./security/libksba, X.509 library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.4.0, Package name: libksba-1.4.0, Maintainer: pkgsrc-users

KSBA is a library to make the task of working with X.509 certificates,
CMS data and related data more easy.


Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 3b524585ddd456c486a8134ba318a394e356f9a2
RMD160: ba9579c3ca9a4c5df8e7a0d5681150de2d790f81
Filesize: 636.054 KB

Version history: (Expand)


CVS history: (Expand)


   2020-08-03 17:30:07 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
libksba: updated to 1.4.0

Noteworthy changes in version 1.4.0
-----------------------------------
 * Supports ECDSA and EdDSA certificate creation and parsing.
 * Supports ECDH enveloped data.
 * Supports ECDSA and EdDSA signed data.
 * Supports rsaPSS signature verification.
 * Supports standard file descriptors in ksba_reader_read.
 * New configure flag --disable-doc.
 * Improves supports for reproducible builds.
 * Allows for optional elements in keyinfo objects.
 * Updates the config and M4 scripts to the latest version.
 * Fixes error detection in the CMS parser.
 * Fixes memory leak in ksba_cms_identify.
 * Fixes build warnings on macOS.
 * Uses --disable-new-dtags if LD_LIBRARY_PATH is defined.
 * New constants KSBA_VERSION and KSBA_VERSION_NUMBER.
 * New API to make creation of DER objects easy.
 * Interface changes relative to the 1.3.5 release:
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 KSBA_VERSION                     NEW.
 KSBA_VERSION_NUMBER              NEW.
 KSBA_CT_SPC_IND_DATA_CTX         NEW.
 KSBA_CLASS_*                     NEW.
 KSBA_TYPE_*                      NEW.
 ksba_der_t                       NEW.
 ksba_der_release                 NEW.
 ksba_der_builder_new             NEW.
 ksba_der_builder_reset           NEW.
 ksba_der_add_ptr                 NEW.
 ksba_der_add_val                 NEW.
 ksba_der_add_int                 NEW.
 ksba_der_add_oid                 NEW.
 ksba_der_add_bts                 NEW.
 ksba_der_add_der                 NEW.
 ksba_der_add_tag                 NEW.
 ksba_der_add_end                 NEW.
 ksba_der_builder_get             NEW.
   2017-05-31 00:40:17 by Greg Troxel | Files touched by this commit (3)
Log message:
Add patch to resolve gpgsm S/MIME failures

S/MIME messages encrypted with gpgsm are sometimes not decodable by
other implementations.  Discussion on gnupg-devel indicates that gpg
(via libksba) is incorrectly dropping leading zeros from the encrypted
session key.  This commit adds a patch by Daiki Ueno from the
mailinglist that appears to improve interoperability.  Upstream has
not yet applied it, but also has not said that it is wrong.
   2016-08-22 14:32:11 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated libksba to 1.3.5.

Noteworthy changes in version 1.3.5 (2016-08-22) [C19/A11/R6]
------------------------------------------------

 * Limit the allowed size of complex ASN.1 objects (e.g. certificates)
   to 16MiB.

 * Avoid read access to unitialized memory.

 * Improve detection of invalid RDNs.

 * Encode the OCSP nonce value as an octet string as described by
   RFC-6960.
   2016-06-18 09:25:13 by Benny Siegert | Files touched by this commit (2) | Package updated
Log message:
Update libksba to 1.3.4, fixing several vulnerabilities.

Noteworthy changes in version 1.3.4 (2016-05-03) [C19/A11/R4]
------------------------------------------------

 * Fixed two OOB read access bugs which could be used to force a DoS.

 * Fixed a crash due to faulty curve OID lookup code.

 * Synced the list of supported curves with those of Libgcrypt.

 * New configure option --enable-build-timestamp; a build timestamp is
   not anymore used by default.
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-07-05 20:24:11 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.3.3:

Noteworthy changes in version 1.3.3 (2015-04-10) [C19/A11/R4]
------------------------------------------------

 * Fixed an integer overflow in the DN decoder.

 * Now returns an error instead of terminating the process for certain
   bad BER encodings.

 * Improved the parsing of utf-8 strings in DNs.

 * Allow building with newer versions of Bison.

 * Improvement building on Windows with newer versions of Mingw.
   2014-11-25 15:35:37 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
Update to 1.3.2. Add comment to patch.

Noteworthy changes in version 1.3.2 (2014-11-25) [C19/A11/R3]
------------------------------------------------

 * Fixed a buffer overflow in ksba_oid_to_str.

Noteworthy changes in version 1.3.1 (2014-09-18)
------------------------------------------------

 * Fixed memory leak in CRL parsing.

 * Build fixes for Windows, Android, and ppc64el.
   2014-01-01 12:52:43 by Thomas Klausner | Files touched by this commit (776)
Log message:
Recursive PKGREVISION bump for libgcrypt-1.6.0 shlib major bump.