./security/libtasn1, ASN.1 structure parser library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.13, Package name: libtasn1-4.13, Maintainer: pkgsrc-users

libtasn1 library was developed for ASN1 (Abstract Syntax Notation One)
structures management.

The main features of this library are:
- on-line ASN1 structure management that does
not require any C code file generation;
- off-line ASN1 structure management with C code
file generation containing an array;
- DER (Distinguish Encoding Rules) encoding;
- no limits for INTEGER and ENUMERATED values


Required to build:
[pkgtools/cwrappers]

Master sites: (Expand)

SHA1: a84afb4cd8187c1fa5901c6bc1cf1486eea66635
RMD160: 49f398fa48847d725ade77b06c3e06713d18b3ed
Filesize: 1847.366 KB

Version history: (Expand)


CVS history: (Expand)


   2018-10-14 01:23:20 by Leonardo Taccari | Files touched by this commit (2) | Package updated
Log message:
libtasn1: Update security/libtasn1 to 4.13

Changes:
- On indefinite string decoding, set a maximum level of allowed recursions
  (3) to protect the BER decoder from a stack exhaustion.
   2018-05-01 08:58:07 by Thomas Klausner | Files touched by this commit (1)
Log message:
libtasn1: add bison build dependency.

Fixes build on -current after patch-lib_ASN1.y was added.
   2018-04-29 08:00:39 by David A. Holland | Files touched by this commit (1) | Package updated
Log message:
Bump PKGREVISION for previous.
   2018-04-29 05:41:43 by David A. Holland | Files touched by this commit (2)
Log message:
Use <ctype.h> properly. Noted in PR 51821.
   2017-08-18 23:53:47 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
release 4.12:
- Corrected so-name version

release 4.11:
- Introduced the ASN1_TIME_ENCODING_ERROR error code to indicate
  an invalid encoding in the DER time fields.
- Introduced flag ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME. This flag
  allows decoding errors in time fields even when in strict DER mode.
  That is introduced in order to allow toleration of invalid times in
  X.509 certificates (which are common) even though strict DER adherence
  is enforced in other fields.
- Added safety check in asn1_find_node(). That prevents a crash
  when a very long variable name is provided by the developer.
  Note that this to be exploited requires controlling the ASN.1
  definitions used by the developer, i.e., the 'name' parameter of
  asn1_write_value() or asn1_read_value(). The library is
  not designed to protect against malicious manipulation of the
  developer assigned variable names.
   2017-02-26 09:45:44 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
* Noteworthy changes in release 4.10:
- Updated gnulib
- Removed -Werror from default compiler flags
- Fixed undefined behavior when negating integers in _asn1_ltostr().
  Issue found by oss-fuzz project (via gnutls):
  https://bugs.chromium.org/p/oss-fuzz/is … ail?id=388
- Pass the correct length to _asn1_get_indefinite_length_string in
  asn1_get_length_ber. This addresses reading 1-byte past the end
  of data. Issue found by oss-fuzz project (via gnutls):
  https://bugs.chromium.org/p/oss-fuzz/is … ail?id=330
  https://bugs.chromium.org/p/oss-fuzz/is … tail?id=33
   2017-01-11 17:25:06 by Thomas Klausner | Files touched by this commit (1)
Log message:
Remove -Werror from compilation flags.

PR 51821
PR 51829
   2017-01-10 16:26:32 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated libtasn1 to 4.9.

* Noteworthy changes in release 4.9 (released 2016-07-25) [stable]
- Fixes to OID encoding of OIDs which have elements which exceed 2^32