Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
cjose
cjose.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cjose.changes of Package cjose
------------------------------------------------------------------- Tue Jul 18 08:40:48 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com> - Switch to OpenIDC fork of cjose - Update to 0.6.2.2: * use fixed authentication tag length of 16 octets in AES GCM decryption * avoid use of assert * fix make on srcdir != builddir - Update to 0.6.2.1: * preserve key order in cjose_header_get_raw as well * fix a memory leak in cjose_jws_import() for invalid JWS * don't use STACK_ALLOC in cjose_concatkdf_derive - Update to 0.6.2.0: * add support for A128GCM and A192GCM encryption * extract cjose_jwe_encrypt_iv to allow explicit IV * allow compilation against OpenSSL 3 with #define OPENSSL_API_COMPAT 0x10000000L * cleanup some warnings about \param lines in header files * preserve key order in order to be able to compare serialized JWTs * minor updates for conformance * check that JWE object has any CEK at all, return error if it doesn't * fix double free on decrypt ek rsa padding failure * replace calls to free() with cjose_get_dealloc() in _cjose_jws_build_hdr * fix buffer overflow in test_cjose_jwe_multiple_recipients * use fixed size of IV size of 16 bytes for AES-CBC * fix memory leak already addressed in cjose_jws_build_dig_sha when a JWS is reused for validation * compile against older versions of check * rename free() to free_func() in struct key_fntable for memory leak detectors * check result of cek = cjose_get_alloc()(cek_len) in jwe.c - Fix CVE-2023-37464, AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag, bsc#1213385 - Remove unneeded patches: * cjose-0.6.1-concatkdf.patch * cjose-ck_assert_bin_eq.patch ------------------------------------------------------------------- Mon Feb 6 11:26:40 UTC 2023 - Marcus Meissner <meissner@suse.com> - disable depreacted declarations warnings for openssl 3 for now. ------------------------------------------------------------------- Wed Oct 30 13:57:50 UTC 2019 - Kristyna Streitova <kstreitova@suse.com> - add cjose-0.6.1-concatkdf.patch to fix concatkdf failures on big endian architectures [bsc#1149887] - re-enable tests on s390 ------------------------------------------------------------------- Mon Sep 9 14:41:41 UTC 2019 - Vítězslav Čížek <vcizek@suse.com> - Fix a bug in an assert message macro * add cjose-ck_assert_bin_eq.patch ------------------------------------------------------------------- Sun Sep 8 19:01:22 UTC 2019 - Vítězslav Čížek <vcizek@suse.com> - Temporarily disable tests on s390 as they are broken there (bsc#1149887) ------------------------------------------------------------------- Fri Apr 27 13:54:00 UTC 2018 - vcizek@suse.com - update to 0.6.1 - packaged as a dependency for apache2-mod_auth_openidc which was requested in fate#323817 ------------------------------------------------------------------- Wed Dec 13 10:25:46 UTC 2017 - christof.hanke@mpcdf.mpg.de - update to version 0.5.1 ------------------------------------------------------------------- Wed Nov 2 01:08:42 UTC 2016 - crrodriguez@opensuse.org - Initial version
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor