------------------------------------------------------------------- Fri Apr 4 09:54:05 UTC 2025 - firo.yang@suse.com - Fix for SG#69861, bsc#1239587: * libtasn1-CVE-2024-12133_1.patch, libtasn1-CVE-2024-12133_02.patch [PATCH 1/1] asn1_der_decoding2: optimize _asn1_find_up call with node cache ------------------------------------------------------------------- Mon Nov 7 13:49:11 UTC 2022 - jsilva@suse.com - Fix for SG#64548, bsc#1205081: * libtasn1-CVE-2021-46848.patch: Fixed off-by-one array size check that affects asn1_encode_simple_der (CVE-2021-46848). ------------------------------------------------------------------- Mon Nov 7 13:47:52 UTC 2022 - jsilva@suse.com - LEVEL 3 SUPPORT STARTS HERE - All changes above this marker are made by SUSE L3 Team. =================================================================== ------------------------------------------------------------------- Fri Jun 3 12:58:50 UTC 2016 - meissner@suse.com - libtasn1-CVE-2015-3622.patch: Fixed invalid read in octet string decoding (CVE-2015-3622, bsc#929414) - libtasn1-CVE-2016-4008.patch: Fixed infinite loop while parsing DER certificates (CVE-2016-4008, bsc#982779) ------------------------------------------------------------------- Tue Jan 12 16:52:59 UTC 2016 - mgorse@suse.com - Add libtasn1-bsc961491-value-crash.patch: only assign a value if the previous node had one. Fixes a crash (bsc#961491). ------------------------------------------------------------------- Fri Apr 24 14:54:09 UTC 2015 - meissner@suse.com - libtasn1-CVE-2015-2806.patch: fixed a two-byte stack overflow in asn1_der_decoding (bsc#924828 CVE-2015-2806) - info deinstall needs to be in %preun - license string adjust to SPDX done by Christopher de Nicolo ------------------------------------------------------------------- Fri Jul 11 21:30:22 CDT 2014 - federico@suse.com - In order to update libtasn1 with the patches required for https://bugzilla.novell.com/show_bug.cgi?id=880737, we have to do the following: - Pull the source code for libtasn1-3.6 - Wrap the entire API and make it internal-only. - Expose the same API/ABI as that of libtasn1-1.5. Backporting patches to version 1.5 is unfeasible. From now on we should be able to use patches for version 3.x, while maintaining the old API/ABI. ------------------------------------------------------------------- Fri Jun 13 18:55:11 UTC 2014 - sreeves@suse.com - Add bnc880735-commit*. Fix for CVE-2014-3468. - Add bnc880738-commit*. Fix for CVE-2014-3469. ------------------------------------------------------------------- Sun Dec 6 11:00:17 CET 2009 - kukuk@suse.de - Fix baselibs.conf ------------------------------------------------------------------- Fri Dec 4 10:25:04 CET 2009 - kukuk@suse.de - Add baselibs.conf ------------------------------------------------------------------- Fri Sep 12 07:30:10 CDT 2008 - maw@suse.de - Update to version 1.5: + Update gnulib files + Handle 'INTEGER { ... } (a..b)' regression Revert parts of earlier fix. asn1Parser can now again parse src/pkix.asn1. The ASN1.c file was generated using Bison 2.3. + Move examples from src/ to new directory examples/. + Duplicate copy of divergated pkix.asn removed. + Merge unnecessary lib/defines.h into lib/int.h. + Misc. fixes. ------------------------------------------------------------------- Wed Jan 2 20:37:16 CET 2008 - maw@suse.de - Add a %clean section. ------------------------------------------------------------------- Thu Dec 20 13:21:18 CST 2007 - maw@suse.de - Properly package info files - Package several documentation files. ------------------------------------------------------------------- Thu Dec 20 12:42:17 CST 2007 - maw@suse.de - New package, version 1.2.