87 lines
3.5 KiB
Plaintext
87 lines
3.5 KiB
Plaintext
-------------------------------------------------------------------
|
|
Fri Jul 26 15:38:40 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>
|
|
|
|
- Update to 0.6.2.3:
|
|
* disable RSA PKCS 1.5 by default
|
|
* avoid using empty prototypes; support Clang 15 and XCode 14.3
|
|
* build shared library on Cygwin by adding -no-undefined to LDFLAGS
|
|
* reformat using clang-format-18.1.3
|
|
* regenerate autoconf files using autoconf 2.72
|
|
* update github actions to avoid warnings
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 18 08:40:48 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com>
|
|
|
|
- Switch to OpenIDC fork of cjose
|
|
- Update to 0.6.2.2:
|
|
* use fixed authentication tag length of 16 octets in AES GCM decryption
|
|
* avoid use of assert
|
|
* fix make on srcdir != builddir
|
|
- Update to 0.6.2.1:
|
|
* preserve key order in cjose_header_get_raw as well
|
|
* fix a memory leak in cjose_jws_import() for invalid JWS
|
|
* don't use STACK_ALLOC in cjose_concatkdf_derive
|
|
- Update to 0.6.2.0:
|
|
* add support for A128GCM and A192GCM encryption
|
|
* extract cjose_jwe_encrypt_iv to allow explicit IV
|
|
* allow compilation against OpenSSL 3 with #define OPENSSL_API_COMPAT 0x10000000L
|
|
* cleanup some warnings about \param lines in header files
|
|
* preserve key order in order to be able to compare serialized JWTs
|
|
* minor updates for conformance
|
|
* check that JWE object has any CEK at all, return error if it doesn't
|
|
* fix double free on decrypt ek rsa padding failure
|
|
* replace calls to free() with cjose_get_dealloc() in _cjose_jws_build_hdr
|
|
* fix buffer overflow in test_cjose_jwe_multiple_recipients
|
|
* use fixed size of IV size of 16 bytes for AES-CBC
|
|
* fix memory leak already addressed in cjose_jws_build_dig_sha when a JWS is reused for validation
|
|
* compile against older versions of check
|
|
* rename free() to free_func() in struct key_fntable for memory leak detectors
|
|
* check result of cek = cjose_get_alloc()(cek_len) in jwe.c
|
|
- Fix CVE-2023-37464, AES GCM decryption routine incorrectly uses the Tag
|
|
length from the actual Authentication Tag, bsc#1213385
|
|
- Remove unneeded patches:
|
|
* cjose-0.6.1-concatkdf.patch
|
|
* cjose-ck_assert_bin_eq.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 6 11:26:40 UTC 2023 - Marcus Meissner <meissner@suse.com>
|
|
|
|
- disable depreacted declarations warnings for openssl 3 for now.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 30 13:57:50 UTC 2019 - Kristyna Streitova <kstreitova@suse.com>
|
|
|
|
- add cjose-0.6.1-concatkdf.patch to fix concatkdf failures on big
|
|
endian architectures [bsc#1149887]
|
|
- re-enable tests on s390
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 9 14:41:41 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
|
|
|
|
- Fix a bug in an assert message macro
|
|
* add cjose-ck_assert_bin_eq.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Sep 8 19:01:22 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
|
|
|
|
- Temporarily disable tests on s390 as they are broken there
|
|
(bsc#1149887)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 27 13:54:00 UTC 2018 - vcizek@suse.com
|
|
|
|
- update to 0.6.1
|
|
- packaged as a dependency for apache2-mod_auth_openidc which was
|
|
requested in fate#323817
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 13 10:25:46 UTC 2017 - christof.hanke@mpcdf.mpg.de
|
|
|
|
- update to version 0.5.1
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 2 01:08:42 UTC 2016 - crrodriguez@opensuse.org
|
|
|
|
- Initial version
|
|
|