commit opensc for openSUSE:Factory

Source-Sync Mon, 18 Nov 2024 11:04:13 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package opensc for openSUSE:Factory checked 
in at 2024-11-18 20:02:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/opensc (Old)
 and      /work/SRC/openSUSE:Factory/.opensc.new.2017 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "opensc"

Mon Nov 18 20:02:19 2024 rev:61 rq:1224836 version:0.26.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/opensc/opensc.changes    2024-10-02 
21:35:16.451095229 +0200
+++ /work/SRC/openSUSE:Factory/.opensc.new.2017/opensc.changes  2024-11-18 
20:03:15.746281796 +0100
@@ -1,0 +2,78 @@
+Thu Nov 14 19:35:35 UTC 2024 - Martin Hauke <[email protected]>
+
+- Update to version 0.26.0
+  Security
+  * CVE-2024-45615: Usage of uninitialized values in libopensc#
+    and pkcs15init (#3225).
+  * CVE-2024-45616: Uninitialized values after incorrect check or 
+    usage of APDU response values in libopensc (#3225)
+  * CVE-2024-45617: Uninitialized values after incorrect or missing
+    checking return values of functions in libopensc (#3225)
+  * CVE-2024-45618: Uninitialized values after incorrect or missing
+    checking return values of functions in pkcs15init (#3225)
+  * CVE-2024-45619: Incorrect handling length of buffers or files
+    in libopensc (#3225)
+  * CVE-2024-45620: Incorrect handling of the length of buffers or
+    files in pkcs15init (#3225)
+  * CVE-2024-8443: Heap buffer overflow in OpenPGP driver when
+    generating key (#3219)
+  General improvements
+  * Fix reselection of DF after error in PKCS#15 layer (#3067)
+  * Unify OpenSSL logging throughout code (#2922)
+  * Extend the p11test to support kryoptic (#3141)
+  * Fix for error in PCSC reconnection (#3150)
+  * Fixed various issues reported by OSS-Fuzz and Coverity in
+    drivers, PKCS#11 and PKCS#15 layer
+  PKCS#15
+  * Documentation for PKCS#15 profile files (#3132)
+  minidriver
+  * Support PinCacheAlwaysPrompt usable for PIV cards (#3167)
+  pkcs11-tool
+  * Show URI when listing token information (#3125) and objects
+  * Do not limit size of objects to 5000 bytes (#3174)
+  * Add support for AES CMAC (#3184)
+  * Add support for AES GCM encryption (#3195)
+  * Add support for RSA OAEP encryption (#3175)
+  * Add support for HKDF (#3193)
+  * Implement better support for wrapping and unwrapping (#3198)
+  * Add support for EdDSA sign and verify (#2979)
+  pkcs15-crypt
+  * Fix PKCS#1 encoding function to correctly detect padding type
+  piv-tool
+  * Fix RSA key generation (#3158)
+  * Avoid possible state change when matching unknown card (#3112)
+  sc-hsm-tool
+  * Cleanse buffer with plaintext key share (#3226)
+  pkcs11-register
+  * Fix pkcs11-register defaults on macOS and Windows (#3053)
+  IDPrime
+  * Fix identification of IDPrime 840 cards (#3146)
+  * Fix container mapping for IDPrime 940 cards (#3220)
+  * Reorder ATRs for matching cards (#3154)
+  OpenPGP
+  * Fix state tracking after erasing card (#3024)
+  Belpic
+  * Disable Applet V1.8 (#3109)
+  MICARDO
+  * Deactivate driver (#3152)
+  SmartCard-HSM
+  * Fix signing with secp521r1 signature (#3157)
+  eOI
+  * Set model via sc_card_ctl function (#3189)
+  Rutoken
+  * increase the minimum PIN size to support Rutoken ECP BIO.
+  JPKI
+  * Adjust parameters for public key in PKCS#15 emulator (#3182)
+  D-Trust
+  * Add support for ECDSA signatures and ECDH key agreement for
+    D-Trust Signatures Cards 4.1/4.4 (#3240, #3248)
+- Drop patches (changes now in upstream):
+  * opensc-CVE-2024-45615.patch
+  * opensc-CVE-2024-45616.patch
+  * opensc-CVE-2024-45617.patch
+  * opensc-CVE-2024-45618.patch
+  * opensc-CVE-2024-45619.patch
+  * opensc-CVE-2024-45620.patch
+  * opensc-CVE-2024-8443.patch
+
+-------------------------------------------------------------------

Old:
----
  opensc-0.25.1.tar.gz
  opensc-CVE-2024-45615.patch
  opensc-CVE-2024-45616.patch
  opensc-CVE-2024-45617.patch
  opensc-CVE-2024-45618.patch
  opensc-CVE-2024-45619.patch
  opensc-CVE-2024-45620.patch
  opensc-CVE-2024-8443.patch

New:
----
  opensc-0.26.0.tar.gz

BETA DEBUG BEGIN:
  Old:- Drop patches (changes now in upstream):
  * opensc-CVE-2024-45615.patch
  * opensc-CVE-2024-45616.patch
  Old:  * opensc-CVE-2024-45615.patch
  * opensc-CVE-2024-45616.patch
  * opensc-CVE-2024-45617.patch
  Old:  * opensc-CVE-2024-45616.patch
  * opensc-CVE-2024-45617.patch
  * opensc-CVE-2024-45618.patch
  Old:  * opensc-CVE-2024-45617.patch
  * opensc-CVE-2024-45618.patch
  * opensc-CVE-2024-45619.patch
  Old:  * opensc-CVE-2024-45618.patch
  * opensc-CVE-2024-45619.patch
  * opensc-CVE-2024-45620.patch
  Old:  * opensc-CVE-2024-45619.patch
  * opensc-CVE-2024-45620.patch
  * opensc-CVE-2024-8443.patch
  Old:  * opensc-CVE-2024-45620.patch
  * opensc-CVE-2024-8443.patch
BETA DEBUG END:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ opensc.spec ++++++
--- /var/tmp/diff_new_pack.4HhFr7/_old  2024-11-18 20:03:16.394308899 +0100
+++ /var/tmp/diff_new_pack.4HhFr7/_new  2024-11-18 20:03:16.394308899 +0100
@@ -16,10 +16,10 @@
 #
 
 
-%define sover 11
+%define sover 12
 %define completionsdir %(pkg-config --variable completionsdir bash-completion)
 Name:           opensc
-Version:        0.25.1
+Version:        0.26.0
 Release:        0
 Summary:        Smart Card Utilities
 License:        LGPL-2.1-or-later
@@ -33,19 +33,6 @@
 Source3:        opensc.module
 Patch0:         opensc-gcc11.patch
 Patch1:         opensc-docbook-xsl-fix.patch
-Patch2:         opensc-CVE-2024-8443.patch
-# PATCH-FIX-UPSTREAM: bsc#1230071 CVE-2024-45615: opensc: pkcs15init: Usage of 
uninitialized values in libopensc and pkcs15init
-Patch3:         opensc-CVE-2024-45615.patch
-# PATCH-FIX-UPSTREAM: bsc#1230072 CVE-2024-45616: opensc: Uninitialized values 
after incorrect check or usage of APDU response values in libopensc
-Patch4:         opensc-CVE-2024-45616.patch
-# PATCH-FIX-UPSTREAM: bsc#1230073 CVE-2024-45617: opensc: Uninitialized values 
after incorrect or missing checking return values of functions in libopensc
-Patch5:         opensc-CVE-2024-45617.patch
-# PATCH-FIX-UPSTREAM: bsc#1230074 CVE-2024-45618: opensc: Uninitialized values 
after incorrect or missing checking return values of functions in pkcs15init
-Patch6:         opensc-CVE-2024-45618.patch
-# PATCH-FIX-UPSTREAM: bsc#1230075 CVE-2024-45619: opensc: Incorrect handling 
length of buffers or files in libopensc
-Patch7:         opensc-CVE-2024-45619.patch
-# PATCH-FIX-UPSTREAM: bsc#1230076 CVE-2024-45620: opensc: Incorrect handling 
of the length of buffers or files in pkcs15init
-Patch8:         opensc-CVE-2024-45620.patch
 BuildRequires:  automake
 BuildRequires:  docbook-xsl-stylesheets
 BuildRequires:  libxslt

++++++ opensc-0.25.1.tar.gz -> opensc-0.26.0.tar.gz ++++++
++++ 44354 lines of diff (skipped)

commit opensc for openSUSE:Factory

Reply via email to