Hello community, here is the log from the commit of package opensc for openSUSE:Factory checked in at 2020-12-09 22:21:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/opensc (Old) and /work/SRC/openSUSE:Factory/.opensc.new.2328 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "opensc" Wed Dec 9 22:21:58 2020 rev:47 rq:854174 version:0.21.0 Changes: -------- --- /work/SRC/openSUSE:Factory/opensc/opensc.changes 2019-08-19 21:41:55.960284058 +0200 +++ /work/SRC/openSUSE:Factory/.opensc.new.2328/opensc.changes 2020-12-09 22:21:59.295709877 +0100 @@ -1,0 +2,109 @@ +Fri Nov 27 19:27:30 UTC 2020 - Andreas Stieger <[email protected]> + +- OpenSC 0.21.0: + * CVE-2020-26571: stack-based buffer overflow in the gemsafe GPK + smart card software driver (boo#1177380) + * CVE-2020-26572: stack-based buffer overflow in the TCOS smart + card software driver (boo#1177378) + * CVE-2020-26570: heap-based buffer overflow in the Oberthur + smart card software driver (boo#1177364) + * CardOS 5.x support boo#1179291 + * Support for OAEP encryption, make SHA256 default + * New separate debug level for PIN commands + * Fix handling of card/reader insertion/removal events in pcscd + * Fixes of removed readers handling + * Fix Firefox crash because of invalid pcsc context + * PKCS#11: Return CKR_TOKEN_NOT_RECOGNIZED for not recognized cards + * Propagate ignore_user_content to PKCS#11 layer not to confuse applications + * Minidriver: Fix check of ATR length (2-to 33 characters inclusive) + * pkcs11-tool: allow using SW tokens + * opensc-explorer asn1 accepts offsets and decode records + * opensc-explorer cat accepts records + * OpenPGP: Add new ec curves supported by GNUK + * First steps supporting OpenPGP 3.4 + * OpenPGP: Add support for EC key import + * Rutoken: Add ATR for Rutoken ECP SC NFC + * Improve detection of various CardOS 5 configurations + * DNIe: Add new DNIe CA structure for the secure channel + * ePass2003: Improve ECC support + * ePass2003: Fix erase sequence + * IAS-ECC: Fix support for Idemia Cosmo cards + * IAS-ECC: PIN padding settings are now used from PKCS#15 info when available + * IAS-ECC: Added PIN-pad support for PIN unblock + * New driver for Gemalto IDPrime (only some types) + * eDo: New driver with initial support for Polish eID card (e-dowód, eDO) + * MCRD: Remove unused and broken RSA EstEID support + * TCOS: Add missing encryption certificates + * PIV: Add ATR of DOD Yubikey + * fixed PIV global pin bug + * CAC1: Support changing PIN with CAC Alt tokens +- includes changes from 0.20.0 + * CVE-2019-6502: memory leak in libopensc (boo#1122756) + * CVE-2019-15946: out-of-bounds access of an ASN.1 Octet string (boo#1149747) + * CVE-2019-15945: out-of-bounds access of an ASN.1 Bitstring (boo#1149746) + * CVE-2019-19479: incorrect read operation during parsing of a SETCOS file attribute (boo#1158256) + * CVE-2019-19480: improper free operation in sc_pkcs15_decode_prkdf_entry (boo#1158307) + * Support RSA-PSS signature mechanisms using RSA-RAW + * Added memory locking for secrets + * added support for terminal colors + * PC/SC driver: Fixed error handling in case of changing or removing the card reader + * rename md_read_only to read_only and use it for PKCS#11 and Minidriver + * allow global use of ignore_private_certificate + * PKCS#11: Implement write protection (CKF_WRITE_PROTECTED) based on the card profile + * PKCS#11: Add C_WrapKey and C_UnwrapKey implementations + * PKCS#11: Handle CKA_ALWAYS_AUTHENTICATE when creating key objects + * PKCS#11: Truncate long PKCS#11 labels with ... + * PKCS#11: Fixed recognition of a token when being unplugged and reinserted + * Minidriver: Register for CardOS5 cards + * Minidriver: Add support for RSA-PSS + * tools: Harmonize the use of option -r/--reader + * goid-tool: GoID personalization with fingerprint + * openpgp-tool: replace the options -L/--key-length with -t/--key-type + * openpgp-tool: add options -C/--card-info and -K/--key-info + * opensc-explorer: add command pin_info, extend random + * pkcs11-register: Auto-configuration of applications for use of OpenSC PKCS#11 + * pkcd11-register: Autostart + * opensc-tool: Show ATR also for cards not recognized by OpenSC + * pkcs11-spy: parse CKM_AES_GCM, EC Derive parameters + * pkcs11-spy: Add support for CKA_OTP_* and CKM_*_PSS values + * pkcs11-tool: Support for signature verification via --verify + * pkcs11-tool: Add object type secrkey for --type option + * pkcs11-tool: Implement Secret Key write object + * pkcs11-tool: Add GOSTR3410-2012 support + * pkcs11-tool: Add support for testing CKM_RSA_PKCS_OAEP + * pkcs11-tool: Add extractable option to key import + * pkcs11-tool: list more key access flags when listing keys + * pkcs11-tool: Add support for CKA_ALLOWED_MECHANISMS when creating new objects and listing keys + * pkcs15-crypt: *Handle keys with user consent + * New separate CAC1 driver using the old CAC specification (#1502) + * CardOS: Add support for 4K RSA keys in CardOS 5 + * CardOS: Fixed decryption with CardOS 5 + * Enable CoolKey driver to handle 2048-bit keys + * EstEID: add support for a minimalistic, small and fast card profile based on IAS-ECC issued since December 2018 + * GIDS Decipher fix (#1881) + * GIDS: Allow RSA 4K support + * MICARDO: Remove long expired EstEID 1.0/1.1 card support + * MyEID: Add support for unwrapping a secret key with an RSA key or secret key + * MyEID Add support for wrapping a secret key with a secret key + * Support for MyEID 4K RSA + * Support for OsEID + * Gemalto GemSafe: add new PTeID ATRs, add support for 4K RSA keys + * OpenPGP Card v3 ECC support + * Add Rutoken ECP SC + * Add Rutoken Lite + * Add SmartCard-HSM 4K ATR + * Add missing secp384r1 curve parameter + * Stacros: Fix decipher with 2.3 + * Stacros: Add ATR for 2nd gen. eGK + * Stacros: Add new ATR for 3.5 + * Stacros: Detect and allow Globalplatform PIN encoding + * Fix TCOS IDKey support + * TCOS: add encryption certificate for IDKey + * Infocamere, Postecert, Cnipa: Remove profiles + * Remove incomplete acos5 driver +- drop patches now upstream: + * opensc-0.19.0-piv_card_matching.patch + * opensc-0.19.0-redundant_logging.patch + * opensc-0.19.0-rsa-pss.patch + +------------------------------------------------------------------- Old: ---- opensc-0.19.0-piv_card_matching.patch opensc-0.19.0-redundant_logging.patch opensc-0.19.0-rsa-pss.patch opensc-0.19.0.tar.gz New: ---- opensc-0.21.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ opensc.spec ++++++ --- /var/tmp/diff_new_pack.RCoUGf/_old 2020-12-09 22:22:00.171710765 +0100 +++ /var/tmp/diff_new_pack.RCoUGf/_new 2020-12-09 22:22:00.175710769 +0100 @@ -1,7 +1,7 @@ # # spec file for package opensc # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define completionsdir %(pkg-config --variable completionsdir bash-completion) Name: opensc -Version: 0.19.0 +Version: 0.21.0 Release: 0 Summary: Smart Card Utilities License: LGPL-2.1-or-later @@ -30,18 +30,14 @@ # Register with p11-kit # https://web.archive.org/web/20111225073733/http://www.opensc-project.org/opensc/ticket/390 Source3: opensc.module -Patch1: opensc-0.19.0-rsa-pss.patch -Patch2: opensc-0.19.0-redundant_logging.patch -Patch3: opensc-0.19.0-piv_card_matching.patch BuildRequires: docbook-xsl-stylesheets -BuildRequires: libtool BuildRequires: libxslt BuildRequires: pkgconfig BuildRequires: readline-devel BuildRequires: zlib-devel BuildRequires: pkgconfig(bash-completion) -BuildRequires: pkgconfig(libpcsclite) -BuildRequires: pkgconfig(openssl) +BuildRequires: pkgconfig(libpcsclite) >= 1.8.22 +BuildRequires: pkgconfig(openssl) >= 1.0.1 Requires: pcsc-lite # There is no more devel package. Obsoletes: opensc-devel < %{version} @@ -63,18 +59,14 @@ %prep %setup -q -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 %build -autoreconf -fvi %configure \ --docdir=%{_docdir}/%{name} \ --disable-static \ --enable-doc \ --disable-silent-rules -make %{?_smp_mflags} +%make_build %install %make_install @@ -96,6 +88,7 @@ %doc %{_docdir}/%{name}/opensc.conf %{_bindir}/* %{_datadir}/applications/*.desktop +%{_sysconfdir}/xdg/autostart/pkcs11-register.desktop %{_datadir}/opensc # Note: .la and .so must be in the main package, required by ltdl: %{_libdir}/*.la ++++++ opensc-0.19.0.tar.gz -> opensc-0.21.0.tar.gz ++++++ ++++ 88276 lines of diff (skipped) _______________________________________________ openSUSE Commits mailing list -- [email protected] To unsubscribe, email [email protected] List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/[email protected]
