# # spec file for package libksba # # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define soname 8 Name: libksba Version: 1.3.5 Release: 2.2 Summary: A X.509 Library License: (LGPL-3.0+ or GPL-2.0+) and GPL-3.0+ and MIT Group: Development/Libraries/C and C++ Url: http://www.gnupg.org/aegypten/ Source: ftp://ftp.gnupg.org/gcrypt/libksba/%{name}-%{version}.tar.bz2 Source2: ftp://ftp.gnupg.org/gcrypt/libksba/%{name}-%{version}.tar.bz2.sig Source3: libksba.keyring Source4: libksba.changes BuildRequires: libgpg-error-devel >= 1.8 # FIXME: use proper Requires(pre/post/preun/...) PreReq: %{install_info_prereq} BuildRoot: %{_tmppath}/%{name}-%{version}-build %description KSBA is a library to simplify the task of working with X.509 certificates, CMS data, and related data. %package -n %{name}%{soname} Summary: A X.509 Library Group: Development/Libraries/C and C++ Provides: %{name} = %{version} Obsoletes: %{name} < %{version} %description -n %{name}%{soname} KSBA is a library to simplify the task of working with X.509 certificates, CMS data, and related data. %package devel Summary: A X.509 Library Group: Development/Libraries/C and C++ Requires: libgpg-error-devel Requires: libksba = %{version} Provides: libksba:%{_includedir}/ksba.h %description devel KSBA is a library to simplify the task of working with X.509 certificates, CMS data, and related data. This package contains the needed files to compile and link against the libksba. %prep %setup -q -n libksba-%{version} %build build_timestamp=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+0000 -r %{SOURCE4}) %configure \ --disable-static \ --with-pic \ --enable-build-timestamp="${build_timestamp}" make %{?_smp_mflags} %check make %{?_smp_mflags} check %install make %{?_smp_mflags} DESTDIR=%{buildroot} install find %{buildroot} -type f -name "*.la" -delete -print %post -n %{name}%{soname} -p /sbin/ldconfig %postun -n %{name}%{soname} -p /sbin/ldconfig %files -n %{name}%{soname} %defattr(-,root,root) %license COPYING %doc README AUTHORS ChangeLog NEWS THANKS TODO %{_libdir}/libksba*.so.* %post devel %install_info --info-dir=%{_infodir} %{_infodir}/ksba.info.gz %postun devel %install_info_delete --info-dir=%{_infodir} %{_infodir}/ksba.info.gz %files devel %defattr(-,root,root) %{_bindir}/* %{_libdir}/libksba*.so %{_includedir}/* %{_infodir}/ksba* %{_datadir}/aclocal/* %changelog * Thu Feb 22 2018 fvogt@suse.com - Use %%license (boo#1082318) * Mon Aug 22 2016 astieger@suse.com - libksba 1.3.5: * Limit the allowed size of complex ASN.1 objects (e.g. certificates) to 16MiB. * Avoid read access to unitialized memory. * Improve detection of invalid RDNs. * Encode the OCSP nonce value as an octet string as described by RFC-6960. * Tue May 10 2016 astieger@suse.com - libksba 1.3.4: * Fixed two OOB read access bugs which could be used to force a DoS. boo#979261 CVE-2016-4574, CVE-2016-4579 * Fixed a crash due to faulty curve OID lookup code. * Synced the list of supported curves with those of Libgcrypt. * New configure option --enable-build-timestamp; a build timestamp is not anymore used by default. * Fri Apr 10 2015 astieger@suse.com - libksba 1.3.3: * Fixed an integer overflow in the DN decoder. * Now returns an error instead of terminating the process for certain bad BER encodings. * Improved the parsing of utf-8 strings in DNs. * Allow building with newer versions of Bison. * Thu Mar 19 2015 astieger@suse.com - remove libtool requirement * Wed Nov 26 2014 andreas.stieger@gmx.de - libksba 1.3.2 [boo#907074] [CVE-2014-9087] This version contains a security update which fixes a buffer overflow in OID to string conversion code that can be triggered by a specially crafted S/MIME message or ECC based OpenPGP data. Users of GnuPG 2.x should install this version and restart the dirmgr process. * Fixed a buffer overflow in ksba_oid_to_str. - verify source signature * Sun Sep 21 2014 andreas.stieger@gmx.de - libksba 1.3.1: * Fixed memory leak in CRL parsing * Build fixes for ppc64el * Tue Nov 27 2012 meissner@suse.com - Use URL for source * Mon Oct 1 2012 andreas.stieger@gmx.de - update to libksba 1.3.0 - change license from GPLv2 to LGPLv3/GPLv2 - minor bug fixes - implement shared library packaging policy - remove nld-build.diff which was added 2004 before package was in the openSUSE OBS, was never used or applied cleanly since r1 * Sat Nov 19 2011 coolo@suse.com - add libtool as buildrequire to avoid implicit dependency * Fri Jul 29 2011 puzel@novell.com - update to libksba-1.2.0 - New functions to allow the creation of X.509 certificates. - Interface changes relative to the 1.1.0 release: ksba_certreq_set_serial NEW ksba_certreq_set_issuer NEW ksba_certreq_set_validity NEW ksba_certreq_set_siginfo NEW * Fri Dec 3 2010 puzel@novell.com - update to libksba-1.1.0 * New functions to fix a leak in dirmngr. * Interface changes relative to the 1.0.0 release: ksba_reader_set_release_notify NEW ksba_writer_set_release_notify NEW - clean up specfile * Sun Oct 31 2010 jengelh@medozas.de - Use %%_smp_mflags * Tue Aug 17 2010 puzel@novell.com - update to libksba-1.0.8 * Fixed a CMS parsing bug exhibited by Lotus Notes. * Thu Jul 9 2009 puzel@novell.com - update to libksba-1.0.7 * Detect overflow while parsing OIDs. Map BER encoded OIDs to well known names. * Allow mixed case names in DNs. * Wed Jun 24 2009 puzel@suse.cz - update to libksba-1.0.6 * Support SHA-{384,512} based signature generation. * The RSA algorithmIdentifier ASN.1 sequence is now emitted with an explicit NULL parameter. Despite the interop testing we did in the past, some software still requires this and thus we better follow the best current practise. * Tue Apr 7 2009 crrodriguez@suse.de - remove static libraries and "la" files - fix buildrequires and -devel package dependencies * Mon Jan 12 2009 puzel@suse.cz - update to 1.0.5 (bugfix release) - minor bugfixes * Thu Sep 25 2008 puzel@suse.cz - update to 1.0.4 * autoconf fixes - correctly install/uninstall info files - use %%makeinstall and %%configure macros * Thu Jun 26 2008 puzel@suse.cz - update to 1.0.3 * bugfix release (autoconf fixes) * removed libksba-texi.patch * Thu Jan 10 2008 bk@suse.de - Add missing initialsation, fixes gpgsm crash in GPG's make check * Mon Jul 30 2007 ltinkl@suse.cz - update to 1.0.2 * Support for SHA-2. * Fixed a couple of memory leaks. * Experimental support for ECDSA. * Minor portability fixes. * Switched to GPLv3. * Tue Sep 12 2006 pnemec@suse.cz - updated to 1.0.0 by diff from author - change in api * Mon Sep 11 2006 pnemec@suse.cz - updated to 0.9.16 Fixed a character set conversion bug in BMPStrings Added new api functions, see readme. * Fri Jun 23 2006 pnemec@suse.cz - updated to 0.9.15 from CVS! fixed security bug #177462 * Thu May 25 2006 pnemec@suse.cz - updated to version 0.9.14 * Fixed broken OCSP requests. * Ignore invalid bytes appended to a certificate. * New functions to associate user data with a certificate object. * Wed Jan 25 2006 mls@suse.de - converted neededforbuild to BuildRequires * Mon Sep 26 2005 mls@suse.de - make devel package require base package * Fri Aug 5 2005 postadal@suse.cz - updated to version 0.9.12 * Mon Jul 11 2005 postadal@suse.cz - updated to version 0.9.11 - removed obsoleted patch autoconf-fix.diff * Wed Jan 12 2005 postadal@suse.cz - update to version 0.9.10 * Thu Sep 30 2004 postadal@suse.cz - restored autoconf-fix.diff patch removed by last update [#36193, #46036] (fixed autoconf issue - quoted definition of AM_PATH_KSBA) * Wed Jul 28 2004 adrian@suse.de - update to version 0.9.8 * Wed Jul 14 2004 adrian@suse.de - create -devel sub package - prepare for nld * Mon Jul 12 2004 adrian@suse.de - update to version 0.9.7 * Wed Mar 17 2004 postadal@suse.cz - fixed autoconf issue (quoted definition of AM_PATH_KSBA) [#36193] * Tue Feb 10 2004 postadal@suse.cz - fixed code that broke strict aliasing - bziped tarball * Sun Jan 11 2004 adrian@suse.de - add %%run_ldconfig * Mon Jun 2 2003 mc@suse.de - switch to version 0.4.7 This fixes a problem mainly relevant to certificate request creation (if you must use the ugly way of putting the email address into the subject DN) * Thu Feb 20 2003 mc@suse.de - initial version