2017-05-31 00:40:17 by Greg Troxel | Files touched by this commit (3) |
Log message:
Add patch to resolve gpgsm S/MIME failures
S/MIME messages encrypted with gpgsm are sometimes not decodable by
other implementations. Discussion on gnupg-devel indicates that gpg
(via libksba) is incorrectly dropping leading zeros from the encrypted
session key. This commit adds a patch by Daiki Ueno from the
mailinglist that appears to improve interoperability. Upstream has
not yet applied it, but also has not said that it is wrong.
|
2016-08-22 14:32:11 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Updated libksba to 1.3.5.
Noteworthy changes in version 1.3.5 (2016-08-22) [C19/A11/R6]
------------------------------------------------
* Limit the allowed size of complex ASN.1 objects (e.g. certificates)
to 16MiB.
* Avoid read access to unitialized memory.
* Improve detection of invalid RDNs.
* Encode the OCSP nonce value as an octet string as described by
RFC-6960.
|
2016-06-18 09:25:13 by Benny Siegert | Files touched by this commit (2) |
Log message:
Update libksba to 1.3.4, fixing several vulnerabilities.
Noteworthy changes in version 1.3.4 (2016-05-03) [C19/A11/R4]
------------------------------------------------
* Fixed two OOB read access bugs which could be used to force a DoS.
* Fixed a crash due to faulty curve OID lookup code.
* Synced the list of supported curves with those of Libgcrypt.
* New configure option --enable-build-timestamp; a build timestamp is
not anymore used by default.
|
2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434) |
Log message:
Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
2015-07-05 20:24:11 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Update to 1.3.3:
Noteworthy changes in version 1.3.3 (2015-04-10) [C19/A11/R4]
------------------------------------------------
* Fixed an integer overflow in the DN decoder.
* Now returns an error instead of terminating the process for certain
bad BER encodings.
* Improved the parsing of utf-8 strings in DNs.
* Allow building with newer versions of Bison.
* Improvement building on Windows with newer versions of Mingw.
|
2014-11-25 15:35:37 by Thomas Klausner | Files touched by this commit (3) |
Log message:
Update to 1.3.2. Add comment to patch.
Noteworthy changes in version 1.3.2 (2014-11-25) [C19/A11/R3]
------------------------------------------------
* Fixed a buffer overflow in ksba_oid_to_str.
Noteworthy changes in version 1.3.1 (2014-09-18)
------------------------------------------------
* Fixed memory leak in CRL parsing.
* Build fixes for Windows, Android, and ppc64el.
|
2014-01-01 12:52:43 by Thomas Klausner | Files touched by this commit (776) |
Log message:
Recursive PKGREVISION bump for libgcrypt-1.6.0 shlib major bump.
|
2013-05-12 02:28:52 by Taylor R Campbell | Files touched by this commit (1) |
Log message:
Fix recent change to security/libksba for cross-compilation.
Need to include bsd.prefs.mk before testing USE_CROSS_COMPILE.
Not sure how this slipped through -- could've sworn I tested this.
|
2013-05-10 22:24:17 by Taylor R Campbell | Files touched by this commit (1) |
Log message:
Fix cross-build of libksba with CC_FOR_BUILD=NATIVE_CC.
|
2013-03-15 19:17:55 by Matthias Drochner | Files touched by this commit (2) | |
Log message:
update to 1.3.0
changes:
-licensing change: gplv3 -> lgplv3 + gplv2
-minor fixes
|