Projects libksba

libksbaProject
ActivePublic
Watch Project

Members

This project does not have any members.
View All

Watchers (2)

Recent Activity
View All

Tue, Mar 3

• gniibe added a comment to T8032: libksba: Input validation for DER encoded INTEGER.

It seemed that the reporter (also) claimed that a git repo could be weak/vulnerable when X.509 signature is used to validate the commits.

Tue, Mar 3, 1:51 AM · S/MIME, libksba, Bug Report

• gniibe added a comment to T8032: libksba: Input validation for DER encoded INTEGER.

For the record (to show we don't hide a problem), I add some information.

Tue, Mar 3, 1:25 AM · S/MIME, libksba, Bug Report

Mon, Feb 23

• werner closed T7624: libksba: __non_string for GCC 15 or later as Resolved.

Mon, Feb 23, 2:51 PM · libksba, Bug Report

• werner closed T8111: Assertion failure in Libksba's ocsp.c as Resolved.

Mon, Feb 23, 2:50 PM · Bug Report, libksba

• werner closed T8105: Memory leak in BER decoder tree expansion, a subtask of T8104: Heap oob read in libksba's parse_rdn, as Resolved.

Mon, Feb 23, 2:49 PM · Bug Report, libksba

• werner closed T8105: Memory leak in BER decoder tree expansion as Resolved.

Mon, Feb 23, 2:49 PM · Bug Report, libksba

• werner closed T8104: Heap oob read in libksba's parse_rdn as Resolved.

Mon, Feb 23, 2:48 PM · Bug Report, libksba

• werner renamed T7174: Release libksba 1.6.8 from Release libksba 1.7.0 to Release libksba 1.6.8.

Mon, Feb 23, 2:33 PM · Release Info, libksba

• werner triaged T8121: Release LibKSBA 1.6.9 as Low priority.

Mon, Feb 23, 2:33 PM · libksba, Release Info

Fri, Feb 20

• gniibe added a comment to T8105: Memory leak in BER decoder tree expansion.

Applied the change in: rK86c6e972421a: Fix a memory leak in _ksba_ber_decoder_decode.

Fri, Feb 20, 1:12 AM · Bug Report, libksba

Wed, Feb 18

• werner changed the status of T8111: Assertion failure in Libksba's ocsp.c from Open to Testing.

Wed, Feb 18, 9:39 AM · Bug Report, libksba

• werner triaged T8111: Assertion failure in Libksba's ocsp.c as Normal priority.

Wed, Feb 18, 8:39 AM · Bug Report, libksba

Tue, Feb 17

• ikloecker added a comment to T8104: Heap oob read in libksba's parse_rdn.

Looks like this spot was missed when T5037: dn.cpp:181: suspicious loop was fixed. In libkleo's copy of the DN parser I applied the fix in 2023. Too many copies!

Tue, Feb 17, 9:38 AM · Bug Report, libksba

Mon, Feb 16

• gniibe added a comment to T8105: Memory leak in BER decoder tree expansion.

I found a possible leak and a possible access of freed memory.

Mon, Feb 16, 6:11 AM · Bug Report, libksba

Fri, Feb 13

• werner updated the task description for T8105: Memory leak in BER decoder tree expansion.

Fri, Feb 13, 11:34 AM · Bug Report, libksba

• werner triaged T8105: Memory leak in BER decoder tree expansion as Normal priority.

Fri, Feb 13, 11:34 AM · Bug Report, libksba

• werner triaged T8104: Heap oob read in libksba's parse_rdn as Normal priority.

Fri, Feb 13, 11:32 AM · Bug Report, libksba

Jan 29 2026

timegrid removed a project from T6398: Support X.509 nameConstraints: Restricted Project.

Jan 29 2026, 3:50 PM · Feature Request, libksba

timegrid removed a project from T6545: Support CRL extension issuingDistributionPoint: Restricted Project.

Jan 29 2026, 3:23 PM · workaround, gnupg26, libksba, Feature Request

Jan 23 2026

timegrid removed a project from T6545: Support CRL extension issuingDistributionPoint: gnupg22.

Jan 23 2026, 11:49 AM · workaround, gnupg26, libksba, Feature Request

Jan 21 2026

• werner closed T8032: libksba: Input validation for DER encoded INTEGER as Wontfix.

Jan 21 2026, 10:39 AM · S/MIME, libksba, Bug Report

Jan 16 2026

• werner triaged T8032: libksba: Input validation for DER encoded INTEGER as Low priority.

See the gnupg-devel mailing list for more discussions. Subject: libgcrypt P256 signature malleability via weak DER enforcement"

Jan 16 2026, 11:01 AM · S/MIME, libksba, Bug Report

Jan 14 2026

• werner added a comment to T8032: libksba: Input validation for DER encoded INTEGER.

Some historic integer encoding glitches from Peter Gutmann's style guide:

Jan 14 2026, 10:08 AM · S/MIME, libksba, Bug Report

• gniibe added a project to T8032: libksba: Input validation for DER encoded INTEGER: S/MIME.

Jan 14 2026, 3:03 AM · S/MIME, libksba, Bug Report

• gniibe created T8032: libksba: Input validation for DER encoded INTEGER.

Jan 14 2026, 3:02 AM · S/MIME, libksba, Bug Report

May 20 2025

sachint added a comment to D610: Add support for IBM z/OS.

Please review the patch and feedback.

May 20 2025, 8:30 AM · libksba

sachint requested review of D610: Add support for IBM z/OS.

May 20 2025, 8:29 AM · libksba

May 13 2025

• werner closed T7171: Allow for empty Subject in X.509 as Resolved.

May 13 2025, 3:21 PM · libksba, Bug Report, gnupg, S/MIME

• werner closed T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN", a subtask of T7171: Allow for empty Subject in X.509, as Resolved.

May 13 2025, 3:00 PM · libksba, Bug Report, gnupg, S/MIME

• werner added a subtask for T7171: Allow for empty Subject in X.509: T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN".

May 13 2025, 2:58 PM · libksba, Bug Report, gnupg, S/MIME

Apr 23 2025

• gniibe changed the status of T7624: libksba: __non_string for GCC 15 or later from Open to Testing.

Apr 23 2025, 3:21 AM · libksba, Bug Report

• gniibe triaged T7624: libksba: __non_string for GCC 15 or later as Normal priority.

Apr 23 2025, 3:18 AM · libksba, Bug Report

Jan 17 2025

• werner added a comment to T4538: Support PSS signed CRLs.

Jan 17 2025, 4:23 PM · dirmngr, S/MIME, libksba

Jan 15 2025

• gniibe triaged T7486: libgcrypt: Remove WindowsCE support as Wishlist priority.

Jan 15 2025, 7:44 AM · libgcrypt

Dec 5 2024

• werner added a project to T6545: Support CRL extension issuingDistributionPoint: workaround.

A workaround exists with the new option --ignore-crl-extensions.

Dec 5 2024, 10:19 AM · workaround, gnupg26, libksba, Feature Request

Oct 29 2024

• werner edited projects for T6545: Support CRL extension issuingDistributionPoint, added: gnupg26; removed gnupg24.

Oct 29 2024, 1:31 PM · workaround, gnupg26, libksba, Feature Request

Jun 21 2024

• werner closed T7173: Release libksba 1.6.7 as Resolved.

Jun 21 2024, 2:20 PM · Release Info, libksba

• werner updated the task description for T7173: Release libksba 1.6.7.

Jun 21 2024, 2:12 PM · Release Info, libksba

• werner triaged T7174: Release libksba 1.6.8 as Low priority.

Jun 21 2024, 2:11 PM · Release Info, libksba

• werner closed T7009: Release Libksba 1.6.6 as Resolved.

Jun 21 2024, 2:11 PM · Release Info, libksba

• werner triaged T7173: Release libksba 1.6.7 as Normal priority.

Jun 21 2024, 2:09 PM · Release Info, libksba

• werner added a comment to T7023: Support SYSROOT in all Gupg related libraries.

Now also done for libksba.

Jun 21 2024, 2:07 PM · Feature Request, Cross-Compiler, gpgrt, libassuan, libksba

Jun 20 2024

• werner renamed T7171: Allow for empty Subject in X.509 from Allow for empty Subject in X.508 to Allow for empty Subject in X.509.

Jun 20 2024, 3:27 PM · libksba, Bug Report, gnupg, S/MIME

• werner triaged T7171: Allow for empty Subject in X.509 as Normal priority.

Jun 20 2024, 3:12 PM · libksba, Bug Report, gnupg, S/MIME

Feb 29 2024

• werner triaged T7023: Support SYSROOT in all Gupg related libraries as Normal priority.

Feb 29 2024, 4:27 PM · Feature Request, Cross-Compiler, gpgrt, libassuan, libksba

• gniibe closed T6992: Fix possible uninitialized err variable in libskba der builder as Resolved.

Fixed in libksba 1.6.6.

Feb 29 2024, 2:08 AM · libksba, Bug Report

Feb 23 2024

• werner triaged T7009: Release Libksba 1.6.6 as Normal priority.

Feb 23 2024, 9:57 AM · Release Info, libksba

Feb 14 2024

• werner added a comment to T6992: Fix possible uninitialized err variable in libskba der builder.

@Jakuje, you are right. This is a plain error and we should do a new release to avoid false errors.

Feb 14 2024, 8:54 AM · libksba, Bug Report

• gniibe added a comment to T6992: Fix possible uninitialized err variable in libskba der builder.

Thank you, applied.

Feb 14 2024, 1:19 AM · libksba, Bug Report

• gniibe changed the status of T6992: Fix possible uninitialized err variable in libskba der builder from Open to Testing.

Feb 14 2024, 1:19 AM · libksba, Bug Report