Hello community, here is the log from the commit of package yubikey-neo-manager for openSUSE:Factory checked in at 2015-06-09 08:49:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yubikey-neo-manager (Old) and /work/SRC/openSUSE:Factory/.yubikey-neo-manager.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yubikey-neo-manager" Changes: -------- --- /work/SRC/openSUSE:Factory/yubikey-neo-manager/yubikey-neo-manager.changes 2015-05-06 11:19:03.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yubikey-neo-manager.new/yubikey-neo-manager.changes 2015-06-09 08:50:26.000000000 +0200 @@ -1,0 +2,9 @@ +Tue Jun 2 14:36:22 UTC 2015 - t.gru...@katodev.de + +- Version 1.3.0 (released 2015-05-18) + - Updated applet definitions to fix incorrect OpenPGP applet version. + - Fix displaying wrong firmware version in CCID mode. + - Base U2F support on if applet is available (CCID). + - Don’t save window position as it causes problems with multi-monitor setups. + +------------------------------------------------------------------- Old: ---- yubikey-neo-manager-1.2.1.tar.gz New: ---- yubikey-neo-manager-1.3.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yubikey-neo-manager.spec ++++++ --- /var/tmp/diff_new_pack.Cidbit/_old 2015-06-09 08:50:27.000000000 +0200 +++ /var/tmp/diff_new_pack.Cidbit/_new 2015-06-09 08:50:27.000000000 +0200 @@ -17,7 +17,7 @@ Name: yubikey-neo-manager -Version: 1.2.1 +Version: 1.3.0 Release: 0 Summary: YubiKey NEO CCID Manager GUI License: BSD-2-Clause ++++++ yubikey-neo-manager-1.2.1.tar.gz -> yubikey-neo-manager-1.3.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/ChangeLog new/yubikey-neo-manager-1.3.0/ChangeLog --- old/yubikey-neo-manager-1.2.1/ChangeLog 2015-04-10 17:05:30.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/ChangeLog 2015-05-18 15:43:02.000000000 +0200 @@ -1,3 +1,52 @@ +2015-05-18 Dain Nilsson <d...@yubico.com> + + * NEWS, neoman/__init__.py: Update NEWS and version for release. + +2015-05-18 Dain Nilsson <d...@yubico.com> + + * neoman/view/main.py: Don't save window position (fixes #36). + +2015-05-18 Dain Nilsson <d...@yubico.com> + + * resources/neoman.nsi: Fix name of outfile. + +2015-05-08 Dain Nilsson <d...@yubico.com> + + * resources/neoman.spec: Sign using PIV. + +2015-05-08 Dain Nilsson <d...@yubico.com> + + * NEWS: Updated NEWS + +2015-05-08 Dain Nilsson <d...@yubico.com> + + * neoman/device.py, neoman/device_ccid.py, neoman/device_otp.py, + neoman/device_u2f.py: Don't show firmware version in CCID mode. + +2015-05-07 Dain Nilsson <d...@yubico.com> + + * NEWS: Updated NEWS. + +2015-04-28 Dain Nilsson <dain...@gmail.com> + + * README: Added OpenPGP security advisory notice. + +2015-04-24 Dain Nilsson <d...@yubico.com> + + * resources/osx-patch-ccid: Updated device list in osx-patch-ccid. + +2015-04-22 Dain Nilsson <d...@yubico.com> + + * neoman/appletdb.json: Updated appletdb. + +2015-04-14 Dain Nilsson <d...@yubico.com> + + * MANIFEST.in, NEWS, neoman/__init__.py: Bump version. + +2015-04-14 Dain Nilsson <d...@yubico.com> + + * README: Use https for link in README. + 2015-04-10 Dain Nilsson <d...@yubico.com> * neoman/__init__.py: Bump version. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/MANIFEST.in new/yubikey-neo-manager-1.3.0/MANIFEST.in --- old/yubikey-neo-manager-1.2.1/MANIFEST.in 2015-02-18 16:53:29.000000000 +0100 +++ new/yubikey-neo-manager-1.3.0/MANIFEST.in 2015-04-14 14:31:54.000000000 +0200 @@ -8,3 +8,4 @@ include scripts/*.1 include resources/* include qt_resources/* +include doc/*.adoc diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/NEWS new/yubikey-neo-manager-1.3.0/NEWS --- old/yubikey-neo-manager-1.2.1/NEWS 2015-04-10 16:51:49.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/NEWS 2015-05-18 15:39:55.000000000 +0200 @@ -1,3 +1,9 @@ +* Version 1.3.0 (released 2015-05-18) + ** Updated applet definitions to fix incorrect OpenPGP applet version. + ** Fix displaying wrong firmware version in CCID mode. + ** Base U2F support on if applet is available (CCID). + ** Don't save window position as it causes problems with multi-monitor setups. + * Version 1.2.1 (released 2015-04-10) ** Bugfix release: Fix mode switching when in U2F-only mode. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/PKG-INFO new/yubikey-neo-manager-1.3.0/PKG-INFO --- old/yubikey-neo-manager-1.2.1/PKG-INFO 2015-04-10 17:05:31.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/PKG-INFO 2015-05-18 15:43:02.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: yubikey-neo-manager -Version: 1.2.1 +Version: 1.3.0 Summary: Tool for managing your YubiKey NEO configuration. Home-page: https://github.com/Yubico/yubikey-neo-manager Author: Yubico Open Source Maintainers diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/README new/yubikey-neo-manager-1.3.0/README --- old/yubikey-neo-manager-1.2.1/README 2015-02-18 16:53:29.000000000 +0100 +++ new/yubikey-neo-manager-1.3.0/README 2015-05-18 15:39:47.000000000 +0200 @@ -4,6 +4,12 @@ Entypo pictograms by Daniel Bruce - www.entypo.com +[IMPORTANT] +==== +Yubico has learned of a security issue with the OpenPGP Card applet project that is used in the YubiKey NEO. This vulnerability applies to you only if you are using OpenPGP, and you have the OpenPGP applet version 1.0.9 or earlier. +link:https://developers.yubico.com/ykneo-openpgp/SecurityAdvisory%202015-04-14.html[SecurityAdvisory 2015-04-14] +==== + === Installation The recommended way to install this software including dependencies is by using the provided precompiled binaries for your platform. For Windows and OS X, @@ -33,7 +39,7 @@ libu2f-host projects. Create a subdirectory called "lib" in the release directory. Download the correct binary release for your architecture for each of the -aforementioned projects from http://developers.yubico.com/ and extract the +aforementioned projects from https://developers.yubico.com/ and extract the .dll/.dylib files for each of them together with the included dependencies to the "lib" directory you created previously. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/neoman/__init__.py new/yubikey-neo-manager-1.3.0/neoman/__init__.py --- old/yubikey-neo-manager-1.2.1/neoman/__init__.py 2015-04-10 16:55:07.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/neoman/__init__.py 2015-05-18 15:39:55.000000000 +0200 @@ -25,4 +25,4 @@ # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -__version__ = "1.2.1" +__version__ = "1.3.0" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/neoman/appletdb.json new/yubikey-neo-manager-1.3.0/neoman/appletdb.json --- old/yubikey-neo-manager-1.2.1/neoman/appletdb.json 2015-02-18 16:53:29.000000000 +0100 +++ new/yubikey-neo-manager-1.3.0/neoman/appletdb.json 2015-04-22 10:02:56.000000000 +0200 @@ -18,7 +18,7 @@ "description": "YubiKey OATH applet for Yubico Authenticator.", "aid": "a0000005272101", "version": "0.2.1", - "cap_url": "https://developers.yubico.com/ykneo-oath/releases/ykneo-oath-0.2.1.cap", + "cap_url": "https://developers.yubico.com/ykneo-oath/Releases/ykneo-oath-0.2.1.cap", "cap_sha1": "56e599f48ed5dcf28e370c14c118ec2db3b3e10f", "js_version": "Neo.select.slice(2,5).join('.')" }, { @@ -35,10 +35,10 @@ "name": "OpenPGP", "description": "OpenPGP applet for use with the GNU Privacy Guard.", "aid": "d27600012401", - "version": "1.0.8", - "cap_url": "https://developers.yubico.com/ykneo-openpgp/releases/ykneo-openpgp-1.0.8.cap", - "cap_sha1": "5d4902d11a87795c1f2d53e0479ac87e438f200a", - "js_version": "Neo.send_ok('00f10000').slice(0,3).join('.')" + "version": "1.0.10", + "cap_url": "https://developers.yubico.com/ykneo-openpgp/Releases/ykneo-openpgp-1.0.10.cap", + "cap_sha1": "59c71d80080fa41e38787adc8d7ba086f9a0a93c", + "js_version": "Neo.send_ok('00f10000').slice(0,3).map(function(x){return x.toString(16)}).join('.')" }, { "name": "Yubico PIV", "description": "The YubiKey PIV applet implements SP800-73-3.", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/neoman/device.py new/yubikey-neo-manager-1.3.0/neoman/device.py --- old/yubikey-neo-manager-1.2.1/neoman/device.py 2015-04-07 15:52:05.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/neoman/device.py 2015-05-18 15:39:55.000000000 +0200 @@ -48,7 +48,7 @@ @property def allowed_modes(self): - return (True, True, self.version >= (3, 3, 0)) + return (False, False, False) @property def has_ccid(self): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/neoman/device_ccid.py new/yubikey-neo-manager-1.3.0/neoman/device_ccid.py --- old/yubikey-neo-manager-1.2.1/neoman/device_ccid.py 2015-04-08 12:36:44.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/neoman/device_ccid.py 2015-05-18 15:39:55.000000000 +0200 @@ -38,8 +38,13 @@ libversion = ykneomgr_check_version(None) +U2F_SELECT_1 = '00a4040008a0000006472f0001'.decode('hex') +U2F_SELECT_2 = '00a4040007a0000005271002'.decode('hex') + + class CCIDDevice(BaseDevice): device_type = 'CCID' + version = (0, 0, 0) def __init__(self, dev, dev_str=None): self._dev = dev @@ -48,20 +53,29 @@ self._locked = True self._serial = ykneomgr_get_serialno(dev) or None self._mode = ykneomgr_get_mode(dev) - self._version = ( - ykneomgr_get_version_major(dev), - ykneomgr_get_version_minor(dev), - ykneomgr_get_version_build(dev) - ) + # self._version = ( + # ykneomgr_get_version_major(dev), + # ykneomgr_get_version_minor(dev), + # ykneomgr_get_version_build(dev) + # ) + self._supports_u2f = self._has_u2f_applet() self._apps = None self._broken = False + def _has_u2f_applet(self): + return '\x90\x00' in [self.send_apdu(U2F_SELECT_1)[-2:], + self.send_apdu(U2F_SELECT_2)[-2:]] + def check(self, status): if status != 0: self._broken = True raise YkNeoMgrError(status) @property + def allowed_modes(self): + return (True, True, self._supports_u2f) + + @property def key(self): return self._key @@ -81,10 +95,6 @@ def serial(self): return self._serial - @property - def version(self): - return self._version - def unlock(self): self._locked = True if not self._key: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/neoman/device_otp.py new/yubikey-neo-manager-1.3.0/neoman/device_otp.py --- old/yubikey-neo-manager-1.2.1/neoman/device_otp.py 2015-04-08 11:31:56.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/neoman/device_otp.py 2015-05-18 15:39:55.000000000 +0200 @@ -87,6 +87,10 @@ return self._mode @property + def allowed_modes(self): + return (True, True, self._version >= (3, 3, 0)) + + @property def serial(self): return self._serial diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/neoman/device_u2f.py new/yubikey-neo-manager-1.3.0/neoman/device_u2f.py --- old/yubikey-neo-manager-1.2.1/neoman/device_u2f.py 2015-04-10 16:51:10.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/neoman/device_u2f.py 2015-05-18 15:39:55.000000000 +0200 @@ -56,14 +56,15 @@ class U2FDevice(BaseDevice): device_type = 'U2F' + version = (0, 0, 0) allowed_modes = (True, True, True) - def __init__(self, devs, index, mode=MODE.mode_for_flags(False, False, True)): + def __init__(self, devs, index, + mode=MODE.mode_for_flags(False, False, True)): self._devs = devs self._index = index self._mode = mode self._serial = None - self._version = (0, 0, 0) @property def mode(self): @@ -73,10 +74,6 @@ def serial(self): return self._serial - @property - def version(self): - return self._version - def _sendrecv(self, cmd, data): buf_size = c_size_t(1024) resp = create_string_buffer(buf_size.value) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/neoman/qt_resources.py new/yubikey-neo-manager-1.3.0/neoman/qt_resources.py --- old/yubikey-neo-manager-1.2.1/neoman/qt_resources.py 2015-04-10 17:05:30.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/neoman/qt_resources.py 2015-05-18 15:43:02.000000000 +0200 @@ -2,7 +2,7 @@ # Resource object code # -# Created: Fri Apr 10 17:05:30 2015 +# Created: Mon May 18 15:43:02 2015 # by: The Resource Compiler for PySide (Qt v4.8.4) # # WARNING! All changes made in this file will be lost! diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/neoman/view/main.py new/yubikey-neo-manager-1.3.0/neoman/view/main.py --- old/yubikey-neo-manager-1.2.1/neoman/view/main.py 2015-02-18 16:53:29.000000000 +0100 +++ new/yubikey-neo-manager-1.3.0/neoman/view/main.py 2015-05-18 15:39:55.000000000 +0200 @@ -43,9 +43,6 @@ self.setCentralWidget(self.build_ui()) self.resize(settings.value('window/size', QtCore.QSize(0, 0))) - pos = settings.value('window/pos') - if pos: - self.move(pos) def build_ui(self): widget = QtGui.QWidget() @@ -81,7 +78,6 @@ def closeEvent(self, event): settings.setValue('window/size', self.size()) - settings.setValue('window/pos', self.pos()) event.accept() def customEvent(self, event): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/resources/neoman.nsi new/yubikey-neo-manager-1.3.0/resources/neoman.nsi --- old/yubikey-neo-manager-1.2.1/resources/neoman.nsi 2013-11-25 16:25:19.000000000 +0100 +++ new/yubikey-neo-manager-1.3.0/resources/neoman.nsi 2015-05-18 15:39:55.000000000 +0200 @@ -6,7 +6,7 @@ Name "YubiKey NEO Manager" ; The file to write -OutFile "../dist/yubikey-neo-manager-${NEOMAN_VERSION}.exe" +OutFile "../dist/yubikey-neo-manager-${NEOMAN_VERSION}-win.exe" ; The default installation directory InstallDir "$PROGRAMFILES\Yubico\YubiKey NEO Manager" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/resources/neoman.spec new/yubikey-neo-manager-1.3.0/resources/neoman.spec --- old/yubikey-neo-manager-1.2.1/resources/neoman.spec 2015-04-10 13:15:15.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/resources/neoman.spec 2015-05-18 15:39:55.000000000 +0200 @@ -8,7 +8,6 @@ import sys import re from glob import glob -from getpass import getpass NAME = "YubiKey NEO Manager" @@ -114,15 +113,8 @@ version=VERSION, icon=ICON) -pfx_pass = "" - if WIN: - if not os.path.isfile("neoman.pfx"): - print "neoman.pfx not found, not signing executable!" - else: - pfx_pass = getpass('Enter password for PFX file: ') - os.system("signtool.exe sign /f neoman.pfx /p %s /t http://timestamp.verisign.com/scripts/timstamp.dll \"%s\"" % - (pfx_pass, exe.name)) + os.system("signtool.exe sign /t http://timestamp.verisign.com/scripts/timstamp.dll \"%s\"" % exe.name) coll = COLLECT(exe, a.binaries, @@ -147,6 +139,5 @@ os.system('makensis.exe -D"NEOMAN_VERSION=%s" resources/neoman.nsi' % ver_str) installer = "dist/yubikey-neo-manager-%s-win.exe" % ver_str - os.system("signtool.exe sign /f neoman.pfx /p %s /t http://timestamp.verisign.com/scripts/timstamp.dll \"%s\"" % - (pfx_pass, installer)) + os.system("signtool.exe sign /t http://timestamp.verisign.com/scripts/timstamp.dll \"%s\"" % installer) print "Installer created: %s" % installer diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/resources/osx-patch-ccid new/yubikey-neo-manager-1.3.0/resources/osx-patch-ccid --- old/yubikey-neo-manager-1.2.1/resources/osx-patch-ccid 2015-02-18 16:53:29.000000000 +0100 +++ new/yubikey-neo-manager-1.3.0/resources/osx-patch-ccid 2015-04-24 10:27:02.000000000 +0200 @@ -7,7 +7,11 @@ ('0x1050', '0x0111', 'Yubico Yubikey NEO OTP+CCID'), ('0x1050', '0x0112', 'Yubico Yubikey NEO CCID'), ('0x1050', '0x0115', 'Yubico Yubikey NEO U2F+CCID'), - ('0x1050', '0x0116', 'Yubico Yubikey NEO OTP+U2F+CCID') + ('0x1050', '0x0116', 'Yubico Yubikey NEO OTP+U2F+CCID'), + ('0x1050', '0x0404', 'Yubico Yubikey 4 CCID'), + ('0x1050', '0x0405', 'Yubico Yubikey 4 OTP+CCID'), + ('0x1050', '0x0406', 'Yubico Yubikey 4 U2F+CCID'), + ('0x1050', '0x0407', 'Yubico Yubikey 4 OTP+U2F+CCID') ] FNAME = "/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubikey-neo-manager-1.2.1/yubikey_neo_manager.egg-info/PKG-INFO new/yubikey-neo-manager-1.3.0/yubikey_neo_manager.egg-info/PKG-INFO --- old/yubikey-neo-manager-1.2.1/yubikey_neo_manager.egg-info/PKG-INFO 2015-04-10 17:05:30.000000000 +0200 +++ new/yubikey-neo-manager-1.3.0/yubikey_neo_manager.egg-info/PKG-INFO 2015-05-18 15:43:02.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: yubikey-neo-manager -Version: 1.2.1 +Version: 1.3.0 Summary: Tool for managing your YubiKey NEO configuration. Home-page: https://github.com/Yubico/yubikey-neo-manager Author: Yubico Open Source Maintainers