./security/libksba, X.509 library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.3.5nb1, Package name: libksba-1.3.5nb1, Maintainer: pkgsrc-users

KSBA is a library to make the task of working with X.509 certificates,
CMS data and related data more easy.


Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: a98385734a0c3f5b713198e8d6e6e4aeb0b76fde
RMD160: ee7c752196ae89ce798007b076e8eb695d6c4ea9
Filesize: 606.103 KB

Version history: (Expand)


CVS history: (Expand)


   2017-05-31 00:40:17 by Greg Troxel | Files touched by this commit (3)
Log message:
Add patch to resolve gpgsm S/MIME failures

S/MIME messages encrypted with gpgsm are sometimes not decodable by
other implementations.  Discussion on gnupg-devel indicates that gpg
(via libksba) is incorrectly dropping leading zeros from the encrypted
session key.  This commit adds a patch by Daiki Ueno from the
mailinglist that appears to improve interoperability.  Upstream has
not yet applied it, but also has not said that it is wrong.
   2016-08-22 14:32:11 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated libksba to 1.3.5.

Noteworthy changes in version 1.3.5 (2016-08-22) [C19/A11/R6]
------------------------------------------------

 * Limit the allowed size of complex ASN.1 objects (e.g. certificates)
   to 16MiB.

 * Avoid read access to unitialized memory.

 * Improve detection of invalid RDNs.

 * Encode the OCSP nonce value as an octet string as described by
   RFC-6960.
   2016-06-18 09:25:13 by Benny Siegert | Files touched by this commit (2) | Package updated
Log message:
Update libksba to 1.3.4, fixing several vulnerabilities.

Noteworthy changes in version 1.3.4 (2016-05-03) [C19/A11/R4]
------------------------------------------------

 * Fixed two OOB read access bugs which could be used to force a DoS.

 * Fixed a crash due to faulty curve OID lookup code.

 * Synced the list of supported curves with those of Libgcrypt.

 * New configure option --enable-build-timestamp; a build timestamp is
   not anymore used by default.
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-07-05 20:24:11 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.3.3:

Noteworthy changes in version 1.3.3 (2015-04-10) [C19/A11/R4]
------------------------------------------------

 * Fixed an integer overflow in the DN decoder.

 * Now returns an error instead of terminating the process for certain
   bad BER encodings.

 * Improved the parsing of utf-8 strings in DNs.

 * Allow building with newer versions of Bison.

 * Improvement building on Windows with newer versions of Mingw.
   2014-11-25 15:35:37 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
Update to 1.3.2. Add comment to patch.

Noteworthy changes in version 1.3.2 (2014-11-25) [C19/A11/R3]
------------------------------------------------

 * Fixed a buffer overflow in ksba_oid_to_str.

Noteworthy changes in version 1.3.1 (2014-09-18)
------------------------------------------------

 * Fixed memory leak in CRL parsing.

 * Build fixes for Windows, Android, and ppc64el.
   2014-01-01 12:52:43 by Thomas Klausner | Files touched by this commit (776)
Log message:
Recursive PKGREVISION bump for libgcrypt-1.6.0 shlib major bump.
   2013-05-12 02:28:52 by Taylor R Campbell | Files touched by this commit (1)
Log message:
Fix recent change to security/libksba for cross-compilation.

Need to include bsd.prefs.mk before testing USE_CROSS_COMPILE.

Not sure how this slipped through -- could've sworn I tested this.