a9f61c5855
- Update to version 0.26.0
Security
* CVE-2024-45615: Usage of uninitialized values in libopensc#
and pkcs15init (#3225).
* CVE-2024-45616: Uninitialized values after incorrect check or
usage of APDU response values in libopensc (#3225)
* CVE-2024-45617: Uninitialized values after incorrect or missing
checking return values of functions in libopensc (#3225)
* CVE-2024-45618: Uninitialized values after incorrect or missing
checking return values of functions in pkcs15init (#3225)
* CVE-2024-45619: Incorrect handling length of buffers or files
in libopensc (#3225)
* CVE-2024-45620: Incorrect handling of the length of buffers or
files in pkcs15init (#3225)
* CVE-2024-8443: Heap buffer overflow in OpenPGP driver when
generating key (#3219)
General improvements
* Fix reselection of DF after error in PKCS#15 layer (#3067)
* Unify OpenSSL logging throughout code (#2922)
* Extend the p11test to support kryoptic (#3141)
* Fix for error in PCSC reconnection (#3150)
* Fixed various issues reported by OSS-Fuzz and Coverity in
drivers, PKCS#11 and PKCS#15 layer
PKCS#15
* Documentation for PKCS#15 profile files (#3132)
minidriver
* Support PinCacheAlwaysPrompt usable for PIV cards (#3167)
pkcs11-tool
* Show URI when listing token information (#3125) and objects
* Do not limit size of objects to 5000 bytes (#3174)
OBS-URL: https://build.opensuse.org/request/show/1224304
OBS-URL: https://build.opensuse.org/package/show/security:chipcard/opensc?expand=0&rev=90