Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
opensc
opensc.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File opensc.spec of Package opensc
# # spec file for package opensc # # Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: opensc BuildRequires: docbook-xsl-stylesheets BuildRequires: gcc10 BuildRequires: libtool BuildRequires: libxslt BuildRequires: openssl-devel BuildRequires: pcsc-lite-devel BuildRequires: pkg-config BuildRequires: readline-devel URL: https://github.com/OpenSC/OpenSC/wiki Version: 0.13.0 Release: 0 Summary: Smart Card Utilities License: LGPL-2.1-or-later Group: Productivity/Security Source: %{name}-%{version}.tar.bz2 Source1: %{name}-ADVISORIES Source2: %{name}-rpmlintrc # PATCH-FIX_UPSTREAM opensc-fixed-out-of-bounds-reads.patch https://github.com/OpenSC/OpenSC/commit/8fe377e93b4b56060e5bbfb6f3142ceaeca744fa -- Security issues identified by fuzzing. Patch1: opensc-fixed-out-of-bounds-reads.patch # PATCH-FIX_UPSTREAM opensc-fixed-out-of-bounds-writes.patch https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad -- Fixed out-of-bounds writes in several files. Patch2: opensc-fixed-out-of-bounds-writes.patch # PATCH-FIX_UPSTREAM opensc-iasecc-fixed-unbound-recursion.patch https://github.com/OpenSC/OpenSC/commit/03628449b75a93787eb2359412a3980365dda49b -- iasecc: fixed unbound recursion. Patch3: opensc-iasecc-fixed-unbound-recursion.patch # PATCH-FIX_UPSTREAM opensc-added-bounds-checking.patch https://github.com/OpenSC/OpenSC/commit/83f45cda2af16b65264103fbe0394fd422f0120d -- Added bounds checking to sc_simpletlv_read_tag(). Patch4: opensc-added-bounds-checking.patch # PATCH-FIX_UPSTREAM opensc-CVE-2019-6502.patch https://github.com/OpenSC/OpenSC/commit/0d7967549751b7032f22b437106b41444aff0ba9 -- Small memory leak fix. Patch5: opensc-CVE-2019-6502.patch # PATCH-FIX_UPSTREAM opensc-0_13_0-CVE-2020-26570.patch https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e -- buffer overflow in sc_oberthur_read_file Patch6: opensc-0_13_0-CVE-2020-26570.patch # PATCH-FIX_UPSTREAM opensc-0_13_0-CVE-2020-26572.patch https://github.com/OpenSC/OpenSC/commit/9d294de90d1cc66956389856e60b6944b27b4817 -- prevent out of bounds write Patch7: opensc-0_13_0-CVE-2020-26572.patch # PATCH-FIX_UPSTREAM opensc-0_13_0-CVE-2020-26571.patch https://github.com/OpenSC/OpenSC/commit/ed55fcd2996930bf58b9bb57e9ba7b1f3a753c43 - fix stack-based overflow Patch8: opensc-0_13_0-CVE-2020-26571.patch # PATCH-FIX_UPSTREAM opensc-0_13_0-CVE-2019-15946.patch https://github.com/OpenSC/OpenSC/commit/a3fc7693f3a035a8a7921cffb98432944bb42740 - out of bounds access Patch9: opensc-0_13_0-CVE-2019-15946.patch # PATCH-FIX_UPSTREAM opensc-0_13_0-CVE-2019-15945.patch https://github.com/OpenSC/OpenSC/commit/412a6142c27a5973c61ba540e33cdc22d5608e68 - out of bounds access Patch10: opensc-0_13_0-CVE-2019-15945.patch # PATCH-FIX_UPSTREAM opensc-0_13_0-CVE-2019-19479.patch https://github.com/OpenSC/OpenSC/commit/c3f23b836e5a1766c36617fe1da30d22f7b63de2 - fixed UNKNOWN READ Patch11: opensc-0_13_0-CVE-2019-19479.patch Patch12: opensc-fix-segfault-when-no-card.patch Patch13: opensc-0_13_0-CVE-2021-42782.patch # PATCH-FIX_UPSTREAM opensc-tcos-bound-check.patch bsc1192005 CVE-2021-42780 tcos: Fix use after return https://github.com/OpenSC/OpenSC/commit/5df913b7 Patch14: opensc-tcos-bound-check.patch # PATCH-FIX_UPSTREAM opensc-oberthur-return-values.patch bsc1191992 CVE-2021-42779 oberthur: Fix use after free https://github.com/OpenSC/OpenSC/commit/1db88374 Patch15: opensc-oberthur-return-values.patch # PATCH-FIX_UPSTREAM opensc-oberthur-overflow1.patch bsc1192000 CVE-2021-42781 oberthur: Fix multiple heap buffer overflows https://github.com/OpenSC/OpenSC/commit/17d8980c Patch16: opensc-oberthur-overflow1.patch # PATCH-FIX_UPSTREAM opensc-oberthur-memory-init.patch bsc1192000 CVE-2021-42781 oberthur: Fix multiple heap buffer overflows https://github.com/OpenSC/OpenSC/commit/40c50a3a Patch17: opensc-oberthur-memory-init.patch # PATCH-FIX_UPSTREAM opensc-oberthur-overflow2.patch bsc1192000 CVE-2021-42781 oberthur: Fix multiple heap buffer overflows https://github.com/OpenSC/OpenSC/commit/05648b06 Patch18: opensc-oberthur-overflow2.patch # PATCH-FIX_UPSTREAM opensc-oberthur-overflow3.patch bsc1192000 CVE-2021-42781 oberthur: Fix multiple heap buffer overflows https://github.com/OpenSC/OpenSC/commit/5d4daf6c Patch19: opensc-oberthur-overflow3.patch # PATCH-FIX_UPSTREAM opensc-oberthur-invalid-length.patch bsc1192000 CVE-2021-42781 oberthur: Fix multiple heap buffer overflows https://github.com/OpenSC/OpenSC/commit/cae5c71f Patch20: opensc-oberthur-invalid-length.patch # PATCH-FIX-UPSTREAM: bsc#1211894, CVE-2023-2977 out of bounds read in pkcs15 cardos_have_verifyrc_package() Patch21: opensc-CVE-2023-2977.patch # PATCH-FIX-UPSTREAM: bsc#1215761 CVE-2023-40661: multiple memory issues with pkcs15-init (enrollment tool) Patch22: opensc-CVE-2023-40661-1of8.patch Patch23: opensc-CVE-2023-40661-2of8.patch Patch24: opensc-CVE-2023-40661-3of8.patch Patch25: opensc-CVE-2023-40661-4of8.patch Patch26: opensc-CVE-2023-40661-5of8.patch Patch27: opensc-CVE-2023-40661-6of8.patch Patch28: opensc-CVE-2023-40661-7of8.patch Patch29: opensc-CVE-2023-40661-8of8.patch # PATCH-FIX-UPSTREAM: bsc#1219386 CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1 padding Patch30: opensc-CVE-2023-5992.patch # PATCH-FIX-UPSTREAM: bsc#1230364 CVE-2024-844: fixes Heap buffer overflow in pgp_calculate_and_store_fingerprint Patch31: opensc-CVE-2024-8443.patch # PATCH-FIX-UPSTREAM: bsc#1230071 CVE-2024-45615: opensc: pkcs15init: Usage of uninitialized values in libopensc and pkcs15init Patch32: opensc-CVE-2024-45615.patch # PATCH-FIX-UPSTREAM: bsc#1230072 CVE-2024-45616: opensc: Uninitialized values after incorrect check or usage of APDU response values in libopensc Patch33: opensc-CVE-2024-45616.patch # PATCH-FIX-UPSTREAM: bsc#1230073 CVE-2024-45617: opensc: Uninitialized values after incorrect or missing checking return values of functions in libopensc Patch34: opensc-CVE-2024-45617.patch # PATCH-FIX-UPSTREAM: bsc#1230074 CVE-2024-45618: opensc: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init Patch35: opensc-CVE-2024-45618.patch # PATCH-FIX-UPSTREAM: bsc#1230075 CVE-2024-45619: opensc: Incorrect handling length of buffers or files in libopensc Patch36: opensc-CVE-2024-45619.patch # PATCH-FIX-UPSTREAM: bsc#1230076 CVE-2024-45620: opensc: Incorrect handling of the length of buffers or files in pkcs15init Patch37: opensc-CVE-2024-45620.patch Requires: pcsc-lite # There is no more devel package. Obsoletes: opensc-devel < %{version} # This package is not supported any more. Last appeared in openSUSE 11.3, never appeared in SLE: Obsoletes: opensc-java <= 0.2.2 BuildRoot: %{_tmppath}/%{name}-%{version}-build %description OpenSC provides a set of utilities to access smart cards. It mainly focuses on cards that support cryptographic operations. It facilitates their use in security applications such as mail encryption, authentication, and digital signature. OpenSC implements the PKCS#11 API. Applications supporting this API, such as Mozilla Firefox and Thunderbird, can use it. OpenSC implements the PKCS#15 standard and aims to be compatible with every software that does so, too. Before purchasing any cards, please read carefully documentation on the web pageonly some cards are supported. Not only card type matters, but also card version, card OS version and preloaded applet. Only subset of possible operations may be supported for your card. Card initialization may require third party proprietary software. Authors: -------- Juha Yrjölä <jyrjola@cc.hut.fi> Antti Tapaninen <aet@cc.hut.fi> Timo Teräs <timo.teras@iki.fi> Olaf Kirch <okir@suse.de> %prep %setup -q cp -a %{S:1} ADVISORIES %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch9 -p1 %patch10 -p1 %patch11 -p1 %patch12 -p1 %patch13 -p1 %patch14 -p1 %patch15 -p1 %patch16 -p1 %patch17 -p1 %patch18 -p1 %patch19 -p1 %patch20 -p1 %patch21 -p1 %patch22 -p1 %patch23 -p1 %patch24 -p1 %patch25 -p1 %patch26 -p1 %patch27 -p1 %patch28 -p1 %patch29 -p1 %patch30 -p1 %patch31 -p1 %patch32 -p1 %patch33 -p1 %patch34 -p1 %patch35 -p1 %patch36 -p1 %patch37 -p1 %build export CC="gcc-10" export CXX="g++-10" %if %suse_version > 1100 autoreconf -f -i %endif %configure\ --docdir=%{_docdir}/%{name}\ --disable-static\ --enable-doc make %{?jobs:-j%jobs} %install mkdir -p $RPM_BUILD_ROOT%{_sysconfdir} mkdir -p $RPM_BUILD_ROOT%{_libdir}/pkcs11 %makeinstall cp COPYING ADVISORIES ChangeLog README $RPM_BUILD_ROOT%{_docdir}/%{name} # Private library. rm $RPM_BUILD_ROOT%{_libdir}/libopensc.so %clean rm -rf $RPM_BUILD_ROOT %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %files %defattr(-,root,root) %doc %dir %{_docdir}/%{name} %doc %{_docdir}/%{name}/ADVISORIES %doc %{_docdir}/%{name}/ChangeLog %doc %{_docdir}/%{name}/COPYING %doc %{_docdir}/%{name}/NEWS %doc %{_docdir}/%{name}/README %doc %{_docdir}/%{name}/tools.html %{_bindir}/* %{_datadir}/opensc # Note: .la and .so must be in the main package, required by ltdl: %{_libdir}/*.la %{_libdir}/*.so %dir %{_libdir}/pkcs11 %{_libdir}/pkcs11/*.so %doc %{_mandir}/man?/*.* %config %{_sysconfdir}/opensc.conf # This is a private library. There is no reason to split it to libopensc* package. %{_libdir}/libopensc.so.* %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor