Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP4:FactoryCandidates
cjose
cjose.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cjose.changes of Package cjose
------------------------------------------------------------------- Fri Jul 26 15:38:40 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com> - Update to 0.6.2.3: * disable RSA PKCS 1.5 by default * avoid using empty prototypes; support Clang 15 and XCode 14.3 * build shared library on Cygwin by adding -no-undefined to LDFLAGS * reformat using clang-format-18.1.3 * regenerate autoconf files using autoconf 2.72 * update github actions to avoid warnings ------------------------------------------------------------------- Tue Jul 18 08:40:48 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com> - Switch to OpenIDC fork of cjose - Update to 0.6.2.2: * use fixed authentication tag length of 16 octets in AES GCM decryption * avoid use of assert * fix make on srcdir != builddir - Update to 0.6.2.1: * preserve key order in cjose_header_get_raw as well * fix a memory leak in cjose_jws_import() for invalid JWS * don't use STACK_ALLOC in cjose_concatkdf_derive - Update to 0.6.2.0: * add support for A128GCM and A192GCM encryption * extract cjose_jwe_encrypt_iv to allow explicit IV * allow compilation against OpenSSL 3 with #define OPENSSL_API_COMPAT 0x10000000L * cleanup some warnings about \param lines in header files * preserve key order in order to be able to compare serialized JWTs * minor updates for conformance * check that JWE object has any CEK at all, return error if it doesn't * fix double free on decrypt ek rsa padding failure * replace calls to free() with cjose_get_dealloc() in _cjose_jws_build_hdr * fix buffer overflow in test_cjose_jwe_multiple_recipients * use fixed size of IV size of 16 bytes for AES-CBC * fix memory leak already addressed in cjose_jws_build_dig_sha when a JWS is reused for validation * compile against older versions of check * rename free() to free_func() in struct key_fntable for memory leak detectors * check result of cek = cjose_get_alloc()(cek_len) in jwe.c - Fix CVE-2023-37464, AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag, bsc#1213385 - Remove unneeded patches: * cjose-0.6.1-concatkdf.patch * cjose-ck_assert_bin_eq.patch ------------------------------------------------------------------- Mon Feb 6 11:26:40 UTC 2023 - Marcus Meissner <meissner@suse.com> - disable depreacted declarations warnings for openssl 3 for now. ------------------------------------------------------------------- Wed Oct 30 13:57:50 UTC 2019 - Kristyna Streitova <kstreitova@suse.com> - add cjose-0.6.1-concatkdf.patch to fix concatkdf failures on big endian architectures [bsc#1149887] - re-enable tests on s390 ------------------------------------------------------------------- Mon Sep 9 14:41:41 UTC 2019 - Vítězslav Čížek <vcizek@suse.com> - Fix a bug in an assert message macro * add cjose-ck_assert_bin_eq.patch ------------------------------------------------------------------- Sun Sep 8 19:01:22 UTC 2019 - Vítězslav Čížek <vcizek@suse.com> - Temporarily disable tests on s390 as they are broken there (bsc#1149887) ------------------------------------------------------------------- Fri Apr 27 13:54:00 UTC 2018 - vcizek@suse.com - update to 0.6.1 - packaged as a dependency for apache2-mod_auth_openidc which was requested in fate#323817 ------------------------------------------------------------------- Wed Dec 13 10:25:46 UTC 2017 - christof.hanke@mpcdf.mpg.de - update to version 0.5.1 ------------------------------------------------------------------- Wed Nov 2 01:08:42 UTC 2016 - crrodriguez@opensuse.org - Initial version
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor