libtasn1-4.13-lp150.3.3.1 4 > $ A p \ak/=!i0&5(6s݊CZA qK['d3]c;Xao~@BC/OՒ$::K&H4rO]ψQ3Չ eѭ $[?_F|M.xi^-wkS+[}vݩ%b|L7Hf#_sҊ+s)FLGBVY `LN[5R8ꇁ=5?hʟep$v" wpwtoocf50825f2a3c91ef8ef212223664862ff13eb3e7d 99f2ee0174862835ef0e50c2648fd077cb411c31a9efb5d551430e2b8479bf27 9 \ak/=/ ,V+$_?UÞ>^ۃо"7UDYNQBedId}g*f1ĻC@-*>
U[-z`PĶ>{[߰*3s弐= > p 5 BT ? BD d 2 0 Q
( @
8 H ( 8 # 9 , # : t # F @k G @ H @ I @ R @ \ @ ] @ ^ AR c AS d A e A f A A A A B@ C libtasn1 4.13 lp150.3.3.1 ASN.1 parsing library This is the ASN.1 library used by GNUTLS. More up to date information
can be found at http://www.gnu.org/software/gnutls and
http://www.gnutls.org \aclamb12 openSUSE Leap 15.0 openSUSE LGPL-2.1-or-later AND GPL-3.0-only http://bugs.opensuse.org Productivity/Networking/Security baselibs.conf libtasn1.keyring libtasn1-4.13.tar.gz.sig libtasn1-4.13.tar.gz libtasn1-object-id-recursion.patch https://www.gnu.org/software/libtasn1/ linux x86_64 w
HR J SZbBZbB\KeS$\a;1a53f635ea9d2ae415319d61ff0791ae8950421ba2f504ec2428456e28040e15 7e528e8c317ddd156230c4e31d082cd13e7ddeb7a54824be82632209550c8cca c1df4974fee33f4bafe0c8c1380fbdd5e9e570f4ad2d5a022a6ac25dbb05807f 397c0f918cc46a576c6f52321f32e717d1b3833d186316645fe7c3450d03c253 63562da3264bc9345e743fccab1ae46015f01d2497812c8760134cb7fe179240 05758eb5518c8eee695fe226ee28b54bc82e9f7c0e212629988ac6dea5409e0c root root root root root root root root root root root root
info pkgconfig rpmlib(CompressedFileNames) rpmlib(FileDigests) 3.0.4-1 4.6.0-1 4.14.1 \@ZZaY3@W@WUYU|@UCjU@UT8T5'@SFSQɆ@QP|@Pe@P@OOfO @LZ@K@K*@JB@J{IIIL@HYG{|GjY@GjY@mgorse@suse.com fvogt@suse.com kbabioch@suse.com astieger@suse.com astieger@suse.com mpluskal@suse.com zaitor@opensuse.org astieger@suse.com astieger@suse.com astieger@suse.com mpluskal@suse.com jengelh@inai.de tabraham@suse.com mgorse@suse.com meissner@suse.com coolo@suse.com meissner@suse.com andreas.stieger@gmx.de meissner@suse.com aj@suse.de cfarrell@suse.com tabraham@novell.com tabraham@novell.com jengelh@medozas.de coolo@novell.com jengelh@medozas.de vuntz@novell.com vuntz@novell.com ro@suse.de mboman@suse.de mboman@suse.de maw@suse.de maw@suse.de maw@suse.de maw@suse.de - Add libtasn1-object-id-recursion.patch: limit recursion in
_asn1_expand_object_id (boo#1105435 CVE-2018-1000654
(https://gitlab.com/gnutls/libtasn1/merge_requests/8) - Use %license (boo#1082318) - update to 4.13
* On indefinite string decoding, set a maximum level of allowed
recursions (3) to protect the BER decoder from a stack exhaustion.
(CVE-2018-6003 boo#1076832) - libtasn1 4.12:
* Corrected so-name version
- includes changes in 4.11:
* Introduce the ASN1_TIME_ENCODING_ERROR error code to indicate
an invalid encoding in the DER time fields.
* Introduced flag ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME. This flag
allows decoding errors in time fields even when in strict DER mode.
That is introduced in order to allow toleration of invalid times in
X.509 certificates (which are common) even though strict DER adherence
is enforced in other fields.
* Added safety check in asn1_find_node(). That prevents a crash
when a very long variable name is provided by the developer.
Note that this to be exploited requires controlling the ASN.1
definitions used by the developer, i.e., the 'name' parameter of
asn1_write_value() or asn1_read_value(). The library is
not designed to protect against malicious manipulation of the
developer assigned variable names
- includes changes from 4.10:
* Updated gnulib
* Removed -Werror from default compiler flags
(drop patch 0001-configure-don-t-add-Werror-to-build-flags.patch)
* Fixed undefined behavior when negating integers in _asn1_ltostr().
* Pass the correct length to _asn1_get_indefinite_length_string in
asn1_get_length_ber. This addresses reading 1-byte past the end
of data. - update to 4.9:
* Fix OID encoding of OIDs which have elements which exceed 2^32
- Do not treat i586 warning as error, adding upstream
0001-configure-don-t-add-Werror-to-build-flags.patch
- fate#322523 - Update to 4.8
* Fixes to avoid reliance on C undefined behavior.
* Fixes to avoid an infinite recursion when decoding without the
ASN1_DECODE_FLAG_STRICT_DER flag. Reported by Pascal Cuoq.
(CVE-2016-4008 / bsc#982779)
* Combined all the BER octet string decoding functions to a
single one based on asn1_decode_simple_ber(). - Update to version 4.7:
* Fixed regression introduced in the decoding of multi-byte tags
fix. - libtasn1 4.6:
* Allow decoding OCTET STRINGs with multi-byte tags.
* Add asn1_get_object_id_der - update libtasn1 4.5:
* Corrected an invalid memory access in octet string decoding.
CVE-2015-3622 [boo#929414] - update to libtasn1 4.4 [bsc#924828]:
* Corrected a two-byte stack overflow in asn1_der_decoding.
CVE-2015-2806 - Update project url
- Cleanup spec-file with spec-cleaner
- Add info preun and post dependencies
- Update to 4.3
* Added asn1_decode_simple_ber()
* Only assign a value if the previous node has one (bsc#961491). - Put C API documentation into -devel package.
Use modern %make_install. Description fix. - updated to libtasn1 4.2:
* Noteworthy changes in release 4.2 (released 2014-09-15) [stable]
- Added sanity checks in the decoding of time when
ASN1_DECODE_FLAG_STRICT_DER is used.
- Fixes in the decoding of OCTET STRING when close to the end
of the structure.
* Noteworthy changes in release 4.1 (released 2014-08-23) [stable]
- Corrected indefinite tag check in ANY constructions. That allows
the decoding of BER-encoded structures that contain indefinite
encoding within an ANY element.
- Added DER decoding flag ASN1_DECODE_FLAG_STRICT_DER. Over the
years BER functionality was added to the decoder and this flag
provides the way to disable it.
- API and ABI changes since last version:
ASN1_DECODE_FLAG_STRICT_DER: New definition
* Noteworthy changes in release 4.0 (released 2014-06-26) [stable]
- Optimized asn1_der_decoding_startEnd(). It no longer requires the
additional decoding step.
- asn1_read_value() understands the ?CURRENT keyword, which can be used
to indicate the current element of a sequence, when the provided node
is a sequence element.
- Several optimizations in DER decoding of structures with sequences
containing many elements.
- asn1_der_decoding2() is introduced and allows flags to be passed on
the decoding process. Currently only ASN1_DECODE_FLAG_ALLOW_PADDING is
defined and that allows decoding DER structures that contain arbitrary
data past their end. Contributed by Karel Slany.
- API and ABI changes since last version:
ASN1_DECODE_FLAG_ALLOW_PADDING: New definition
asn1_dup_node: New function
asn1_der_decoding2: New function
asn1_der_decoding_element: It is now an alias to asn1_der_decoding - updated to libtasn1 3.7:
* Noteworthy changes in release 3.7 (released 2014-06-26) [stable]
- Fixes in length calculation in _asn1_extract_der_octet().
- Fixes in DER decoding.
- Fixes: CVE-2014-3468 CVE-2014-3467 CVE-2014-3469 bnc#880738
bnc#880737 bnc#880735 - libtasn1.keyring: added Nikos Mavrogiannopoulos