From a04cac15f34ab5d2538d1313db5ab1a596b6a7369828de9277aaa6a4b97e4796 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <lnussel@suse.com>
Date: Tue, 26 Jan 2021 08:02:09 +0000
Subject: [PATCH] Accepting request 863932 from
 home:dirkmueller:branches:Base:System

- update to 0.23.22 (bsc#1180064, bsc#1180065, bsc#1180066):
 * Fix memory-safety issues that affect the RPC protocol
   (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered
   and fixed by David Cook
 * anchor: Prefer persistent format when storing anchor [PR#329]
 * common: Fix infloop in p11_path_build [PR#326, PR#327]
 * proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [PR#325]
 * common: Check for a NULL locale before freeing it [PR#321]
 * proxy: Do not assign duplicate slot IDs [PR#282]
 * common: Get program name based on executable path if possible [PR#307]
 * anchor: Exit with non-zero code, if any error occurs [PR#304]
 * Build and test fixes

OBS-URL: https://build.opensuse.org/request/show/863932
OBS-URL: https://build.opensuse.org/package/show/Base:System/p11-kit?expand=0&rev=41
---
 p11-kit-0.23.20.tar.xz     |   3 ---
 p11-kit-0.23.20.tar.xz.sig | Bin 580 -> 0 bytes
 p11-kit-0.23.22.tar.xz     |   3 +++
 p11-kit-0.23.22.tar.xz.sig | Bin 0 -> 580 bytes
 p11-kit.changes            |  16 ++++++++++++++++
 p11-kit.spec               |  18 ++++++------------
 6 files changed, 25 insertions(+), 15 deletions(-)
 delete mode 100644 p11-kit-0.23.20.tar.xz
 delete mode 100644 p11-kit-0.23.20.tar.xz.sig
 create mode 100644 p11-kit-0.23.22.tar.xz
 create mode 100644 p11-kit-0.23.22.tar.xz.sig

diff --git a/p11-kit-0.23.20.tar.xz b/p11-kit-0.23.20.tar.xz
deleted file mode 100644
index 760481f..0000000
--- a/p11-kit-0.23.20.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:14d86024c3dfd6b967d9bc0b4ec7b2973014fe7423481f4d230a1a63b8aa6104
-size 822588
diff --git a/p11-kit-0.23.20.tar.xz.sig b/p11-kit-0.23.20.tar.xz.sig
deleted file mode 100644
index adad05fabf12044527a94ae30d32db09a579a1bcf8caff1792586596c15076ab..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 580
zcmV-K0=xZ*0zm`-0SEvq79j*iA|=DLZ#0LW$VqJ01%!^*=9qB>0$wq<It?6kWo~ak
zXKr;aZ*pe<3JDO_1%!^*=9qDBX%GDxZznz<q4NPV_1!~RFirYZqnp9zX<1Z{j1WXc
zq1vXV`|}+B;<%k)TU7<TVV>o*#3b?q^D%lTb~IrfwVW*$3jk(XVm71YsiIb*c@H6h
z)uWFya_OO&Ypb@Xq9v}z+P1Ko@zN8g_xD$|Xn6Yi0Y01BZy}msnL#S!%M}rtD8X&R
zAdI}yZS<F%MD#m+yea_I`PLDj6J<$G5aM3CVbrdAeakUdoGXkI$Z~A1m8}Ku96RkS
zUp;W6Up1#EyO0(FKo+RIVnUX)6gJ!TU}(DjlaWE$eK(mghaz6j*u|h&G}hGX8zG+A
zhyh?vgTgXt`w(VI8tRhxtd(tb3w+h7DF%=~OAcOo;4hF$1$CyE!K0-$CHnHP{(t<o
zOPc?XH{}~Z3GutwI&Ss@tyt3RTRG$246yQ=QW6pk&=Arp`VV%(@P@A**k5^mU|qHk
z*E}Eu0ykc3Mhv(3<h&MFXeq%K!dzQ34uxVH-eU2ufx*OaA@Ef<acyy?8~0Qkob(<M
zPjsM2A7j(oh4^wFWAZ2)8AN*n6#u<jRFI>=wZknB-@u^LU&$^!Ac~oTgf6$7KfvGX
zr}~5Jtxy$Qx>Nj(#yg&>b%xEwQQQ#5D3uhDm>RHvV=2Ntp%x-0)g{itN|x;#2kWe4
S7+;SIs)k0F^l$gFJ&BhJpA<^~

diff --git a/p11-kit-0.23.22.tar.xz b/p11-kit-0.23.22.tar.xz
new file mode 100644
index 0000000..45a14f4
--- /dev/null
+++ b/p11-kit-0.23.22.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8a8f40153dd5a3f8e7c03e641f8db400133fb2a6a9ab2aee1b6d0cb0495ec6b6
+size 830016
diff --git a/p11-kit-0.23.22.tar.xz.sig b/p11-kit-0.23.22.tar.xz.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..70497e6b44e6f492154c344264b7b8080d128862b06dcbc445a050220cc6c76f
GIT binary patch
literal 580
zcmV-K0=xZ*0zm`-0SEvq79j*iA|=DLZ#0LW$VqJ01%!^*=9qB>0$<a!+6^3aWo~ak
zXKr;aZ*pe<3JDO_1%!^*=9qClU=ROUdT$?u|1&#|@h5Z~>%}}<i=@oDm@>C%`sX#k
z@+EO&X5M!|dst(0s5|j5m1?1%0~dJ`75%cn3J#s=x=}o1hsqG&!AGl(hlLx07ZB6p
zX^{axJG#awb}+EUx;PXz?{6idTYHZLv}<d+=+dpT)~D#dylAXl3w8VRB4w@L^gs-?
z-sqgw9N7ZA$J#wjgNB?ywO-t-)S=lU7Q$ni?t!%mPC;RV%=eW)KD^k45qX$>TmG@>
z(W`r-gPNK=pF4l})bSf{<_QJQ+Q7p*#q+fCSP@s5EeuqXn|x)J5PcnZ^V8NQCUC}z
zckYB6Rl!(biwMPzMwFZ~^=L&`-(f7ZxY_<<jL^Kx1h_!=G_2kqcs%!)KEMm+bAd*3
zT?16>trH*LCoj-nr+1ROgzJI_YQg+o#?Ft<q;(b=LlUz}D*$5go^<S%7HE_S=~-$Z
zPa-XMe3wP|JpcniPMSPGReoji*z-gO>lO@J#aWiAT9>PZ29zN7%qwJ8eV+g%FOc0@
zT9W8O6&5X5wDgoxl*+tugScihD|p#TPFd)hKrqgA=O0Z<!)Wp50*Y9`$Zm6Fhyo&!
z6B|9LC$YvEbQgr$RvBbM2~~nDy&RZq0`5L)zMISq^0o<cqf?NRt66F<!Yi{(c~vHZ
Sz|4^>E(`hlkT_mj7a!0wWfMdI

literal 0
HcmV?d00001

diff --git a/p11-kit.changes b/p11-kit.changes
index af33eca..46ac2bb 100644
--- a/p11-kit.changes
+++ b/p11-kit.changes
@@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Sun Jan 17 23:39:49 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 0.23.22 (bsc#1180064, bsc#1180065, bsc#1180066):
+ * Fix memory-safety issues that affect the RPC protocol
+   (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered
+   and fixed by David Cook
+ * anchor: Prefer persistent format when storing anchor [PR#329]
+ * common: Fix infloop in p11_path_build [PR#326, PR#327]
+ * proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [PR#325]
+ * common: Check for a NULL locale before freeing it [PR#321]
+ * proxy: Do not assign duplicate slot IDs [PR#282]
+ * common: Get program name based on executable path if possible [PR#307]
+ * anchor: Exit with non-zero code, if any error occurs [PR#304]
+ * Build and test fixes
+
 -------------------------------------------------------------------
 Mon Oct  5 13:19:09 UTC 2020 - Ludwig Nussel <lnussel@suse.de>
 
diff --git a/p11-kit.spec b/p11-kit.spec
index 7a4bd86..a9571f4 100644
--- a/p11-kit.spec
+++ b/p11-kit.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package p11-kit
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -21,7 +21,7 @@
 %define trustdir_cfg     %{pkidir_cfg}/trust
 %define trustdir_static  %{pkidir_static}/trust
 Name:           p11-kit
-Version:        0.23.20
+Version:        0.23.22
 Release:        0
 Summary:        Library to work with PKCS#11 modules
 License:        BSD-3-Clause
@@ -134,14 +134,12 @@ ln -s ../../sbin/update-ca-certificates %{buildroot}%{_libexecdir}/%{name}/p11-k
 export NO_BRP_STALE_LINK_ERROR=yes # *grr*
 
 %check
-make %{?_smp_mflags} check
+%make_build check
 
 %post -n libp11-kit0 -p /sbin/ldconfig
-
 %postun -n libp11-kit0 -p /sbin/ldconfig
 
 %files
-%defattr(-,root,root)
 %dir %{_libdir}/pkcs11
 %dir %{_datadir}/%{name}
 %dir %{_datadir}/%{name}/modules
@@ -160,7 +158,6 @@ make %{?_smp_mflags} check
 %{_libexecdir}/%{name}/p11-kit-extract-trust
 
 %files -n libp11-kit0
-%defattr(-,root,root)
 %license COPYING
 # Package the example conf file as documentation. Like this we're sure that we will
 # not introduce conflicts with this version of the library and future ones.
@@ -172,15 +169,13 @@ make %{?_smp_mflags} check
 %{_libdir}/p11-kit-proxy.so
 
 %files tools
-%defattr(-,root,root)
 %{_bindir}/p11-kit
 %{_bindir}/trust
-%{_mandir}/man1/trust.1.gz
-%{_mandir}/man5/pkcs11.conf.5.gz
-%{_mandir}/man8/p11-kit.8.gz
+%{_mandir}/man1/trust.1%{?ext_man}
+%{_mandir}/man5/pkcs11.conf.5%{?ext_man}
+%{_mandir}/man8/p11-kit.8%{?ext_man}
 
 %files devel
-%defattr(-,root,root)
 %{_rpmmacrodir}/macros.%{name}
 %{_includedir}/p11-kit-1/
 %{_libdir}/libp11-kit.so
@@ -190,7 +185,6 @@ make %{?_smp_mflags} check
 %doc %{_datadir}/gtk-doc/html/p11-kit/
 
 %files nss-trust
-%defattr(-,root,root)
 %{_libdir}/libnssckbi.so
 
 %files server