Hello community, here is the log from the commit of package opensc for openSUSE:Factory checked in at 2018-11-10 16:54:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/opensc (Old) and /work/SRC/openSUSE:Factory/.opensc.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "opensc" Sat Nov 10 16:54:54 2018 rev:43 rq:638216 version:0.19.0 Changes: -------- --- /work/SRC/openSUSE:Factory/opensc/opensc.changes 2018-07-18 22:53:45.970995471 +0200 +++ /work/SRC/openSUSE:Factory/.opensc.new/opensc.changes 2018-11-10 16:55:03.856070352 +0100 @@ -1,0 +2,44 @@ +Thu Sep 13 13:46:43 UTC 2018 - Karol Babioch <[email protected]> + +- Update to version 0.19.0 + * Fixed multiple security problems (out of bound writes/reads): + * CVE-2018-16391 (bsc#1106998) + * CVE-2018-16392 (bsc#1106999) + * CVE-2018-16393 (bsc#1108318) + * CVE-2018-16418 (bsc#1107039) + * CVE-2018-16419 (bsc#1107107) + * CVE-2018-16420 (bsc#1107097) + * CVE-2018-16421 (bsc#1107049) + * CVE-2018-16422 (bsc#1107038) + * CVE-2018-16423 (bsc#1107037) + * CVE-2018-16424 (bsc#1107036) + * CVE-2018-16425 (bsc#1107035) + * CVE-2018-16426 (bsc#1107034) + * CVE-2018-16427 (bsc#1107033) + * Workaround cards returning short signatures without leading zeroes + * Distribute minimal opensc.conf + * `pkcs11_enable_InitToken made` global configuration option + * Modify behavior of `OPENSC_DRIVER` environment variable to restrict driver + list instead of forcing one driver and skipping vital parts of + configuration + * Removed configuration options `zero_ckaid_for_ca_certs`, + `force_card_driver`, `reopen_debug_file`, `paranoid-memory` + * Generalized configuration option `ignored_readers` + * If card initialization fails, continue card detection with other card + drivers + * reader-pcsc: allow fixing the length of a PIN + * fixed crash during `C_WaitForSlotEvent` + * Allow cancelling the PIN pad prompt before starting the reader transaction. + Whether to start the transaction immediately or not is user-configurable + for each application + * opensc-notify + * add Exit button to tray icon + * User better description (GenericName) and a generic application icon + * Do not display in the application list +- Removed patches included upstream now: + * opensc-desktop.patch + * opensc-desktop2.patch + * opensc-bash-completions.patch +- Applied spec-cleaner + +------------------------------------------------------------------- Old: ---- opensc-0.18.0.tar.gz opensc-bash-completions.patch opensc-desktop.patch opensc-desktop2.patch New: ---- opensc-0.19.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ opensc.spec ++++++ --- /var/tmp/diff_new_pack.HMLeDT/_old 2018-11-10 16:55:05.064068871 +0100 +++ /var/tmp/diff_new_pack.HMLeDT/_new 2018-11-10 16:55:05.064068871 +0100 @@ -16,25 +16,20 @@ # +%define completionsdir %(pkg-config --variable completionsdir bash-completion) Name: opensc -Version: 0.18.0 +Version: 0.19.0 Release: 0 Summary: Smart Card Utilities License: LGPL-2.1-or-later Group: Productivity/Security -Url: https://github.com/OpenSC/OpenSC/wiki +URL: https://github.com/OpenSC/OpenSC/wiki Source: https://github.com/OpenSC/OpenSC/releases/download/%{version}/%{name}-%{version}.tar.gz Source1: baselibs.conf Source2: %{name}-rpmlintrc # Register with p11-kit # https://web.archive.org/web/20111225073733/http://www.opensc-project.org/opensc/ticket/390 Source3: opensc.module -# PATCH-FIX-UPSTREAM opensc-desktop.patch https://github.com/OpenSC/OpenSC/issues/1402 [email protected] -- Fix desktop file. -Patch1: opensc-desktop.patch -# PATCH-FIX-UPSTREAM opensc-bash-completions.patch [email protected] https://github.com/OpenSC/OpenSC/issues/1403 -- Use correct bash-completion path. -Patch2: opensc-bash-completions.patch -# PATCH-FEATURE-OPENSUSE opensc-desktop2.patch https://github.com/OpenSC/OpenSC/issues/1402 [email protected] -- Add GenericName to the desktop file. -Patch3: opensc-desktop2.patch BuildRequires: docbook-xsl-stylesheets BuildRequires: libtool BuildRequires: libxslt @@ -46,7 +41,6 @@ Requires: pcsc-lite # There is no more devel package. Obsoletes: opensc-devel < %{version} -%define completionsdir %(pkg-config --variable completionsdir bash-completion) %description OpenSC provides a set of utilities to access smart cards. It mainly @@ -65,9 +59,6 @@ %prep %setup -q -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 %build autoreconf -fvi @@ -90,10 +81,12 @@ %files %doc %dir %{_docdir}/%{name} -%doc %{_docdir}/%{name}/COPYING +%license %{_docdir}/%{name}/COPYING %doc %{_docdir}/%{name}/NEWS %doc %{_docdir}/%{name}/README %doc %{_docdir}/%{name}/tools.html +%doc %{_docdir}/%{name}/files.html +%doc %{_docdir}/%{name}/opensc.conf %{_bindir}/* %{_datadir}/applications/*.desktop %{_datadir}/opensc ++++++ opensc-0.18.0.tar.gz -> opensc-0.19.0.tar.gz ++++++ ++++ 31096 lines of diff (skipped)
