rpm/opensc
SHA256
1
0
Fork 0
forked from pool/opensc
Code Pull Requests Activity

Accepting request 635547 from home:kbabioch:branches:security:chipcard

Browse Source 
- Update to version 0.19.0
  * Fixed multiple security problems (out of bound writes/reads):
    * CVE-2018-16391 (bsc#1106998)
    * CVE-2018-16392 (bsc#1106999)
    * CVE-2018-16393 (bsc#1108318)
    * CVE-2018-16418 (bsc#1107039)
    * CVE-2018-16419 (bsc#1107107)
    * CVE-2018-16420 (bsc#1107097)
    * CVE-2018-16421 (bsc#1107049)
    * CVE-2018-16422 (bsc#1107038)
    * CVE-2018-16423 (bsc#1107037)
    * CVE-2018-16424 (bsc#1107036)
    * CVE-2018-16425 (bsc#1107035)
    * CVE-2018-16426 (bsc#1107034)
    * CVE-2018-16427 (bsc#1107033)
  * Workaround cards returning short signatures without leading zeroes
  * Distribute minimal opensc.conf
  * `pkcs11_enable_InitToken made` global configuration option
  * Modify behavior of `OPENSC_DRIVER` environment variable to restrict driver
    list instead of forcing one driver and skipping vital parts of
    configuration
  * Removed configuration options `zero_ckaid_for_ca_certs`,
    `force_card_driver`, `reopen_debug_file`, `paranoid-memory`
  * Generalized configuration option `ignored_readers`
  * If card initialization fails, continue card detection with other card
    drivers
  * reader-pcsc: allow fixing the length of a PIN
  * fixed crash during `C_WaitForSlotEvent`
  * Allow cancelling the PIN pad prompt before starting the reader transaction.
    Whether to start the transaction immediately or not is user-configurable

OBS-URL: https://build.opensuse.org/request/show/635547
OBS-URL: https://build.opensuse.org/package/show/security:chipcard/opensc?expand=0&rev=55
This commit is contained in:
Stanislav Brabec
2018-09-25 14:35:23 +00:00
committed by Git OBS Bridge
parent defc0af54f
commit ff4ec9e2c8
7 changed files with 53 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
opensc.changes
View File

@@ -1,3 +1,47 @@
-------------------------------------------------------------------
Thu Sep 13 13:46:43 UTC 2018 - Karol Babioch <kbabioch@suse.com>
- Update to version 0.19.0
* Fixed multiple security problems (out of bound writes/reads):
* CVE-2018-16391 (bsc#1106998)
* CVE-2018-16392 (bsc#1106999)
* CVE-2018-16393 (bsc#1108318)
* CVE-2018-16418 (bsc#1107039)
* CVE-2018-16419 (bsc#1107107)
* CVE-2018-16420 (bsc#1107097)
* CVE-2018-16421 (bsc#1107049)
* CVE-2018-16422 (bsc#1107038)
* CVE-2018-16423 (bsc#1107037)
* CVE-2018-16424 (bsc#1107036)
* CVE-2018-16425 (bsc#1107035)
* CVE-2018-16426 (bsc#1107034)
* CVE-2018-16427 (bsc#1107033)
* Workaround cards returning short signatures without leading zeroes
* Distribute minimal opensc.conf
* `pkcs11_enable_InitToken made` global configuration option
* Modify behavior of `OPENSC_DRIVER` environment variable to restrict driver
list instead of forcing one driver and skipping vital parts of
configuration
* Removed configuration options `zero_ckaid_for_ca_certs`,
`force_card_driver`, `reopen_debug_file`, `paranoid-memory`
* Generalized configuration option `ignored_readers`
* If card initialization fails, continue card detection with other card
drivers
* reader-pcsc: allow fixing the length of a PIN
* fixed crash during `C_WaitForSlotEvent`
* Allow cancelling the PIN pad prompt before starting the reader transaction.
Whether to start the transaction immediately or not is user-configurable
for each application
* opensc-notify
* add Exit button to tray icon
* User better description (GenericName) and a generic application icon
* Do not display in the application list
- Removed patches included upstream now:
* opensc-desktop.patch
* opensc-desktop2.patch
* opensc-bash-completions.patch
- Applied spec-cleaner
-------------------------------------------------------------------
Tue Jul 10 16:56:28 CEST 2018 - sbrabec@suse.com