Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libtasn1-6-4.13-4.9.1 RPM for armv7hl

From OpenSuSE Ports Leap 15.5 for armv7hl

Name: libtasn1-6 Distribution: openSUSE Step 15
Version: 4.13 Vendor: openSUSE
Release: 4.9.1 Build date: Wed Oct 26 18:44:39 2022
Group: System/Libraries Build host: obs-arm-5
Size: 67336 Source RPM: libtasn1-4.13-4.9.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://www.gnu.org/software/libtasn1/
Summary: ASN.1 parsing library
This is the ASN.1 library used by GNUTLS. More up to date information
can be found at http://www.gnu.org/software/gnutls and
http://www.gnutls.org

Provides

Requires

License

LGPL-2.1-or-later AND GPL-3.0-only

Changelog

* Tue Oct 25 2022 abergmann@suse.com
  - Add libtasn1-CVE-2021-46848.patch: Fixed off-by-one array size check
    that affects asn1_encode_simple_der (CVE-2021-46848, bsc#1204690).
* Mon Apr 29 2019 mgorse@suse.com
  - Add libtasn1-object-id-recursion.patch: limit recursion in
    _asn1_expand_object_id (boo#1105435 CVE-2018-1000654
    (https://gitlab.com/gnutls/libtasn1/merge_requests/8)
* Thu Feb 22 2018 fvogt@suse.com
  - Use %license (boo#1082318)
* Fri Jan 19 2018 kbabioch@suse.com
  - update to 4.13
    * On indefinite string decoding, set a maximum level of allowed
      recursions (3) to protect the BER decoder from a stack exhaustion.
      (CVE-2018-6003 boo#1076832)
* Sun Jun 04 2017 astieger@suse.com
  - libtasn1 4.12:
    * Corrected so-name version
  - includes changes in 4.11:
    * Introduce the ASN1_TIME_ENCODING_ERROR error code to indicate
      an invalid encoding in the DER time fields.
    * Introduced flag ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME. This flag
      allows decoding errors in time fields even when in strict DER mode.
      That is introduced in order to allow toleration of invalid times in
      X.509 certificates (which are common) even though strict DER adherence
      is enforced in other fields.
    * Added safety check in asn1_find_node(). That prevents a crash
      when a very long variable name is provided by the developer.
      Note that this to be exploited requires controlling the ASN.1
      definitions used by the developer, i.e., the 'name' parameter of
      asn1_write_value() or asn1_read_value(). The library is
      not designed to protect against malicious manipulation of the
      developer assigned variable names
  - includes changes from 4.10:
    * Updated gnulib
    * Removed -Werror from default compiler flags
      (drop patch 0001-configure-don-t-add-Werror-to-build-flags.patch)
    * Fixed undefined behavior when negating integers in _asn1_ltostr().
    * Pass the correct length to _asn1_get_indefinite_length_string in
      asn1_get_length_ber. This addresses reading 1-byte past the end
      of data.
* Wed Aug 10 2016 astieger@suse.com
  - update to 4.9:
    * Fix OID encoding of OIDs which have elements which exceed 2^32
  - Do not treat i586 warning as error, adding upstream
    0001-configure-don-t-add-Werror-to-build-flags.patch
  - fate#322523
* Mon Apr 11 2016 mpluskal@suse.com
  - Update to 4.8
    * Fixes to avoid reliance on C undefined behavior.
    * Fixes to avoid an infinite recursion when decoding without the
      ASN1_DECODE_FLAG_STRICT_DER flag. Reported by Pascal Cuoq.
      (CVE-2016-4008 / bsc#982779)
    * Combined all the BER octet string decoding functions to a
      single one based on asn1_decode_simple_ber().
* Wed Sep 16 2015 zaitor@opensuse.org
  - Update to version 4.7:
    * Fixed regression introduced in the decoding of multi-byte tags
      fix.
* Mon Sep 07 2015 astieger@suse.com
  - libtasn1 4.6:
    * Allow decoding OCTET STRINGs with multi-byte tags.
    * Add asn1_get_object_id_der
* Fri May 01 2015 astieger@suse.com
  - update libtasn1 4.5:
    * Corrected an invalid memory access in octet string decoding.
      CVE-2015-3622 [boo#929414]
* Sun Mar 29 2015 astieger@suse.com
  - update to libtasn1 4.4 [bsc#924828]:
    * Corrected a two-byte stack overflow in asn1_der_decoding.
      CVE-2015-2806
* Sun Mar 22 2015 mpluskal@suse.com
  - Update project url
  - Cleanup spec-file with spec-cleaner
  - Add info preun and post dependencies
  - Update to 4.3
    * Added asn1_decode_simple_ber()
    * Only assign a value if the previous node has one (bsc#961491).
* Sat Feb 14 2015 jengelh@inai.de
  - Put C API documentation into -devel package.
    Use modern %make_install. Description fix.

Files

/usr/lib/libtasn1.so.6
/usr/lib/libtasn1.so.6.5.5


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 18:42:22 2024