Accepting request 394985 from security:privacy

libksba 1.3.4:
 * Fixed two OOB read access bugs which could be used to force a DoS.
   boo#979261 CVE-2016-4574, CVE-2016-4579
 * Fixed a crash due to faulty curve OID lookup code.
 * Synced the list of supported curves with those of Libgcrypt.
 * New configure option --enable-build-timestamp; a build timestamp is
   not anymore used by default.

OBS-URL: https://build.opensuse.org/request/show/394985
OBS-URL: https://build.opensuse.org/package/show/Base:System/libksba?expand=0&rev=34

libksba-1.3.3.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0c7f5ffe34d0414f6951d9880a46fcc2985c487f7c36369b9f11ad41131c7786
-size 618698

libksba-1.3.4.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f6c2883cebec5608692d8730843d87f237c0964d923bbe7aa89c05f20558ad4f
+size 619373

libksba.changes

@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Tue May 10 11:25:34 UTC 2016 - astieger@suse.com
+
+- libksba 1.3.4:
+ * Fixed two OOB read access bugs which could be used to force a DoS.
+   boo#979261 CVE-2016-4574, CVE-2016-4579
+ * Fixed a crash due to faulty curve OID lookup code.
+ * Synced the list of supported curves with those of Libgcrypt.
+ * New configure option --enable-build-timestamp; a build timestamp is
+   not anymore used by default.
+
 -------------------------------------------------------------------
 Fri Apr 10 20:28:31 UTC 2015 - astieger@suse.com
 

libksba.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package libksba
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 %define soname 8
 Name:           libksba
-Version:        1.3.3
+Version:        1.3.4
 Release:        0
 Summary:        A X.509 Library
 License:        (LGPL-3.0+ or GPL-2.0+) and GPL-3.0+ and MIT
@@ -27,6 +27,7 @@ Url:            http://www.gnupg.org/aegypten/
 Source:         ftp://ftp.gnupg.org/gcrypt/libksba/%{name}-%{version}.tar.bz2
 Source2:        ftp://ftp.gnupg.org/gcrypt/libksba/%{name}-%{version}.tar.bz2.sig
 Source3:        libksba.keyring
+Source4:        libksba.changes
 BuildRequires:  libgpg-error-devel >= 1.8
 # FIXME: use proper Requires(pre/post/preun/...)
 PreReq:         %{install_info_prereq}
@@ -64,18 +65,22 @@ libksba.
 %setup -q -n libksba-%{version}
 
 %build
-%configure --disable-static --with-pic
+build_timestamp=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+0000 -r %{SOURCE4})
+%configure \
+	--disable-static \
+	--with-pic \
+	--enable-build-timestamp="${build_timestamp}"
+
 make %{?_smp_mflags}
 
 %check
 make %{?_smp_mflags} check
 
 %install
-make DESTDIR=%{buildroot} install %{?_smp_mflags}
+make %{?_smp_mflags} DESTDIR=%{buildroot} install
 find %{buildroot} -type f -name "*.la" -delete -print
 
 %post -n %{name}%{soname} -p /sbin/ldconfig
-
 %postun -n %{name}%{soname} -p /sbin/ldconfig
 
 %files -n %{name}%{soname}
@@ -94,7 +99,7 @@ find %{buildroot} -type f -name "*.la" -delete -print
 %{_bindir}/*
 %{_libdir}/libksba*.so
 %{_includedir}/*
-%doc %{_infodir}/ksba*
+%{_infodir}/ksba*
 %{_datadir}/aclocal/*
 
 %changelog