From 66962c2bd057d4c8877e37e86bef443ee5da89ea0af0b94add06810154d54cdc Mon Sep 17 00:00:00 2001
From: Paolo Perego <paolo.perego@suse.com>
Date: Thu, 20 May 2021 13:30:26 +0000
Subject: [PATCH] Accepting request 894628 from home:Simmphonie:yubico

- Update to version 1.1.1 (released 2021-05-19)
  * Fix an issue where PIN authentication could be bypassed (CVE-2021-31924).
  * Fix an issue with nodetect and non-resident credentials.
  * Fix build issues with musl libc.
  * Add support for self-attestation in pamu2fcfg.
  * Fix minor bugs found by fuzzing.

OBS-URL: https://build.opensuse.org/request/show/894628
OBS-URL: https://build.opensuse.org/package/show/security/pam_u2f?expand=0&rev=18
---
 pam_u2f-1.1.0.tar.gz     |   3 ---
 pam_u2f-1.1.0.tar.gz.sig | Bin 310 -> 0 bytes
 pam_u2f-1.1.1.tar.gz     |   3 +++
 pam_u2f-1.1.1.tar.gz.sig | Bin 0 -> 119 bytes
 pam_u2f.changes          |  10 ++++++++++
 pam_u2f.spec             |   6 +++---
 6 files changed, 16 insertions(+), 6 deletions(-)
 delete mode 100644 pam_u2f-1.1.0.tar.gz
 delete mode 100644 pam_u2f-1.1.0.tar.gz.sig
 create mode 100644 pam_u2f-1.1.1.tar.gz
 create mode 100644 pam_u2f-1.1.1.tar.gz.sig

diff --git a/pam_u2f-1.1.0.tar.gz b/pam_u2f-1.1.0.tar.gz
deleted file mode 100644
index f8b33c1..0000000
--- a/pam_u2f-1.1.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0dc3bf96ebb69c6e398b5f8991493b37a8ce1af792948af71e694f695d5edc05
-size 415677
diff --git a/pam_u2f-1.1.0.tar.gz.sig b/pam_u2f-1.1.0.tar.gz.sig
deleted file mode 100644
index 074823b38256a2f74d7bdfe5246d81af26efd4822329fe815c2050a44cf11a88..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 310
zcmV-60m=S}0W$;u0SEvc79j*FI1mGUEqh)HZ88Or%LH4~nMVNy0$*cHH~<O>5Rl6R
zThp0G0U7fM0E6?M3x}0tT12};+m?38t&f4`iEda-cg`y>nlm*>@VBkMlPCzK=;;NK
zIDFLAY-US5#iZTwrz*`Tfi0zP^#!O2SJ&=k8Yp9RYr=T6PEw#}$Z_}8^1c<`E^GdC
zqfyw`OO`gZa#s4aD=UIh7l0Qe8&C>Iiei7a)U-<-eJVq#J)0|N^5>~ipbMV5>$Aoo
zyK8C)re1{VV9AY<a8^)zU>4zBMw|WlA*7oVSph_9AOl#ZL0|D$SSJ0@1pGvj1l85y
ztCv3=uSaf*TVyIjp;f)K&YVvZDrr1ldaz}=n;3H)ae}8QyV9FSB^<0SM*gZ{)6(r;
I<j<f$C>H06ApigX

diff --git a/pam_u2f-1.1.1.tar.gz b/pam_u2f-1.1.1.tar.gz
new file mode 100644
index 0000000..14d3cc2
--- /dev/null
+++ b/pam_u2f-1.1.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b7d62340c4f49e19cca93a0d0f398e48befd3eea8f1d70cebb7f8b71f3bce38a
+size 429822
diff --git a/pam_u2f-1.1.1.tar.gz.sig b/pam_u2f-1.1.1.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..416fef0ce632a88165e6b7f96a3bc629190ea844819a8dcbdf16c893f4bef274
GIT binary patch
literal 119
zcmeAuWnmEGVvrS6WZ7K6{9klI#uDMD+%mRVo==WE*jCKSl(6J^ECUy(08C__7sLM~
zZvno-pP#<(U9;S3{<<~ur%3pplv%26yZ=|iwGTfPq8S+;A7nmvTH$<9$h%mfdrGhO
VcwMq!Hcs2GlGZJ7sMYBg699AoG_3#t

literal 0
HcmV?d00001

diff --git a/pam_u2f.changes b/pam_u2f.changes
index 7faae7b..60df8ef 100644
--- a/pam_u2f.changes
+++ b/pam_u2f.changes
@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Thu May 20 13:04:05 UTC 2021 - Torsten Gruner <t.gruner@katodev.de>
+
+- Update to version 1.1.1 (released 2021-05-19)
+  * Fix an issue where PIN authentication could be bypassed (CVE-2021-31924).
+  * Fix an issue with nodetect and non-resident credentials.
+  * Fix build issues with musl libc.
+  * Add support for self-attestation in pamu2fcfg.
+  * Fix minor bugs found by fuzzing.
+
 -------------------------------------------------------------------
 Thu Oct 15 17:59:59 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
 
diff --git a/pam_u2f.spec b/pam_u2f.spec
index 8b7d519..9474fe8 100644
--- a/pam_u2f.spec
+++ b/pam_u2f.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package pam_u2f
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:           pam_u2f
-Version:        1.1.0
+Version:        1.1.1
 Release:        0
 Summary:        U2F authentication integration into PAM
 License:        BSD-2-Clause
@@ -29,7 +29,7 @@ Source2:        baselib.conf
 BuildRequires:  pam-devel
 BuildRequires:  pkgconfig
 BuildRequires:  pkgconfig(libcrypto)
-BuildRequires:  pkgconfig(libfido2)
+BuildRequires:  pkgconfig(libfido2) >= 1.3.0
 
 %description
 The PAM U2F module provides a way to integrate the Yubikey