Hello community, here is the log from the commit of package libtasn1 for openSUSE:Factory checked in at 2017-06-16 10:48:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libtasn1 (Old) and /work/SRC/openSUSE:Factory/.libtasn1.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libtasn1" Fri Jun 16 10:48:07 2017 rev:42 rq:502798 version:4.12 Changes: -------- --- /work/SRC/openSUSE:Factory/libtasn1/libtasn1.changes 2016-08-25 09:51:43.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libtasn1.new/libtasn1.changes 2017-06-16 10:48:08.019663072 +0200 @@ -1,0 +2,29 @@ +Sun Jun 4 19:41:21 UTC 2017 - [email protected] + +- libtasn1 4.12: + * Corrected so-name version +- includes changes in 4.11: + * Introduce the ASN1_TIME_ENCODING_ERROR error code to indicate + an invalid encoding in the DER time fields. + * Introduced flag ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME. This flag + allows decoding errors in time fields even when in strict DER mode. + That is introduced in order to allow toleration of invalid times in + X.509 certificates (which are common) even though strict DER adherence + is enforced in other fields. + * Added safety check in asn1_find_node(). That prevents a crash + when a very long variable name is provided by the developer. + Note that this to be exploited requires controlling the ASN.1 + definitions used by the developer, i.e., the 'name' parameter of + asn1_write_value() or asn1_read_value(). The library is + not designed to protect against malicious manipulation of the + developer assigned variable names +- includes changes from 4.10: + * Updated gnulib + * Removed -Werror from default compiler flags + (drop patch 0001-configure-don-t-add-Werror-to-build-flags.patch) + * Fixed undefined behavior when negating integers in _asn1_ltostr(). + * Pass the correct length to _asn1_get_indefinite_length_string in + asn1_get_length_ber. This addresses reading 1-byte past the end + of data. + +------------------------------------------------------------------- @@ -7,0 +37 @@ +- fate#322523 @@ -55,0 +86 @@ + * Only assign a value if the previous node has one (bsc#961491). Old: ---- 0001-configure-don-t-add-Werror-to-build-flags.patch libtasn1-4.9.tar.gz libtasn1-4.9.tar.gz.sig New: ---- libtasn1-4.12.tar.gz libtasn1-4.12.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libtasn1.spec ++++++ --- /var/tmp/diff_new_pack.0tQKk3/_old 2017-06-16 10:48:08.851545975 +0200 +++ /var/tmp/diff_new_pack.0tQKk3/_new 2017-06-16 10:48:08.859544849 +0200 @@ -1,7 +1,7 @@ # # spec file for package libtasn1 # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define somajor 6 Name: libtasn1 -Version: 4.9 +Version: 4.12 Release: 0 Summary: ASN.1 parsing library License: LGPL-2.1+ and GPL-3.0 @@ -29,13 +29,6 @@ # http://josefsson.org/key.txt Source2: %{name}.keyring Source99: baselibs.conf -Patch0: 0001-configure-don-t-add-Werror-to-build-flags.patch -# for patch0 0001-configure-don-t-add-Werror-to-build-flags.patch -BuildRequires: autoconf -BuildRequires: automake -BuildRequires: help2man -BuildRequires: libtool -# BuildRequires: info BuildRequires: pkgconfig Requires(post): %{install_info_prereq} @@ -69,12 +62,8 @@ %prep %setup -q -%patch0 -p1 %build -# for patch0 0001-configure-don-t-add-Werror-to-build-flags.patch -autoreconf -fiv -# %configure --disable-static make %{?_smp_mflags} V=1 ++++++ libtasn1-4.9.tar.gz -> libtasn1-4.12.tar.gz ++++++ ++++ 14882 lines of diff (skipped)
