Projects libksba

libksbaProject
ActivePublic
Watch Project

Members

This project does not have any members.
View All

Watchers (2)

Recent Activity
View All

Wed, Apr 23

• gniibe changed the status of T7624: libksba: __non_string for GCC 15 or later from Open to Testing.

Wed, Apr 23, 3:21 AM · libksba, Bug Report

• gniibe triaged T7624: libksba: __non_string for GCC 15 or later as Normal priority.

Wed, Apr 23, 3:18 AM · libksba, Bug Report

Jan 17 2025

• werner added a comment to T4538: Support PSS signed CRLs.

Jan 17 2025, 4:23 PM · dirmngr, S/MIME, libksba

Jan 15 2025

• gniibe triaged T7486: libgcrypt: Remove WindowsCE support as Wishlist priority.

Jan 15 2025, 7:44 AM · libgcrypt

Dec 5 2024

• werner added a project to T6545: Support CRL extension issuingDistributionPoint: workaround.

A workaround exists with the new option --ignore-crl-extensions.

Dec 5 2024, 10:19 AM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

Oct 29 2024

• werner edited projects for T6545: Support CRL extension issuingDistributionPoint, added: gnupg26; removed gnupg24.

Oct 29 2024, 1:31 PM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

Jun 21 2024

• werner closed T7173: Release libksba 1.6.7 as Resolved.

Jun 21 2024, 2:20 PM · Release Info, libksba

• werner updated the task description for T7173: Release libksba 1.6.7.

Jun 21 2024, 2:12 PM · Release Info, libksba

• werner triaged T7174: Release libksba 1.7.0 as Low priority.

Jun 21 2024, 2:11 PM · Release Info, libksba

• werner closed T7009: Release Libksba 1.6.6 as Resolved.

Jun 21 2024, 2:11 PM · Release Info, libksba

• werner triaged T7173: Release libksba 1.6.7 as Normal priority.

Jun 21 2024, 2:09 PM · Release Info, libksba

• werner added a comment to T7023: Support SYSROOT in all Gupg related libraries.

Now also done for libksba.

Jun 21 2024, 2:07 PM · Feature Request, Cross-Compiler, gpgrt, libassuan, libksba

Jun 20 2024

• werner renamed T7171: Allow for empty Subject in X.509 from Allow for empty Subject in X.508 to Allow for empty Subject in X.509.

Jun 20 2024, 3:27 PM · libksba, Bug Report, gnupg, S/MIME

• werner triaged T7171: Allow for empty Subject in X.509 as Normal priority.

Jun 20 2024, 3:12 PM · libksba, Bug Report, gnupg, S/MIME

Feb 29 2024

• werner triaged T7023: Support SYSROOT in all Gupg related libraries as Normal priority.

Feb 29 2024, 4:27 PM · Feature Request, Cross-Compiler, gpgrt, libassuan, libksba

• gniibe closed T6992: Fix possible uninitialized err variable in libskba der builder as Resolved.

Fixed in libksba 1.6.6.

Feb 29 2024, 2:08 AM · libksba, Bug Report

Feb 23 2024

• werner triaged T7009: Release Libksba 1.6.6 as Normal priority.

Feb 23 2024, 9:57 AM · Release Info, libksba

Feb 14 2024

• werner added a comment to T6992: Fix possible uninitialized err variable in libskba der builder.

@Jakuje, you are right. This is a plain error and we should do a new release to avoid false errors.

Feb 14 2024, 8:54 AM · libksba, Bug Report

• gniibe added a comment to T6992: Fix possible uninitialized err variable in libskba der builder.

Thank you, applied.

Feb 14 2024, 1:19 AM · libksba, Bug Report

• gniibe changed the status of T6992: Fix possible uninitialized err variable in libskba der builder from Open to Testing.

Feb 14 2024, 1:19 AM · libksba, Bug Report

Feb 13 2024

• gniibe claimed T6992: Fix possible uninitialized err variable in libskba der builder.

Feb 13 2024, 9:05 AM · libksba, Bug Report

Feb 12 2024

Jakuje created T6992: Fix possible uninitialized err variable in libskba der builder.

Feb 12 2024, 10:08 AM · libksba, Bug Report

Nov 16 2023

• werner closed T6822: Release Libksba 1.6.5 as Resolved.

Nov 16 2023, 11:11 AM · libksba, Release Info

• werner triaged T6822: Release Libksba 1.6.5 as Low priority.

Nov 16 2023, 10:59 AM · libksba, Release Info

Nov 10 2023

• werner moved T6545: Support CRL extension issuingDistributionPoint from WiP to Backlog on the gnupg22 board.

Nov 10 2023, 9:08 AM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

Oct 18 2023

• aheinecke assigned T6545: Support CRL extension issuingDistributionPoint to • werner.

Oct 18 2023, 2:44 PM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

Oct 13 2023

• aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

And yes in gpgsm.conf both the extensions are also marked with ignore-cert-extension.

Oct 13 2023, 10:59 AM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

• aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

While remembering this I added to our standard.conf (and for testing first to my local conf):

Oct 13 2023, 10:48 AM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

Jun 22 2023

• werner updated the task description for T6545: Support CRL extension issuingDistributionPoint.

Jun 22 2023, 11:59 AM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

• werner renamed T6545: Support CRL extension issuingDistributionPoint from Support CRL exension issuingDistributionPoint to Support CRL extension issuingDistributionPoint.

Jun 22 2023, 11:44 AM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

• werner added a comment to T6545: Support CRL extension issuingDistributionPoint.

We had one request to support this back in 2017 but it was closed because the respective CA stopped using this extension. See T2039.

Jun 22 2023, 11:44 AM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

Jun 19 2023

• aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

rGb1ecc8353ae3 is just what I meant, so that we can recommend such an option in the future as a workaround until a new update becomes available which supports such an extension.

Jun 19 2023, 3:21 PM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

• werner added a comment to T6545: Support CRL extension issuingDistributionPoint.

Nah, the description for that extension is pretty strict and I won't feel comfortable to just ignore it. BTW there is also T6398 (nameConstraints) which needs support. But for debugging a ignore extension makes sense.

Jun 19 2023, 2:10 PM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

• aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

For support reasons I would say that it might make sense to also ignore the extensions from "ignore-cert-extension" when checking CRLs?

Jun 19 2023, 1:54 PM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

• werner triaged T6545: Support CRL extension issuingDistributionPoint as Normal priority.

Jun 19 2023, 12:59 PM · workaround, gnupg26, Restricted Project, libksba, gnupg22, Feature Request

• werner closed T6543: Release Libksba 1.6.4 as Resolved.

Jun 19 2023, 11:47 AM · libksba, Release Info

• werner triaged T6543: Release Libksba 1.6.4 as Normal priority.

Jun 19 2023, 11:24 AM · libksba, Release Info

Mar 2 2023

• werner added a comment to T6398: Support X.509 nameConstraints.

(my example cert is 0x09BB0EEE)

Mar 2 2023, 3:08 PM · Restricted Project, Feature Request, libksba

• werner triaged T6398: Support X.509 nameConstraints as Normal priority.

Mar 2 2023, 3:04 PM · Restricted Project, Feature Request, libksba

Dec 22 2022

• werner added a project to T6284: Another integer overflow in Libksba: CVE.

This bug is CVE-2022-47629

Dec 22 2022, 10:48 AM · CVE, Bug Report, libksba

• werner updated the task description for T6304: Release Libksba 1.6.3.

Dec 22 2022, 10:48 AM · Release Info, libksba

Dec 20 2022

• werner closed T6284: Another integer overflow in Libksba as Resolved.

Dec 20 2022, 10:56 AM · CVE, Bug Report, libksba

• werner closed T6304: Release Libksba 1.6.3 as Resolved.

Dec 20 2022, 10:51 AM · Release Info, libksba

• werner changed the status of T6284: Another integer overflow in Libksba from Open to Testing.

Dec 20 2022, 10:50 AM · CVE, Bug Report, libksba

Dec 14 2022

• werner updated the task description for T6284: Another integer overflow in Libksba.

Dec 14 2022, 12:09 PM · CVE, Bug Report, libksba

Dec 6 2022

• werner closed T4013: Certificate requests generated from Ed25519 keys are not compliant with draft-ietf-curdle-pkix as Resolved.

I guess we can close this one.

Dec 6 2022, 2:25 PM · S/MIME, Feature Request, libksba

• werner updated the task description for T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Dec 6 2022, 2:23 PM · CVE, Release Info, libksba

• werner triaged T6304: Release Libksba 1.6.3 as Normal priority.

Dec 6 2022, 2:23 PM · Release Info, libksba

Nov 23 2022

• werner added a comment to T6284: Another integer overflow in Libksba.

Here is the patch which will go into the next release

From f61a5ea4e0f6a80fd4b28ef0174bee77793cf070 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 22 Nov 2022 16:36:46 +0100
Subject: [PATCH] Fix an integer overflow in the CRL signature parser.

Nov 23 2022, 11:17 AM · CVE, Bug Report, libksba

Nov 22 2022

• werner triaged T6284: Another integer overflow in Libksba as Unbreak Now! priority.

Nov 22 2022, 4:54 PM · CVE, Bug Report, libksba