rpm/cjose
SHA256
1
0
Fork 0
forked from pool/cjose
Code Pull Requests Activity
Files
factory
cjose/cjose.changes
Dirk Mueller fe7acb5715 Accepting request 1099220 from home:dspinella:branches:devel:libraries:c_c++ 
- Switch to OpenIDC fork of cjose
- Update to 0.6.2.2:
  * use fixed authentication tag length of 16 octets in AES GCM decryption
  * avoid use of assert
  * fix make on srcdir != builddir
- Update to 0.6.2.1:
  * preserve key order in cjose_header_get_raw as well
  * fix a memory leak in cjose_jws_import() for invalid JWS
  * don't use STACK_ALLOC in cjose_concatkdf_derive
- Update to 0.6.2.0:
  * add support for A128GCM and A192GCM encryption
  * extract cjose_jwe_encrypt_iv to allow explicit IV
  * allow compilation against OpenSSL 3 with #define OPENSSL_API_COMPAT 0x10000000L
  * cleanup some warnings about \param lines in header files
  * preserve key order in order to be able to compare serialized JWTs
  * minor updates for conformance
  * check that JWE object has any CEK at all, return error if it doesn't
  * fix double free on decrypt ek rsa padding failure
  * replace calls to free() with cjose_get_dealloc() in _cjose_jws_build_hdr
  * fix buffer overflow in test_cjose_jwe_multiple_recipients
  * use fixed size of IV size of 16 bytes for AES-CBC
  * fix memory leak already addressed in cjose_jws_build_dig_sha when a JWS is reused for validation
  * compile against older versions of check
  * rename free() to free_func() in struct key_fntable for memory leak detectors
  * check result of cek = cjose_get_alloc()(cek_len) in jwe.c
- Fix CVE-2023-37464, AES GCM decryption routine incorrectly uses the Tag
  length from the actual Authentication Tag, bsc#1213385
- Remove unneeded patches:
  * cjose-0.6.1-concatkdf.patch
  * cjose-ck_assert_bin_eq.patch

OBS-URL: https://build.opensuse.org/request/show/1099220
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/cjose?expand=0&rev=9
2023-07-18 09:28:43 +00:00

76 lines
3.1 KiB
Plaintext
Raw Permalink Blame History

-------------------------------------------------------------------
Tue Jul 18 08:40:48 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com>
- Switch to OpenIDC fork of cjose
- Update to 0.6.2.2:
* use fixed authentication tag length of 16 octets in AES GCM decryption
* avoid use of assert
* fix make on srcdir != builddir
- Update to 0.6.2.1:
* preserve key order in cjose_header_get_raw as well
* fix a memory leak in cjose_jws_import() for invalid JWS
* don't use STACK_ALLOC in cjose_concatkdf_derive
- Update to 0.6.2.0:
* add support for A128GCM and A192GCM encryption
* extract cjose_jwe_encrypt_iv to allow explicit IV
* allow compilation against OpenSSL 3 with #define OPENSSL_API_COMPAT 0x10000000L
* cleanup some warnings about \param lines in header files
* preserve key order in order to be able to compare serialized JWTs
* minor updates for conformance
* check that JWE object has any CEK at all, return error if it doesn't
* fix double free on decrypt ek rsa padding failure
* replace calls to free() with cjose_get_dealloc() in _cjose_jws_build_hdr
* fix buffer overflow in test_cjose_jwe_multiple_recipients
* use fixed size of IV size of 16 bytes for AES-CBC
* fix memory leak already addressed in cjose_jws_build_dig_sha when a JWS is reused for validation
* compile against older versions of check
* rename free() to free_func() in struct key_fntable for memory leak detectors
* check result of cek = cjose_get_alloc()(cek_len) in jwe.c
- Fix CVE-2023-37464, AES GCM decryption routine incorrectly uses the Tag
length from the actual Authentication Tag, bsc#1213385
- Remove unneeded patches:
* cjose-0.6.1-concatkdf.patch
* cjose-ck_assert_bin_eq.patch
-------------------------------------------------------------------
Mon Feb 6 11:26:40 UTC 2023 - Marcus Meissner <meissner@suse.com>
- disable depreacted declarations warnings for openssl 3 for now.
-------------------------------------------------------------------
Wed Oct 30 13:57:50 UTC 2019 - Kristyna Streitova <kstreitova@suse.com>
- add cjose-0.6.1-concatkdf.patch to fix concatkdf failures on big
endian architectures [bsc#1149887]
- re-enable tests on s390
-------------------------------------------------------------------
Mon Sep 9 14:41:41 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
- Fix a bug in an assert message macro
* add cjose-ck_assert_bin_eq.patch
-------------------------------------------------------------------
Sun Sep 8 19:01:22 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
- Temporarily disable tests on s390 as they are broken there
(bsc#1149887)
-------------------------------------------------------------------
Fri Apr 27 13:54:00 UTC 2018 - vcizek@suse.com
- update to 0.6.1
- packaged as a dependency for apache2-mod_auth_openidc which was
requested in fate#323817
-------------------------------------------------------------------
Wed Dec 13 10:25:46 UTC 2017 - christof.hanke@mpcdf.mpg.de
- update to version 0.5.1
-------------------------------------------------------------------
Wed Nov 2 01:08:42 UTC 2016 - crrodriguez@opensuse.org
- Initial version
View Git Blame Copy Permalink