# # spec file for package opensc # # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define completionsdir %(pkg-config --variable completionsdir bash-completion) Name: opensc Version: 0.19.0 Release: 0 Summary: Smart Card Utilities License: LGPL-2.1-or-later Group: Productivity/Security URL: https://github.com/OpenSC/OpenSC/wiki Source: https://github.com/OpenSC/OpenSC/releases/download/%{version}/%{name}-%{version}.tar.gz Source1: baselibs.conf Source2: %{name}-rpmlintrc # Register with p11-kit # https://web.archive.org/web/20111225073733/http://www.opensc-project.org/opensc/ticket/390 Source3: opensc.module # PATCH-FIX_UPSTREAM opensc-0_19_0-CVE-2020-26570.patch https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e -- buffer overflow in sc_oberthur_read_file Patch1: opensc-0_19_0-CVE-2020-26570.patch # PATCH-FIX_UPSTREAM opensc-0_19_0-CVE-2020-26572.patch https://github.com/OpenSC/OpenSC/commit/9d294de90d1cc66956389856e60b6944b27b4817 -- prevent out of bounds write Patch2: opensc-0_19_0-CVE-2020-26572.patch # PATCH-FIX_UPSTREAM opensc-0_19_0-CVE-2020-26571.patch https://github.com/OpenSC/OpenSC/commit/ed55fcd2996930bf58b9bb57e9ba7b1f3a753c43 - fix stack-based overflow Patch3: opensc-0_19_0-CVE-2020-26571.patch # PATCH-FIX_UPSTREAM opensc-0_19_0-CVE-2019-19480.patch https://github.com/OpenSC/OpenSC/commit/630d6adf32cecaab0ee184618f56497bd50400fb # PATCH-FIX_UPSTREAM opensc-0_19_0-CVE-2019-19480.patch https://github.com/OpenSC/OpenSC/commit/6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7 - improper free operation in sc_pkcs15_decode_prkdf_entry Patch4: opensc-0_19_0-CVE-2019-19480.patch # PATCH-FIX_UPSTREAM opensc-0_19_0-CVE-2019-15946.patch https://github.com/OpenSC/OpenSC/commit/a3fc7693f3a035a8a7921cffb98432944bb42740 - out of bounds access Patch5: opensc-0_19_0-CVE-2019-15946.patch # PATCH-FIX_UPSTREAM opensc-0_19_0-CVE-2019-15945.patch https://github.com/OpenSC/OpenSC/commit/412a6142c27a5973c61ba540e33cdc22d5608e68 - out of bounds access Patch6: opensc-0_19_0-CVE-2019-15945.patch # PATCH-FIX_UPSTREAM opensc-0_19_0-CVE-2019-19479.patch https://github.com/OpenSC/OpenSC/commit/c3f23b836e5a1766c36617fe1da30d22f7b63de2 - fixed UNKNOWN READ Patch7: opensc-0_19_0-CVE-2019-19479.patch # PATCH-FIX_UPSTREAM opensc-0_19_0-CVE-2019-20792.patch https://github.com/OpenSC/OpenSC/commit/c246f6f69a749d4f68626b40795a4f69168008f4 - coolkey: Make sure the object ID is unique Patch8: opensc-0_19_0-CVE-2019-20792.patch BuildRequires: docbook-xsl-stylesheets BuildRequires: libtool BuildRequires: libxslt BuildRequires: pkgconfig BuildRequires: readline-devel BuildRequires: pkgconfig(bash-completion) BuildRequires: pkgconfig(libpcsclite) BuildRequires: pkgconfig(openssl) Requires: pcsc-lite # There is no more devel package. Obsoletes: opensc-devel < %{version} %description OpenSC provides a set of utilities to access smart cards. It mainly focuses on cards that support cryptographic operations. It facilitates their use in security applications such as mail encryption, authentication, and digital signature. OpenSC implements the PKCS#11 API. Applications supporting this API, such as Mozilla Firefox and Thunderbird, can use it. OpenSC implements the PKCS#15 standard and aims to be compatible with every software that does so, too. Before purchasing any cards, please read carefully documentation on the web pageonly some cards are supported. Not only card type matters, but also card version, card OS version and preloaded applet. Only subset of possible operations may be supported for your card. Card initialization may require third party proprietary software. %prep %setup -q %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %build autoreconf -fvi %configure \ --docdir=%{_docdir}/%{name} \ --disable-static \ --enable-doc \ --disable-silent-rules make %{?_smp_mflags} %install %make_install cp COPYING NEWS README %{buildroot}%{_docdir}/%{name} # Private library. rm %{buildroot}%{_libdir}/libopensc.so install -D -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/pkcs11/modules/opensc.module %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %files %doc %dir %{_docdir}/%{name} %license %{_docdir}/%{name}/COPYING %doc %{_docdir}/%{name}/NEWS %doc %{_docdir}/%{name}/README %doc %{_docdir}/%{name}/tools.html %doc %{_docdir}/%{name}/files.html %doc %{_docdir}/%{name}/opensc.conf %{_bindir}/* %{_datadir}/applications/*.desktop %{_datadir}/opensc # Note: .la and .so must be in the main package, required by ltdl: %{_libdir}/*.la %{_libdir}/*.so* %dir %{_libdir}/pkcs11 %{_libdir}/pkcs11/*.so %{_libdir}/pkgconfig/opensc-pkcs11.pc %{_mandir}/man?/*%{ext_man} %config %{_sysconfdir}/opensc.conf %dir %{_sysconfdir}/pkcs11 %config %{_sysconfdir}/pkcs11/modules/ # This is a private library. There is no reason to split it to libopensc* package. %{_libdir}/libopensc.so.* %{completionsdir}/* %changelog