounds access of an ASN.1 Bitstring in decode_bit_string
  * opensc-0_13_0-CVE-2019-15945.patch
- bsc#1158256 – VUL-1: CVE-2019-19479
  * incorrect read operation during parsing of a SETCOS file attribute
  * opensc-0_13_0-CVE-2019-19479.patch

-------------------------------------------------------------------
Sat Mar 20 05:06:19 UTC 2021 - Jason Sikes <jsikes@suse.com>

- Prevent out of bounds write
  * bsc#1177378
  * CVE-2020-26572
  * Added opensc-0_13_0-CVE-2020-26572.patch

-------------------------------------------------------------------
Wed Mar 17 01:17:35 UTC 2021 - Jason Sikes <jsikes@suse.com>

- Fix buffer overflow in sc_oberthur_read_file
  * bsc#1177364
  * CVE-2020-26570
  * Added opensc-0_13_0-CVE-2020-26570.patch

-------------------------------------------------------------------
Fri May  3 08:47:32 UTC 2019 - Marketa Calabkova <mcalabkova@suse.com>

- Added patch opensc-CVE-2019-6502.patch to fix bsc#1122756.

-------------------------------------------------------------------
Tue Oct  9 10:34:29 UTC 2018 - Marketa Calabkova <mcalabkova@suse.com>

- fixed multiple security problems (out of bound writes/reads):
    bsc#1104812
    CVE-2018-16391 (bsc#1106998)
    CVE-2018-16392 (bsc#1106999)
    CVE-2018-16393 (bsc#1108318)
    CVE-2018-16418 (bsc#1107039)
    CVE-2018-16419 (bsc#1107107)
    CVE-2018-16420 (bsc#1107097)
    CVE-2018-16422 (bsc#1107038)
    CVE-2018-16423 (bsc#1107037)
    CVE-2018-16426 (bsc#1107034)
    CVE-2018-16427 (bsc#1107033)
- added patches:
    opensc-fixed-out-of-bounds-reads.patch
    opensc-fixed-out-of-bounds-writes.patch
    opensc-iasecc-fixed-unbound-recursion.patch
    opensc-added-bounds-checking.patch (fixes security issue caused
    by opensc-fixed-out-of-bounds-writes.patch)
    (see upstream commits for more informations)

-------------------------------------------------------------------
Tue Dec  3 18:53:23 UTC 2013 - luizluca@tre-sc.gov.br

- update to version 0.13.0

-------------------------------------------------------------------
Tue Jun 12 21:00:03 UTC 2012 - mgorse@suse.com

- make needed directories before running make install

-------------------------------------------------------------------
Thu Sep 29 18:26:23 UTC 2011 - lmedinas@opensuse.org
- Updated to version 0.12.2:
  * Builds are now silent by default when OpenSC is built from 
    source on Unix.
  * Using --wait with command line tools works with 64bit Linux 
    again.
  * Greatly improved OpenPGP card support, including OpenPGP 
    2.0 cards like the one found in German Privacy Foundation 
    CryptoStick.
  * Fixed support for FINeID cards issued after 01.03.2011 with 
    2048bit keys.
  * #256: Fixed support for TCOS cards (broken since 0.12.0).
  * Added support for IDKey-cards to TCOS3 driver.
  * #361: Improved PC/SC driver to fetch the maximum PIN sizes
    from the open source CCID driver. This fixes the issue for 
    Linux/OSX with recent driver.
  * Fix FINeID cards for organizations.
  * Several smaller bugs and compiler warnings fixed

- Updated to version 0.12.1:
  * IAS-ECC 1.0.1
  * Support for cards with multiple PKCS#15 applications
  * New card driver: IAS/ECC 1.0.1
  * rutoken-tool has been deprecated and removed.
  * eidenv and piv-tool utilities now have manual pages.
  * pkcs11-tool now requires the use of --module parameter.
  * All tools can now use an ATR as an argument to --reader, 
    to skip to the card with given ATR.
  * opensc-tool -l with -v now shows information about the 
    inserted cards.
  * Creating files have an enforced upper size limit, 64K
  * Support for multiple PKCS#15 applications with different 
    AID-s. PKCS#15 applications can be listed with pkcs15-tool 
    --list-applications. Binding to a specific AID with PKCS#15 
    tools can be done with --aid.
  * Hex strings (like card ATR or APDU-s) can now be separated 
    by space, in addition to colons.
  * Pinpad readers known to be bogus are now ignored by OpenSC. 
    At the moment only "HP USB Smart Card Keyboard" is disabled.
  * Numerous compiler warnings, unused code and internal bugs 
    have been eliminated.

-------------------------------------------------------------------
Fri Jan  7 14:49:37 CET 2011 - sbrabec@suse.cz

- Updated to version 0.12.0:
  * Security fix (bnc#660109, CVE-2010-4523).
  * Only one backend is supported. openSUSE will use pcsc-lite.
  * libopensc made private, library should not be used by other
    applications. Please use generic PKCS#11 interface instead.
  * Signer plugin discontinued. Please use openssl engine_pkcs11.
  * No more depends on libassuan.
  * New card drivers.
  * Support for CardOS enhanced.
  * More changes and enhancements.
- libopensc merged back to the main package, as it is private now.

-------------------------------------------------------------------
Mon Aug 23 14:15:22 CEST 2010 - sbrabec@suse.cz

- Fixed broken opensc-fix-gcc-warnings.patch (bnc#627619).
- Simplified plugin installation.

-------------------------------------------------------------------
Tue Apr 13 14:35:32 UTC 2010 - puzel@novell.com

- update to version 0.11.13
  * Modify Rutoken S binary interfaces by Aktiv Co.
  * Muscle driver fixed (acl reading issue)
  * Many small fixes (e.g. mem leaks)
  * Compiling with openssl 1.0.0-beta fixed
  * Document integer problem in OpenSC and implement workaround
  * Improve entersafe profile to support private data objects
- Require pinentry
- add opensc-libassuan-2.patch
- add opensc-fix-gcc-warnings.patch

-------------------------------------------------------------------
Fri Jan  1 20:07:35 CET 2010 - jengelh@medozas.de

- package baselibs.conf

-------------------------------------------------------------------
Wed Aug  5 14:59:33 CEST 2009 - sbrabec@suse.cz

- Updated to version 0.11.9:
  * New rutoken_ecp driver
  * Allow more keys/certificates/files etc. with entersafe tokens
  * Updates pkcs11.h from scute fixing warnings
  * Small fixes in rutoken driver
  * Major update for piv driver with increased compatibility

-------------------------------------------------------------------
Thu Jul 30 12:45:26 CEST 2009 - sbrabec@suse.cz

- libopensc2 should not require opensc (bnc#466430).

-------------------------------------------------------------------
Thu May  7 17:52:06 CEST 2009 - sbrabec@suse.cz

- Updated to version 0.11.8:
  * Fix security problem in pkcs11-tool gen_keypair
    (PublicExponent 1) (bnc#501726)
    See http://en.opensuse.org/Smart_Cards/Advisories for more.
  * updated and improve entersafe driver. FTCOS/PK-01C cards are
    supported now, compatible with cards writen by Feitian's
    software on windows.

-------------------------------------------------------------------
Thu Apr  9 11:32:23 CEST 2009 - sbrabec@suse.cz

- Fixed undefined code (bnc#440853).
- Don't call autoreconf on older products.

-------------------------------------------------------------------
Tue Mar 17 18:01:29 CET 2009 - sbrabec@suse.cz

- Updated to version 0.11.7:
  * hide_empty_slots now on by default? small logic change?
  * ruToken driver was updated.
  * openct virtual readers reduced to 2 by default.
  * Security issue: Fix private data support. (bnc#480262,
    CVE-2009-0368)
    See http://en.opensuse.org/Smart_Cards/Advisories for more.
  * Enable lock_login by default.
  * Disable allow_soft_keygen by default.

-------------------------------------------------------------------
Wed Dec 10 12:34:56 CET 2008 - olh@suse.de

- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
  (bnc#437293)

-------------------------------------------------------------------
Thu Oct 30 12:34:56 CET 2008 - olh@suse.de

- obsolete old -XXbit packages (bnc#437293)

-------------------------------------------------------------------
Wed Sep 10 13:46:44 CEST 2008 - sbrabec@suse.cz

- Updated to version 0.11.6:
  * New support for Feitian ePass3000.
  * GemSafeV1 improved to handle key_ref other than 3.
  * Build system rewritten.
  * ruToken now supported.
  * Allow specifying application name for data objects.
  * Basic reader hotplug support.
  * PC/SC library is dynamically linked.
  * PKCS#11 provider is now installed at LIBDIR/pkcs11.
  * PKCS#11 - Number of virtual slots moved into configuration.
  * PKCS#11 - Fix fork() compliance.
  * make sign_with_decrypt hack configureable for siemens cards.

-------------------------------------------------------------------
Mon Sep  1 14:06:17 CEST 2008 - sbrabec@suse.cz

- Check validity of SSL certificates for all Siemens CardOS M4
  cards (SCA and SCB are affected as well, bnc#413496#c6).

-------------------------------------------------------------------
Thu Jul 31 12:45:11 CEST 2008 - sbrabec@suse.cz

- Fixed initialization access rights for Siemens CardOS M4, added
  a security check to pkcs15-tool (bnc#413496, CVE-2008-2235)

-------------------------------------------------------------------
Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de

- added baselibs.conf file to build xxbit packages
  for multilib support

-------------------------------------------------------------------
Thu Feb  7 17:12:02 CET 2008 - sbrabec@suse.cz

- Updated to version 0.11.4:
  * Browser plugin support
  * Support Siemens CardOS initialized cards (signing with
    decryption)
  * Add Siemens CardOS M4.2B support (experimental)
  * Support for AKIS cards added (partial)

-------------------------------------------------------------------
Thu Jul 26 13:40:30 CEST 2007 - sbrabec@suse.cz

- Updated to version 0.11.3:
  * make lots of internal functions and variables static.
  * fix 0 vs NULL in many places. fix ansi c style (void).
  * avoid variable names used also as glibc function (random etc.).
  * new code for deleting objects.
  * special hack for firefox.
  * suport for Athena APCOS cards added.
  * piv driver now supports bigger rsa keys too.
  * enabled pin caching by default.
  * use max_send_size 255 / max_recv_size 256 bytes by default.
  * increase pin buffer size to allow longer pin codes.
  * Added --read-ssk-key option to pkcs15-tool
  * use pkg-config for finding openct
  * use strlcpy function
  * use new pkcs11.h from scute with an open source license
  * add support for sha2 to pkcs15-crypt
  * add piv-tool for managing piv cards
  * add muscle driver
  * improved oberthur driver
  * add support for pcsc v2 part10
  * convert source files to utf-8
- Split package according to shared library packaging policy.

-------------------------------------------------------------------
Tue Feb 27 12:12:30 CET 2007 - mvaner@suse.cz

- Fixing dodgy use of sizeof (#238660)
  - sizeof.patch

-------------------------------------------------------------------
Mon Oct  2 18:49:35 CEST 2006 - sbrabec@suse.cz

- Updated to version 0.11.1:
  * Update for piv pkcs#15 emulation
  * Improved TCOS driver for Uni Giesen Card
  * Handle size_t printf with "%lu" and (unsigned long) cast
  * Add support for d-trust cards / improve micardo 2.1 driver

-------------------------------------------------------------------
Thu May 25 16:13:02 CEST 2006 - sbrabec@suse.cz

- Fixed build for old SuSE Linux versions.

-------------------------------------------------------------------
Thu May 11 13:00:00 CEST 2006 - sbrabec@suse.cz

- Fixed devel dependencies.

-------------------------------------------------------------------
Wed May 10 16:58:12 CEST 2006 - sbrabec@suse.cz

- Updated to version 0.11.0.

-------------------------------------------------------------------
Wed Jan 25 21:39:06 CET 2006 - mls@suse.de

- converted neededforbuild to BuildRequires

-------------------------------------------------------------------
Thu Jan  5 02:05:11 CET 2006 - ro@suse.de

- added unpackaged so-links to devel filelist

-------------------------------------------------------------------
Tue Oct 25 15:30:04 CEST 2005 - rhafer@suse.de

- added LDAP_DEPRECATED to CFLAGS to build correctly with·
  OpenLDAP 2.3

-------------------------------------------------------------------
Fri Sep  2 12:56:14 CEST 2005 - okir@suse.de

- Removed +x permissions on opensc.conf (#114849)

-------------------------------------------------------------------
Thu Jul 14 16:11:56 CEST 2005 - okir@suse.de

- Updated to latest upstream version
- Added missing documentation files (#75425)

-------------------------------------------------------------------
Fri Mar  4 11:06:48 CET 2005 - meissner@suse.de

- fixed gcc4 compilation.

-------------------------------------------------------------------
Fri Jan 21 14:43:23 CET 2005 - okir@suse.de

- Updated to latest upstream version (0.9.4)

-------------------------------------------------------------------
Thu Nov 18 15:49:34 CET 2004 - ro@suse.de

- use kerberos-devel-packages

-------------------------------------------------------------------
Mon Jul 19 14:06:10 CEST 2004 - adrian@suse.de

- fix file list

-------------------------------------------------------------------
Mon Jul 12 17:26:31 CEST 2004 - adrian@suse.de

- update to version 0.8.1

-------------------------------------------------------------------
Fri Mar 19 11:10:13 CET 2004 - okir@suse.de

- Fixed permissions and path names of some include files (#36432)

-------------------------------------------------------------------
Fri Jan 16 13:19:16 CET 2004 - kukuk@suse.de

- Add pam-devel to neededforbuild

-------------------------------------------------------------------
Sat Jan 10 15:47:57 CET 2004 - adrian@suse.de

- add %run_ldconfig and %defattr

-------------------------------------------------------------------
Mon Aug  4 11:00:27 CEST 2003 - okir@suse.de

- Build fixes for x86_64/ppc64
- use a version string other than "CVS" (#28423)

-------------------------------------------------------------------
Fri Aug  1 12:04:29 CEST 2003 - okir@suse.de

- Updated to most recent upstream snapshot

-------------------------------------------------------------------
Thu Jun 12 13:28:31 CEST 2003 - kukuk@suse.de

- Fix filelist and permissions

-------------------------------------------------------------------
Wed Jun  4 00:39:12 CEST 2003 - ro@suse.de

- added rest of static libs to devel filelist
- remove unpackaged files from buildroot

-------------------------------------------------------------------
Wed Jan 15 17:34:58 CET 2003 - ro@suse.de

- use sasl2

-------------------------------------------------------------------
Thu Dec  5 11:22:44 CET 2002 - okir@suse.de

- fixed x86_64 build problem
- updated to latest upstream

-------------------------------------------------------------------
Fri Nov 29 10:01:14 CET 2002 - okir@suse.de

- updated to current CVS snapshot

-------------------------------------------------------------------
Fri Aug  9 21:35:43 CEST 2002 - okir@suse.de

- added missing libs to files list

-------------------------------------------------------------------
Thu Jul  4 17:48:11 CEST 2002 - ro@suse.de

- added heimdal-devel to neededforbuild to make libtool happy

-------------------------------------------------------------------
Fri Jun 28 17:34:49 CEST 2002 - schwab@suse.de

- Fix bootstrap script.
- Use correct libtool macros.

-------------------------------------------------------------------
Mon May 27 19:10:07 CEST 2002 - sf@suse.de

-  @libdir@ added to Makefile.am to use correct dirs for 
   */lib */lib64

-------------------------------------------------------------------
Tue Apr 30 16:05:12 CEST 2002 - okir@suse.de

- Initial check-in

Places

File opensc.changes of Package opensc.33796

Places