| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: opensc-bash-completion | Distribution: openSUSE Tumbleweed |
| Version: 0.26.1 | Vendor: openSUSE |
| Release: 1.1 | Build date: Tue Jan 14 20:30:47 2025 |
| Group: Productivity/Security | Build host: reproducible |
| Size: 37764 | Source RPM: opensc-0.26.1-1.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://github.com/OpenSC/OpenSC/wiki | |
| Summary: Bash Completion for opensc | |
Bash completion script for opensc.
LGPL-2.1-or-later
* Tue Jan 14 2025 Martin Hauke <mardnh@gmx.de>
- Update to version 0.26.1
General improvements
* Align allocations of sc_mem_secure_alloc (#3281).
* Fix -O3 gcc optimization failure on amd64 and ppc64el (#3299).
pkcs11-spy
* Avoid crash while spying C_GetInterface() (#3275).
TCOS
* Fix reading certificate (#3296).
* Thu Nov 14 2024 Martin Hauke <mardnh@gmx.de>
- Update to version 0.26.0
Security
* CVE-2024-45615: Usage of uninitialized values in libopensc#
and pkcs15init (#3225).
* CVE-2024-45616: Uninitialized values after incorrect check or
usage of APDU response values in libopensc (#3225)
* CVE-2024-45617: Uninitialized values after incorrect or missing
checking return values of functions in libopensc (#3225)
* CVE-2024-45618: Uninitialized values after incorrect or missing
checking return values of functions in pkcs15init (#3225)
* CVE-2024-45619: Incorrect handling length of buffers or files
in libopensc (#3225)
* CVE-2024-45620: Incorrect handling of the length of buffers or
files in pkcs15init (#3225)
* CVE-2024-8443: Heap buffer overflow in OpenPGP driver when
generating key (#3219)
General improvements
* Fix reselection of DF after error in PKCS#15 layer (#3067)
* Unify OpenSSL logging throughout code (#2922)
* Extend the p11test to support kryoptic (#3141)
* Fix for error in PCSC reconnection (#3150)
* Fixed various issues reported by OSS-Fuzz and Coverity in
drivers, PKCS#11 and PKCS#15 layer
PKCS#15
* Documentation for PKCS#15 profile files (#3132)
minidriver
* Support PinCacheAlwaysPrompt usable for PIV cards (#3167)
pkcs11-tool
* Show URI when listing token information (#3125) and objects
* Do not limit size of objects to 5000 bytes (#3174)
* Add support for AES CMAC (#3184)
* Add support for AES GCM encryption (#3195)
* Add support for RSA OAEP encryption (#3175)
* Add support for HKDF (#3193)
* Implement better support for wrapping and unwrapping (#3198)
* Add support for EdDSA sign and verify (#2979)
pkcs15-crypt
* Fix PKCS#1 encoding function to correctly detect padding type
piv-tool
* Fix RSA key generation (#3158)
* Avoid possible state change when matching unknown card (#3112)
sc-hsm-tool
* Cleanse buffer with plaintext key share (#3226)
pkcs11-register
* Fix pkcs11-register defaults on macOS and Windows (#3053)
IDPrime
* Fix identification of IDPrime 840 cards (#3146)
* Fix container mapping for IDPrime 940 cards (#3220)
* Reorder ATRs for matching cards (#3154)
OpenPGP
* Fix state tracking after erasing card (#3024)
Belpic
* Disable Applet V1.8 (#3109)
MICARDO
* Deactivate driver (#3152)
SmartCard-HSM
* Fix signing with secp521r1 signature (#3157)
eOI
* Set model via sc_card_ctl function (#3189)
Rutoken
* increase the minimum PIN size to support Rutoken ECP BIO.
JPKI
* Adjust parameters for public key in PKCS#15 emulator (#3182)
D-Trust
* Add support for ECDSA signatures and ECDH key agreement for
D-Trust Signatures Cards 4.1/4.4 (#3240, #3248)
- Drop patches (changes now in upstream):
* opensc-CVE-2024-45615.patch
* opensc-CVE-2024-45616.patch
* opensc-CVE-2024-45617.patch
* opensc-CVE-2024-45618.patch
* opensc-CVE-2024-45619.patch
* opensc-CVE-2024-45620.patch
* opensc-CVE-2024-8443.patch
* Tue Oct 01 2024 Angel Yankov <angel.yankov@suse.com>
- - Security fix: [CVE-2024-8443, bsc#1230364]
* opensc: heap buffer overflow in OpenPGP driver when generating key
* Added patch: opensc-CVE-2024-8443.patch
* Tue Oct 01 2024 Angel Yankov <angel.yankov@suse.com>
- Security fix: [opensc-CVE-2024-45620, bsc#1230076]
- Security fix: [opensc-CVE-2024-45619, bsc#1230075]
- Security fix: [opensc-CVE-2024-45618, bsc#1230074]
- Security fix: [opensc-CVE-2024-45617, bsc#1230073]
- Security fix: [opensc-CVE-2024-45616, bsc#1230072]
- Security fix: [opensc-CVE-2024-45615, bsc#1230071]
* opensc: pkcs15init: Usage of uninitialized values in libopensc and pkcs15init
* opensc: Uninitialized values after incorrect check or usage of APDU response values in libopensc
* opensc: Uninitialized values after incorrect or missing checking return values of functions in libopensc
* opensc: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init
* opensc: Incorrect handling length of buffers or files in libopensc
* opensc: Incorrect handling of the length of buffers or files in pkcs15init
* Added patches:
- opensc-CVE-2024-45615.patch
- opensc-CVE-2024-45616.patch
- opensc-CVE-2024-45617.patch
- opensc-CVE-2024-45618.patch
- opensc-CVE-2024-45619.patch
- opensc-CVE-2024-45620.patch
* Fri Apr 05 2024 Martin Hauke <mardnh@gmx.de>
- Update to verion 0.25.1
General improvements
* Add missing file to dist tarball to build documentation.
minidriver
* Fix RSA decryption with PKCS#1 v1.5 padding.
* Fix crash when app is not set.
* Wed Mar 13 2024 Martin Hauke <mardnh@gmx.de>
- Build with support for libeac (OpenPACE)
* Sat Mar 09 2024 Martin Hauke <mardnh@gmx.de>
- Update to version 0.25.0
Security
* CVE-2023-5992: Fix Side-channel leaks while stripping
encryption PKCS#1.5 padding in OpenSC.
* CVE-2024-1454: Fix Potential use-after-free in AuthentIC driver
during card enrollment in pkcs15init.
General improvements
* Remove support for old card drivers Akis, GPK, Incrypto34 and
Westcos, disable Cyberflex driver.
* Fix 64b to 32b conversions.
* Improvements for the p11test.
* Fix reader initialization without SCardControl.
* Make RSA PKCS#1 v1.5 depadding constant-time.
* Add option for disabling PKCS#1 v1.5 depadding (type 01 and 02)
on the card.
* Fixed various issues reported by OSS-Fuzz and Coverity in
drivers, PKCS#11 and PKCS#15 layer.
- Add patch:
* opensc-docbook-xsl-fix.patch
- Drop not longer needed patches:
* CVE-2024-1454.patch
- Introduce subpackage for bash-completion
* Sun Feb 25 2024 Martin Schreiner <martin.schreiner@suse.com>
- Add CVE-2024-1454.patch.
Fix for CVE-2024-1454 / bsc#1219868.
* Wed Dec 13 2023 Otto Hollmann <otto.hollmann@suse.com>
- Update to OpenSC 0.24.0:
* Security
- CVE-2023-40660: Fix Potential PIN bypass
(#2806, frankmorgner/OpenSCToken#50, #2807)
- CVE-2023-40661: Important dynamic analyzers reports
- CVE-2023-4535: Out-of-bounds read in MyEID driver handling encryption
using symmetric keys (f1993dc)
* General improvements
- Fix compatibility of EAC with OpenSSL 3.0 (#2674)
- Enable use_file_cache by default (#2501)
- Use custom libctx with OpenSSL >= 3.0 (#2712, #2715)
- Fix record-based files (#2604)
- Fix several race conditions (#2735)
- Run tests under Valgrind (#2756)
- Test signing of data bigger than 512 bytes (#2789)
- Update to OpenPACE 1.1.3 (#2796)
- Implement logout for some of the card drivers (#2807)
- Fix wrong popup position of opensc-notify (#2901)
- Fixed various issues reported by OSS-Fuzz and Coverity regarding card
drivers, PKCS#11 and PKCS#15 init
* PKCS#11
- Check card presence state in C_GetSessionInfo (#2740)
- Remove onepin-opensc-pkcs11 module (#2681)
- Do not use colons in the token info label (#2760)
- Present profile objects in all slots with the CKA_TOKEN attribute to
resolve issues with NSS (#2928, #2924)
- Use secure memory for PUK (#2906)
- Don't logout to preserve concurrent access from different processes
(#2907)
- Add more examples to manual page (#2936)
- Present profile objects in all virtual slots (#2928)
- Provide CKA_TOKEN attribute for profile objects (#2924)
- Improve --slot parameter documentation (#2951)
* PKCS#15
- Honor cache offsets when writing file cache (#2858)
- Prevent needless amount of PIN prompts from pkcs15init layer (#2916)
- Propagate CKA_EXTRACTABLE and SC_PKCS15_PRKEY_ACCESS_SENSITIVE from and
back to PKCS#11 (#2936)
* Minidriver
- Fix for private keys that do not need a PIN (#2722)
- Unbreak decipher when the first null byte of PKCS#1.5 padding is
missing (#2939*
* pkcs11-tool
- Fix RSA key import with OpenSSL 3.0 (#2656)
- Add support for attribute filtering when listing objects (#2687)
- Add support for --private flag when writing certificates (#2768)
- Add support for non-AEAD ciphers to the test mode (#2780)
- Show CKA_SIGN attribute for secret keys (#2862)
- Do not attempt to read CKA_ALWAYS_AUTHENTICATE on secret keys
(#2864, #2913)
- Show Sign/VerifyRecover attributes (#2888)
- Add option to import generic keys (#2955)
* westcos-tool
- Generate 2k RSA keys by default (b53fc5c)
* pkcs11-register
- Disable autostart on Linux by default (#2680)
* IDPrime
- Add support for IDPrime MD 830, 930 and 940 (#2666)
- Add support for SafeNet eToken 5110 token (#2812)
- Process index even without keyrefmap and use correct label for second
PIN (#2878)
- Add support for Gemalto IDPrime 940C (#2941)
* EPass2003
- Change of PIN requires verification of the PIN (#2759)
- Fix incorrect CMAC computation for subkeys (#2759, issue #2734)
- Use true random number for mutual authentication for SM (#2766)
- Add verification of data coming from the token in the secure messaging
mode (#2772)
- Avoid success when using unsupported digest and fix data length for RAW
ECDSA signatures (#2845)
* OpenPGP
- Fix select data command (#2753, issue #2752)
- Unbreak ed/curve25519 support (#2892)
* eOI
- Add support for Slovenian eID card (eOI) (#2646)
* Italian CNS
- Add support for IDEMIA (Oberthur) tokens (#2483)
* PIV
- Add support for Swissbit iShield FIDO2 Authenticator (#2671)
- Implement PIV secure messaging (#2053)
* SkeID
- Add support for Slovak eID cards (#2672)
* isoApplet
- Support ECDSA with off-card hashing (#2642)
* MyEID
- Fix WRAP operation when using T0 (#2695)
- Identify changes on the card and enable use_file_cache (#2798)
- Workaround for unwrapping using 2K RSA key (#2921)
* SC-HSM
- Add support for opensc-tool --serial (#2675)
- Fix unwrapping of 4096 keys with handling reader limits (#2682)
- Indicate supported hashes and MGF1s (#2827)
- Remove patches:
* opensc-CVE-2023-40660-1of2.patch
* opensc-CVE-2023-40660-2of2.patch
* opensc-CVE-2023-40661-1of12.patch
* opensc-CVE-2023-40661-2of12.patch
* opensc-CVE-2023-40661-3of12.patch
* opensc-CVE-2023-40661-4of12.patch
* opensc-CVE-2023-40661-5of12.patch
* opensc-CVE-2023-40661-6of12.patch
* opensc-CVE-2023-40661-7of12.patch
* opensc-CVE-2023-40661-8of12.patch
* opensc-CVE-2023-40661-9of12.patch
* opensc-CVE-2023-40661-10of12.patch
* opensc-CVE-2023-40661-11of12.patch
* opensc-CVE-2023-40661-12of12.patch
* opensc-CVE-2023-4535.patch
* opensc-CVE-2023-2977.patch
* opensc-NULL_pointer_fix.patch
* Fri Oct 06 2023 Otto Hollmann <otto.hollmann@suse.com>
- Security Fix: [CVE-2023-40661, bsc#1215761]
* opensc: multiple memory issues with pkcs15-init (enrollment tool)
* Add patches:
- opensc-CVE-2023-40661-1of12.patch
- opensc-CVE-2023-40661-2of12.patch
- opensc-CVE-2023-40661-3of12.patch
- opensc-CVE-2023-40661-4of12.patch
- opensc-CVE-2023-40661-5of12.patch
- opensc-CVE-2023-40661-6of12.patch
- opensc-CVE-2023-40661-7of12.patch
- opensc-CVE-2023-40661-8of12.patch
- opensc-CVE-2023-40661-9of12.patch
- opensc-CVE-2023-40661-10of12.patch
- opensc-CVE-2023-40661-11of12.patch
- opensc-CVE-2023-40661-12of12.patch
* Thu Oct 05 2023 Otto Hollmann <otto.hollmann@suse.com>
- Security Fix: [CVE-2023-4535, bsc#1215763]
* Add patches:
- opensc-CVE-2023-4535.patch
- opensc-NULL_pointer_fix.patch
* Wed Oct 04 2023 Otto Hollmann <otto.hollmann@suse.com>
- Security Fix: [CVE-2023-40660, bsc#1215762]
* opensc: PIN bypass when card tracks its own login state
* Add patches:
- opensc-CVE-2023-40660-1of2.patch
- opensc-CVE-2023-40660-2of2.patch
* Thu Jun 01 2023 Otto Hollmann <otto.hollmann@suse.com>
- Security Fix: [CVE-2023-2977, bsc#1211894]
* opensc: out of bounds read in pkcs15 cardos_have_verifyrc_package()
* Add opensc-CVE-2023-2977.patch
* Tue Nov 29 2022 Michael Ströder <michael@stroeder.com>
- Update to OpenSC 0.23.0:
* General improvements
- Support signing of data with a length of more than 512 bytes (#2314)
- By default, disable support for old card drivers (#2391) and remove
support for old drivers MioCOS and JCOP (#2374)
- Bump minimal required OpenSSL version to 1.1.1 and add support for OpenSSL 3.0 (#2438, #2506)
- Compatibility with LibreSSL (#2495, #2595)
- Remove support for DSA (#2503)
- Extend p11test to support symmetric keys (#2430)
- Notice detached reader on macOS (#2418)
- Support for OAEP padding (#2475, #2484)
- Fix for PSS salt length (#2478)
- Improve fuzzing by adding new tests (#2417, #2500, #2520, #2550, #2637)
- Fixed various issues reported by OSS-Fuzz and Coverity regarding
card drivers, PKCS#11 and PKCS#15 init
- Fix issues with OpenPACE (#2472)
- Containers support for local testing
- Add support for encryption and decryption using symmetric keys (#2473, #2607)
- Stop building support for Gost algorithms with OpenSSL 3.0 as they
require deprecated API (#2586)
- Fix detection of disconnected readers in PCSC (#2600)
- Add configuration option for on-disk caching of private data (#2588)
- Skip building empty binaries when dependencies are missing and
remove needless linking (#2617)
- Define arm64 as a supported architecture in the Installer package (#2610)
* PKCS#11
- Implement C_CreateObject for EC keys and fix signature verification
for CKM_ECDSA_SHAx cards (#2420)
* pkcs11-tool
- Add more elliptic curves (#2301)
- Add support for symmetric encrypt and decrypt, wrap and unwrap operations,
and initialization vector (#2268)
- Fix consistent handling of secret key attributes (#2497)
- Add support for signing and verifying with HMAC (#2385)
- Add support for SHA3 (#2467)
- Make object selectable via label (#2570)
- Do not require an R/W session for some operations and
add --session-rw option (#2579)
- Print more information: CKA_UNIQUE_ID attribute, SHA3 HMACs and
serial number for certificates (#2644, #2643, #2641)
- Add new option --undestroyable to create keys with CKA_DESTROYABLE=FALSE (#2645)
* sc-hsm-tool
- Add options for public key authentication (#2301)
* Minidriver
- Fix reinit of the card (#2525)
- Add an entry for Italian CNS (e) (#2548)
- Fix detection of ECC mechanisms (#2523)
- Fix ATRs before adding them to the windows registry (#2628)
* NQ-Applet
- Add support for the JCOP4 Cards with NQ-Applet (#2425)
* ItaCNS
- Add support for ItaCMS v1.1 (key length 2048) (#2371)
* Belpic
- Add support for applet v1.8 (#2455)
* Starcos
- Add ATR for V3.4 (#2464)
- Add PKCS#15 emulator for 3.x cards with eSign app (#2544)
* ePass2003
- Fix PKCS#15 initialization (#2403)
- Add support for FIPS (#2543)
- Fix matching with newer versions and tokens initialized with OpenSC (#2575)
* MyEID
- Support logout operation (#2557)
- Support for symmetric encryption and decryption (#2473, #2607)
* GIDS
- Fix decipher for TPM (#1881)
* OpenPGP
- Get the list of supported algorithms from algorithm information
on the card (#2287)
- Support for 3 certificates with OpenPGP 3+ (#2103)
* nPA
- Fix card detection (#2463)
* Rutoken
- Fix formatting rtecp cards (#2599)
* PIV
- Add new PIVKey ATRs for current cards (#2602)
/usr/share/bash-completion/completions/cardos-tool /usr/share/bash-completion/completions/cryptoflex-tool /usr/share/bash-completion/completions/dnie-tool /usr/share/bash-completion/completions/dtrust-tool /usr/share/bash-completion/completions/egk-tool /usr/share/bash-completion/completions/eidenv /usr/share/bash-completion/completions/gids-tool /usr/share/bash-completion/completions/goid-tool /usr/share/bash-completion/completions/iasecc-tool /usr/share/bash-completion/completions/netkey-tool /usr/share/bash-completion/completions/npa-tool /usr/share/bash-completion/completions/openpgp-tool /usr/share/bash-completion/completions/opensc-asn1 /usr/share/bash-completion/completions/opensc-explorer /usr/share/bash-completion/completions/opensc-notify /usr/share/bash-completion/completions/opensc-tool /usr/share/bash-completion/completions/piv-tool /usr/share/bash-completion/completions/pkcs11-register /usr/share/bash-completion/completions/pkcs11-tool /usr/share/bash-completion/completions/pkcs15-crypt /usr/share/bash-completion/completions/pkcs15-init /usr/share/bash-completion/completions/pkcs15-tool /usr/share/bash-completion/completions/sc-hsm-tool /usr/share/bash-completion/completions/westcos-tool
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Feb 1 23:58:14 2025