2025-08-13 14:06:07 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Aug 12 14:14:19 UTC 2025 - Antonio Teixeira <antonio.teixeira@suse.com>
|
|
|
|
|
|
|
|
|
|
- Update to 0.6.2.4:
|
|
|
|
|
* fix memory leak in ECDH-ES JWE encryption/decryption in jwe.c
|
|
|
|
|
* fix rsa_q = NULL initialization in _RSA_private_fields in jwk.c
|
|
|
|
|
* fix memory allocation check (typo) in jwk.c
|
|
|
|
|
* fix gcc10 errors for -Werror=ignored-qualifiers and remove unused includes
|
|
|
|
|
* re-generate automake/autoconf files with automake v1.17 and libtool v2.5.4
|
|
|
|
|
|
2024-09-30 12:04:05 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Jul 26 15:38:40 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>
|
|
|
|
|
|
|
|
|
|
- Update to 0.6.2.3:
|
|
|
|
|
* disable RSA PKCS 1.5 by default
|
|
|
|
|
* avoid using empty prototypes; support Clang 15 and XCode 14.3
|
|
|
|
|
* build shared library on Cygwin by adding -no-undefined to LDFLAGS
|
|
|
|
|
* reformat using clang-format-18.1.3
|
|
|
|
|
* regenerate autoconf files using autoconf 2.72
|
|
|
|
|
* update github actions to avoid warnings
|
|
|
|
|
|
2023-07-18 09:28:43 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jul 18 08:40:48 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com>
|
|
|
|
|
|
|
|
|
|
- Switch to OpenIDC fork of cjose
|
|
|
|
|
- Update to 0.6.2.2:
|
|
|
|
|
* use fixed authentication tag length of 16 octets in AES GCM decryption
|
|
|
|
|
* avoid use of assert
|
|
|
|
|
* fix make on srcdir != builddir
|
|
|
|
|
- Update to 0.6.2.1:
|
|
|
|
|
* preserve key order in cjose_header_get_raw as well
|
|
|
|
|
* fix a memory leak in cjose_jws_import() for invalid JWS
|
|
|
|
|
* don't use STACK_ALLOC in cjose_concatkdf_derive
|
|
|
|
|
- Update to 0.6.2.0:
|
|
|
|
|
* add support for A128GCM and A192GCM encryption
|
|
|
|
|
* extract cjose_jwe_encrypt_iv to allow explicit IV
|
|
|
|
|
* allow compilation against OpenSSL 3 with #define OPENSSL_API_COMPAT 0x10000000L
|
|
|
|
|
* cleanup some warnings about \param lines in header files
|
|
|
|
|
* preserve key order in order to be able to compare serialized JWTs
|
|
|
|
|
* minor updates for conformance
|
|
|
|
|
* check that JWE object has any CEK at all, return error if it doesn't
|
|
|
|
|
* fix double free on decrypt ek rsa padding failure
|
|
|
|
|
* replace calls to free() with cjose_get_dealloc() in _cjose_jws_build_hdr
|
|
|
|
|
* fix buffer overflow in test_cjose_jwe_multiple_recipients
|
|
|
|
|
* use fixed size of IV size of 16 bytes for AES-CBC
|
|
|
|
|
* fix memory leak already addressed in cjose_jws_build_dig_sha when a JWS is reused for validation
|
|
|
|
|
* compile against older versions of check
|
|
|
|
|
* rename free() to free_func() in struct key_fntable for memory leak detectors
|
|
|
|
|
* check result of cek = cjose_get_alloc()(cek_len) in jwe.c
|
|
|
|
|
- Fix CVE-2023-37464, AES GCM decryption routine incorrectly uses the Tag
|
|
|
|
|
length from the actual Authentication Tag, bsc#1213385
|
|
|
|
|
- Remove unneeded patches:
|
|
|
|
|
* cjose-0.6.1-concatkdf.patch
|
|
|
|
|
* cjose-ck_assert_bin_eq.patch
|
|
|
|
|
|
2023-02-07 15:24:35 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Feb 6 11:26:40 UTC 2023 - Marcus Meissner <meissner@suse.com>
|
|
|
|
|
|
|
|
|
|
- disable depreacted declarations warnings for openssl 3 for now.
|
|
|
|
|
|
2019-10-31 12:46:49 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Oct 30 13:57:50 UTC 2019 - Kristyna Streitova <kstreitova@suse.com>
|
|
|
|
|
|
|
|
|
|
- add cjose-0.6.1-concatkdf.patch to fix concatkdf failures on big
|
|
|
|
|
endian architectures [bsc#1149887]
|
|
|
|
|
- re-enable tests on s390
|
|
|
|
|
|
2019-09-15 07:04:03 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Sep 9 14:41:41 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
|
|
|
|
|
|
|
|
|
|
- Fix a bug in an assert message macro
|
|
|
|
|
* add cjose-ck_assert_bin_eq.patch
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sun Sep 8 19:01:22 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
|
|
|
|
|
|
|
|
|
|
- Temporarily disable tests on s390 as they are broken there
|
|
|
|
|
(bsc#1149887)
|
|
|
|
|
|
2018-05-15 10:38:33 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Apr 27 13:54:00 UTC 2018 - vcizek@suse.com
|
|
|
|
|
|
|
|
|
|
- update to 0.6.1
|
|
|
|
|
- packaged as a dependency for apache2-mod_auth_openidc which was
|
|
|
|
|
requested in fate#323817
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Dec 13 10:25:46 UTC 2017 - christof.hanke@mpcdf.mpg.de
|
|
|
|
|
|
|
|
|
|
- update to version 0.5.1
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Nov 2 01:08:42 UTC 2016 - crrodriguez@opensuse.org
|
|
|
|
|
|
|
|
|
|
- Initial version
|
|
|
|
|
|
