OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/opensc?expand=0&rev=13

opensc-0.11.7.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f3215d440e07bdf16416b5dea148933fb8b9e0b045fdfd8376b3464e342e3362
-size 1066717

opensc-0.11.8.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0118909490608364d621898c0c33bb796e49f4b2b7327c2867772ed2d32072d6
+size 1071328

opensc-ADVISORIES

@@ -0,0 +1,14 @@
+opensc security advisories
+==========================
+
+Opensc gets regular security updates during the maintenance period like
+other packages in openSUSE and SLE.
+
+But opensc needs a special care - some of security problems cannot be
+fixed by a simple package update. You need to take a special action and
+check your cards, tokens or certificates.
+
+If you just updated from a previous version of openSUSE or SLE, don't
+forget to check for these advisories.
+
+http://en.opensuse.org/Smart_Cards/Advisories

opensc-gpk-profile.patch

@@ -1,11 +0,0 @@
---- src/pkcs15init/gpk.profile
-+++ src/pkcs15init/gpk.profile
-@@ -74,7 +74,7 @@
- 
- 	        # private data objects are stored in transparent EFs.
-                 EF privdata {
--    	            file-id	= 3300;
-+    	            file-id	= 3220;
-     	            structure	= transparent;
-     	            ACL		= *=NEVER,
- 					READ=$PIN,

opensc-pkcs15init-undefined.patch

@@ -1,41 +0,0 @@
-Index: src/pkcs15init/pkcs15-lib.c
-===================================================================
---- src/pkcs15init/pkcs15-lib.c	(revision 3605)
-+++ src/pkcs15init/pkcs15-lib.c	(revision 3661)
-@@ -3708,6 +3708,11 @@
- /*
-  * Parse OpenSC Info file. We rudely clobber any information
-  * given on the command line.
-+ *
-+ * passed is a pointer (p) to (len) bytes. Those bytes contain
-+ * one or several tag-length-value constructs, where tag and
-+ * length are both single bytes. a final 0x00 or 0xff byte
-+ * (with or without len byte) is ok.
-  */
- static int
- sc_pkcs15init_parse_info(sc_card_t *card,
-@@ -3719,11 +3724,21 @@
- 	unsigned int	nopts = 0;
- 	size_t		n;
- 
--	end = p + len;
--	while (p < end && (tag = *p++) != 0 && tag != 0xFF) {
-+	if ((p == NULL) || (len == 0))
-+		return 0;
-+
-+	end = p + (len - 1); 
-+	while (p < end) {	/* more bytes to look at */
- 		int	r = 0;
- 
--		if (p >= end || p + (n = *p++) > end)
-+		tag = *p; p++;
-+		if ((tag == 0) || (tag == 0xff) || (p >= end))
-+			break;
-+
-+		n = *p;
-+		p++;
-+
-+		if (p >= end || p + n > end) /* invalid length byte n */
- 			goto error;
- 
- 		switch (tag) {

opensc.changes

@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Thu May  7 17:52:06 CEST 2009 - sbrabec@suse.cz
+
+- Updated to version 0.11.8:
+  * Fix security problem in pkcs11-tool gen_keypair
+    (PublicExponent 1) (bnc#501726)
+    See http://en.opensuse.org/Smart_Cards/Advisories for more.
+  * updated and improve entersafe driver. FTCOS/PK-01C cards are
+    supported now, compatible with cards writen by Feitian's
+    software on windows.
+
 -------------------------------------------------------------------
 Thu Apr  9 11:32:23 CEST 2009 - sbrabec@suse.cz
 

opensc.spec

@@ -1,5 +1,5 @@
 #
-# spec file for package opensc (Version 0.11.7)
+# spec file for package opensc (Version 0.11.8)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -34,21 +34,18 @@ Obsoletes:      opensc-64bit
 %endif
 #
 Url:            http://www.opensc-project.org/opensc/
-Version:        0.11.7
+Version:        0.11.8
-Release:        2
+Release:        1
 Group:          Productivity/Security
 Summary:        OpenSC Smart Card Library
 License:        LGPL v2.1 or later
 Requires:       libopensc2 = %{version} pcsc-lite
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Source:         %{name}-%{version}.tar.bz2
+Source1:        %{name}-ADVISORIES
 # Supress all ugly warnings related to required .so and .la files in the main package:
 Source2:        %{name}-rpmlintrc
 # and also skip-check-libtool-deps (and add these dependencies to the devel package)
-# PATCH-FIX-UPSTREAM opensc-gpk-profile.patch sbrabec@suse.cz -- Fix privdata file-id clask for GPK cards.
-Patch:          opensc-gpk-profile.patch
-# PATCH-FIX-UPSTREAM opensc-pkcs15init-undefined.patch bnc440853 sbrabec@suse.cz -- Fix undefined code.
-Patch1:         opensc-pkcs15init-undefined.patch
 
 %description
 OpenSC provides a set of libraries and utilities to access smart cards.
@@ -128,8 +125,10 @@ Authors:
 
 %prep
 %setup -q
-%patch
+tr -d '\r' <doc/nonpersistent/wiki.out/trac.css >doc/nonpersistent/wiki.out/trac.css~
-%patch1
+touch -r doc/nonpersistent/wiki.out/trac.css doc/nonpersistent/wiki.out/trac.css~
+mv doc/nonpersistent/wiki.out/trac.css~ doc/nonpersistent/wiki.out/trac.css
+cp -a %{S:1} ADVISORIES
 
 %build
 %if %suse_version > 1100
@@ -147,7 +146,7 @@ make %{?jobs:-j%jobs}
 
 %install
 %makeinstall
-cp COPYING doc/nonpersistent/ChangeLog $RPM_BUILD_ROOT%{_docdir}/%{name}
+cp COPYING ADVISORIES doc/nonpersistent/ChangeLog $RPM_BUILD_ROOT%{_docdir}/%{name}
 
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -159,6 +158,7 @@ rm -rf $RPM_BUILD_ROOT
 %files
 %defattr(-,root,root)
 %doc %dir %{_docdir}/%{name}
+%doc %{_docdir}/%{name}/ADVISORIES
 %doc %{_docdir}/%{name}/ChangeLog
 %doc %{_docdir}/%{name}/COPYING
 %doc %{_docdir}/%{name}/NEWS
@@ -189,6 +189,14 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/pkgconfig/*.pc
 
 %changelog
+* Thu May 07 2009 sbrabec@suse.cz
+- Updated to version 0.11.8:
+  * Fix security problem in pkcs11-tool gen_keypair
+  (PublicExponent 1) (bnc#501726)
+  See http://en.opensuse.org/Smart_Cards/Advisories for more.
+  * updated and improve entersafe driver. FTCOS/PK-01C cards are
+  supported now, compatible with cards writen by Feitian's
+  software on windows.
 * Thu Apr 09 2009 sbrabec@suse.cz
 - Fixed undefined code (bnc#440853).
 - Don't call autoreconf on older products.