Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libtasn1-4.13-lp150.2.2 RPM for armv7hl

From OpenSuSE Ports Leap 15.0 for armv7hl

Name: libtasn1 Distribution: openSUSE Leap 15.0
Version: 4.13 Vendor: openSUSE
Release: lp150.2.2 Build date: Thu Apr 26 18:19:48 2018
Group: Productivity/Networking/Security Build host: obs-arm-6
Size: 120501 Source RPM: libtasn1-4.13-lp150.2.2.src.rpm
Summary: ASN.1 parsing library
This is the ASN.1 library used by GNUTLS. More up to date information
can be found at and




LGPL-2.1+ and GPL-3.0


* Thu Feb 22 2018
  - Use %license (boo#1082318)
* Fri Jan 19 2018
  - update to 4.13
    * On indefinite string decoding, set a maximum level of allowed
      recursions (3) to protect the BER decoder from a stack exhaustion.
      (CVE-2018-6003 boo#1076832)
* Sun Jun 04 2017
  - libtasn1 4.12:
    * Corrected so-name version
  - includes changes in 4.11:
    * Introduce the ASN1_TIME_ENCODING_ERROR error code to indicate
      an invalid encoding in the DER time fields.
    * Introduced flag ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME. This flag
      allows decoding errors in time fields even when in strict DER mode.
      That is introduced in order to allow toleration of invalid times in
      X.509 certificates (which are common) even though strict DER adherence
      is enforced in other fields.
    * Added safety check in asn1_find_node(). That prevents a crash
      when a very long variable name is provided by the developer.
      Note that this to be exploited requires controlling the ASN.1
      definitions used by the developer, i.e., the 'name' parameter of
      asn1_write_value() or asn1_read_value(). The library is
      not designed to protect against malicious manipulation of the
      developer assigned variable names
  - includes changes from 4.10:
    * Updated gnulib
    * Removed -Werror from default compiler flags
      (drop patch 0001-configure-don-t-add-Werror-to-build-flags.patch)
    * Fixed undefined behavior when negating integers in _asn1_ltostr().
    * Pass the correct length to _asn1_get_indefinite_length_string in
      asn1_get_length_ber. This addresses reading 1-byte past the end
      of data.
* Wed Aug 10 2016
  - update to 4.9:
    * Fix OID encoding of OIDs which have elements which exceed 2^32
  - Do not treat i586 warning as error, adding upstream
  - fate#322523
* Mon Apr 11 2016
  - Update to 4.8
    * Fixes to avoid reliance on C undefined behavior.
    * Fixes to avoid an infinite recursion when decoding without the
      ASN1_DECODE_FLAG_STRICT_DER flag. Reported by Pascal Cuoq.
      (CVE-2016-4008 / bsc#982779)
    * Combined all the BER octet string decoding functions to a
      single one based on asn1_decode_simple_ber().
* Wed Sep 16 2015
  - Update to version 4.7:
    * Fixed regression introduced in the decoding of multi-byte tags
* Mon Sep 07 2015
  - libtasn1 4.6:
    * Allow decoding OCTET STRINGs with multi-byte tags.
    * Add asn1_get_object_id_der
* Fri May 01 2015
  - update libtasn1 4.5:
    * Corrected an invalid memory access in octet string decoding.
      CVE-2015-3622 [boo#929414]
* Sun Mar 29 2015
  - update to libtasn1 4.4 [bsc#924828]:
    * Corrected a two-byte stack overflow in asn1_der_decoding.
* Sun Mar 22 2015
  - Update project url
  - Cleanup spec-file with spec-cleaner
  - Add info preun and post dependencies
  - Update to 4.3
    * Added asn1_decode_simple_ber()
    * Only assign a value if the previous node has one (bsc#961491).
* Sat Feb 14 2015
  - Put C API documentation into -devel package.
    Use modern %make_install. Description fix.
* Wed Oct 08 2014
  - updated to libtasn1 4.2:
    * Noteworthy changes in release 4.2 (released 2014-09-15) [stable]
    - Added sanity checks in the decoding of time when
    - Fixes in the decoding of OCTET STRING when close to the end
      of the structure.
    * Noteworthy changes in release 4.1 (released 2014-08-23) [stable]
    - Corrected indefinite tag check in ANY constructions. That allows
      the decoding of BER-encoded structures that contain indefinite
      encoding within an ANY element.
    - Added DER decoding flag ASN1_DECODE_FLAG_STRICT_DER. Over the
      years BER functionality was added to the decoder and this flag
      provides the way to disable it.
    - API and ABI changes since last version:
      ASN1_DECODE_FLAG_STRICT_DER: New definition
    * Noteworthy changes in release 4.0 (released 2014-06-26) [stable]
    - Optimized asn1_der_decoding_startEnd(). It no longer requires the
      additional decoding step.
    - asn1_read_value() understands the ?CURRENT keyword, which can be used
      to indicate the current element of a sequence, when the provided node
      is a sequence element.
    - Several optimizations in DER decoding of structures with sequences
      containing many elements.
    - asn1_der_decoding2() is introduced and allows flags to be passed on
      the decoding process. Currently only ASN1_DECODE_FLAG_ALLOW_PADDING is
      defined and that allows decoding DER structures that contain arbitrary
      data past their end. Contributed by Karel Slany.
    - API and ABI changes since last version:
      ASN1_DECODE_FLAG_ALLOW_PADDING: New definition
      asn1_dup_node: New function
      asn1_der_decoding2: New function
      asn1_der_decoding_element: It is now an alias to asn1_der_decoding
* Fri Jul 25 2014
  - updated to libtasn1 3.7:
    * Noteworthy changes in release 3.7 (released 2014-06-26) [stable]
    - Fixes in length calculation in _asn1_extract_der_octet().
    - Fixes in DER decoding.
    - Fixes: CVE-2014-3468 CVE-2014-3467 CVE-2014-3469 bnc#880738
      bnc#880737 bnc#880735
* Tue Jun 03 2014
  - libtasn1.keyring: added Nikos Mavrogiannopoulos <>
    key, who did this release (and shares responsibility with Simon).
  - updated to libtasn1 3.6
    * Noteworthy changes in release 3.6 (released 2014-05-25) [stable]
    - Corrected an off-by-one error in ASN.1 DER tag decoding. (CVE-2014-3468/bnc#880735)
    - Several improvements and new safety checks on DER decoding;
      issues found using Codenomicon TLS test suite. (CVE-2014-3469/bnc#880738,
    - Marked asn1_der_decoding_element() as deprecated. Use
      asn1_der_decoding() instead.
    * Noteworthy changes in release 3.5 (released 2014-05-01) [stable]
    - Correctly handle decoding of recursive CHOICE options.
    - Allow deleting elements of SET OF. Patch by Jean-Louis Thekekara.
    - Several small bug fixes found by coverity.
    - Code improvements contributed by Kurt Roeckx.
    * Noteworthy changes in release 3.4 (released 2013-11-25) [stable]
    - Added asn1_delete_structure2() which allows zeroizing the contents
      of all values in the structure prior to deinitialization.
    - The parser accepts negative numbers in an INTEGER range (but
      still does no enforce them).
* Tue Jun 25 2013
  - remove gpg source checking again to avoid this cycle:
    libtasn1 -> libssh2_org -> openssh -> krb5 -> python-Jinja2 -> vim -> libtasn1
* Thu Jun 20 2013
  - updated to libtasn1 3.3
    * Noteworthy changes in release 3.3 (released 2013-03-23) [stable]
    - More precise overflow checks using gnulib's intprops module.
    - Updates to compile in Android systems.
    * Noteworthy changes in release 3.2 (released 2012-11-30) [stable]
    - Corrected buffer overflow in the error reporting of the parser (reported
      by Andreas Metzler).
    * Noteworthy changes in release 3.1 (released 2012-11-24) [stable]
    - Completed rename of types:
      ASN1_ARRAY_TYPE -> asn1_static_node (was asn1_static_node_t)
    - Added new types: VisibleString, NumericString, IA5String, TeletexString,
      PrintableString, UniversalString, BMPString, UTF8String. When re-defined
      a warning is being print instead of failing.
    - Parser outputs more detailed syntax error messages.
    - Added asn1_decode_simple_der() and asn1_encode_simple_der().
    - Added asn1_read_value_type() to return value and type.
  - added gpg source checking
* Sat Nov 17 2012
  - update to libtasn1 3.0, SONAME
    - Added tool in tests/ to benchmark X.509 structure decoding.
    - Added asn1_read_node_value() to obtain a node's value.
    - Optimizations in internal tree allocation.
    - Optimizations in tree search.
    - libtasn1.h no longer exports internal structures.
    - Types were renamed for consistency:
      ASN1_DATA_NODE -> asn1_data_node_st
      ASN1_ARRAY_TYPE -> asn1_static_node
      ASN1_TYPE -> asn1_node
      static_struct_asn -> asn1_static_node_st
      node_asn_struct -> asn1_node_st
      node_asn -> asn1_node_st
      (the old types are still available as definitions)
  - fix W: devel-package-with-non-devel-group
* Fri Sep 28 2012
  - updated to version 2.14
    This release adds asn1_read_node_value() to obtain a node's value. This
    is to deprecate the export of the node_asn internal structure for the
    upcoming 3.x release. The ASN1_DATA_NODE type and the ASN1_ETYPE_*
    constants were added to support the new function.
  - removed upstreamed libtasn1-stdio.h patch
  - make check
* Sun Jul 22 2012
  - Fix build with missing gets declaration (glibc 2.16)
* Fri Jun 29 2012
  - license update: LGPL-2.1+ and GPL-3.0
    Tools are GPL-3.0
* Sat Apr 14 2012
  - update to version 2.12
    + Cleanup license headers.
    + build: Update gnulib files.
    + Corrected DER decoding issue (reported by Matthew Hall).
      Added self check to detect the problem, see tests/Test_overflow.c.
      This problem can lead to at least remotely triggered crashes, see
      further analysis on the libtasn1 mailing list.
* Sun Jan 08 2012
  - update to version 2.11
    + qa: now builds without compiler warnings with Solaris CC
    + qa: added clang analysis. fixed cyclomatic complexity output
    + tests: added self-test of bit string functions
    + build: added windows/ rules to produce Windows
    + build: don't hard code path to perl in doc/gdoc
    + various minor fixes
  - changes in version 2.10
    + lib: small optimization, possibly working around gcc/valgrind issue
    + build: update gnulib files
    + asn1Coding: actually implement the -c parameter
    + asn1Decoding: the -c parameter serves no purpose. remove it.
    + doc: add examples to asn1Coding and ans1Decoding description
  - changes in version 2.9
    + tests: link to gnulib to avoid build error related to 'rpl_ftello'
      on Solaris. Reported by Dagobert Michelsen
    + doc: fix bug reporting address to point at
    + doc: fix returns: documentation in Texinfo. Reported by Jeffery
    + build : update gnulib files
  - changes in version 2.8
    + update gnulib files
    + use libtool 2.2.10 to ease MinGW64 builds
  - changes in version 2.7
    + Doc: build PDF manual using GTK-DOC
    + Doc: fix of asn1_check_version, documentation was missing from
      last release
    + Build: avoid warnings about ignored visibility attributes on
  - changes in version 2.6
    + Fix build failure on platforms without support for GNU_LD
      version scripts
    + libtasn1: simplified implementation of asn1_check_version
    + tests: improved self-checks
    + update gnulib files, fix many syntax-check nits, indent code,
      fix license templates
  - changes in version 2.5
    + doc: improve GTK-DOC comments
    + misc: updated gnulib files
  - changes in version 2.4
    + Doc fixes
    + updated gnulib files
    + clean up copyright notices
  - changes in version 2.3
    + libtasn1 is now an official GNU project
    + solve build problem on Tru64 related to TRUE/FALSE
    + More careful decoding of OIDs
    + Fixed warning in ANS1.y
    + Use "Software libraries" info dircategory
    + Drop GPL/LGPL copies from the manual (not needed there)
    + New configure parameters to set packagin specific information
      The parameters are --with-packager, --with-packager-version,
      and --with-packager-bug-reports. See
      <> for
      more details.
* Sun Oct 31 2010
  - Use %_smp_mflags
* Sat Apr 24 2010
  - buildrequire pkg-config to fix provides
* Thu Dec 17 2009
  - Add baselibs.conf as a source
* Thu May 21 2009
  - Update to version 2.2:
    + Change how the ASN1_API decorator is used in libtasn1.h, for
    + Changed license of libtasn1.pc from GPLv3+ to LGPLv2.1+.
    + Building with many warning flags now requires
    - -enable-gcc-warnings.
    + Some warnings fixed.
  - Fix license of library packages: it's LGPL not GPL.
* Wed May 06 2009
  - Update to version 2.1:
    + Fix compilation failure on platforms that can't generate empty
      archives, e.g., Mac OS X.
  - Changes from version 2.0:
    + Optimized tree generation.
    + ASN1 parser code re-generated using Bison 2.4.1.
    + Build with more warning flags.  Many compiler warnings fixed.
    + Compiled with -fvisibility=hidden by default if supported.
    + The libtasn1-config tool has been removed. For application
      developers, please stop using libtasn1-config for finding
      libtasn1, use proper autoconf checks or pkg-config instead.
  - Remove AutoReqProv: it's default now.
  - Pass --disable-static to configure.



Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Jan 9 10:24:42 2022