Projects libksba

libksbaProject
ActivePublic
Watch Project

Members

This project does not have any members.
View All

Watchers (2)

Recent Activity
View All

Wed, May 13

• werner renamed T8253: Release LibKSBA 1.8.0 from Release LibKSBA 1.7.1 to Release LibKSBA 1.8.0.

Wed, May 13, 12:04 PM · Release Info, libksba

• werner closed T7174: Release libksba 1.6.8 as Resolved.

Wed, May 13, 11:53 AM · Release Info, libksba

• werner renamed T4896: ksba: Ed25519 support for CMS from ksba: Ed25519 support to ksba: Ed25519 support for CMS.

Wed, May 13, 11:51 AM · Info Needed, libksba, Feature Request, S/MIME

Tue, May 12

• werner shifted T8246: ksba: Silent truncation of 64-bit length fields in > S-expression encoding from the Restricted Space space to the S1 Public space.

Tue, May 12, 9:27 AM · Bug Report, libksba, Security

Thu, May 7

• werner closed T8246: ksba: Silent truncation of 64-bit length fields in > S-expression encoding as Resolved.

Thu, May 7, 10:34 AM · Bug Report, libksba, Security

• werner updated the task description for T8121: Release LibKSBA 1.7.0.

Thu, May 7, 10:02 AM · libksba, Release Info

• werner triaged T8253: Release LibKSBA 1.8.0 as Low priority.

Thu, May 7, 10:01 AM · Release Info, libksba

• werner renamed T8121: Release LibKSBA 1.7.0 from Release LibKSBA 1.6.9 to Release LibKSBA 1.7.0.

Thu, May 7, 9:49 AM · libksba, Release Info

Tue, May 5

• werner added a comment to T8246: ksba: Silent truncation of 64-bit length fields in > S-expression encoding.

To be released with 1.7.0

Tue, May 5, 11:54 AM · Bug Report, libksba, Security

• werner closed T8247: Incorrect overflow guard condition in _ksba_ber_read_tl as Resolved.

Tue, May 5, 11:50 AM · libksba, Bug Report

• werner triaged T8246: ksba: Silent truncation of 64-bit length fields in > S-expression encoding as Normal priority.

For the two first cases (n->len) this is not a problem because len is an int. For the other cases it is better to use a reasonable upper limit to avoid excessive memory allocation.

Tue, May 5, 11:47 AM · Bug Report, libksba, Security

Mon, May 4

• werner created T8247: Incorrect overflow guard condition in _ksba_ber_read_tl.

Mon, May 4, 3:37 PM · libksba, Bug Report

• werner created T8246: ksba: Silent truncation of 64-bit length fields in > S-expression encoding.

Mon, May 4, 3:32 PM · Bug Report, libksba, Security

Mar 3 2026

• gniibe added a comment to T8032: libksba: Input validation for DER encoded INTEGER.

It seemed that the reporter (also) claimed that a git repo could be weak/vulnerable when X.509 signature (with a relevant curve key) is used to validate the commit.

Mar 3 2026, 1:51 AM · S/MIME, libksba, Bug Report

• gniibe added a comment to T8032: libksba: Input validation for DER encoded INTEGER.

For the record (to show we don't hide a problem), I add some information.

Mar 3 2026, 1:25 AM · S/MIME, libksba, Bug Report

Feb 23 2026

• werner closed T7624: libksba: __non_string for GCC 15 or later as Resolved.

Feb 23 2026, 2:51 PM · libksba, Bug Report

• werner closed T8111: Assertion failure in Libksba's ocsp.c as Resolved.

Feb 23 2026, 2:50 PM · Bug Report, libksba

• werner closed T8105: Memory leak in BER decoder tree expansion, a subtask of T8104: Heap oob read in libksba's parse_rdn, as Resolved.

Feb 23 2026, 2:49 PM · Bug Report, libksba

• werner closed T8105: Memory leak in BER decoder tree expansion as Resolved.

Feb 23 2026, 2:49 PM · Bug Report, libksba

• werner closed T8104: Heap oob read in libksba's parse_rdn as Resolved.

Feb 23 2026, 2:48 PM · Bug Report, libksba

• werner renamed T7174: Release libksba 1.6.8 from Release libksba 1.7.0 to Release libksba 1.6.8.

Feb 23 2026, 2:33 PM · Release Info, libksba

• werner triaged T8121: Release LibKSBA 1.7.0 as Low priority.

Feb 23 2026, 2:33 PM · libksba, Release Info

Feb 20 2026

• gniibe added a comment to T8105: Memory leak in BER decoder tree expansion.

Applied the change in: rK86c6e972421a: Fix a memory leak in _ksba_ber_decoder_decode.

Feb 20 2026, 1:12 AM · Bug Report, libksba

Feb 18 2026

• werner changed the status of T8111: Assertion failure in Libksba's ocsp.c from Open to Testing.

Feb 18 2026, 9:39 AM · Bug Report, libksba

• werner triaged T8111: Assertion failure in Libksba's ocsp.c as Normal priority.

Feb 18 2026, 8:39 AM · Bug Report, libksba

Feb 17 2026

• ikloecker added a comment to T8104: Heap oob read in libksba's parse_rdn.

Looks like this spot was missed when T5037: dn.cpp:181: suspicious loop was fixed. In libkleo's copy of the DN parser I applied the fix in 2023. Too many copies!

Feb 17 2026, 9:38 AM · Bug Report, libksba

Feb 16 2026

• gniibe added a comment to T8105: Memory leak in BER decoder tree expansion.

I found a possible leak and a possible access of freed memory.

Feb 16 2026, 6:11 AM · Bug Report, libksba

Feb 13 2026

• werner updated the task description for T8105: Memory leak in BER decoder tree expansion.

Feb 13 2026, 11:34 AM · Bug Report, libksba

• werner triaged T8105: Memory leak in BER decoder tree expansion as Normal priority.

Feb 13 2026, 11:34 AM · Bug Report, libksba

• werner triaged T8104: Heap oob read in libksba's parse_rdn as Normal priority.

Feb 13 2026, 11:32 AM · Bug Report, libksba

Jan 29 2026

timegrid removed a project from T6398: Support X.509 nameConstraints: Restricted Project.

Jan 29 2026, 3:50 PM · Feature Request, libksba

timegrid removed a project from T6545: Support CRL extension issuingDistributionPoint: Restricted Project.

Jan 29 2026, 3:23 PM · workaround, gnupg26, libksba, Feature Request

Jan 23 2026

timegrid removed a project from T6545: Support CRL extension issuingDistributionPoint: gnupg22.

Jan 23 2026, 11:49 AM · workaround, gnupg26, libksba, Feature Request

Jan 21 2026

• werner closed T8032: libksba: Input validation for DER encoded INTEGER as Wontfix.

Jan 21 2026, 10:39 AM · S/MIME, libksba, Bug Report

Jan 16 2026

• werner triaged T8032: libksba: Input validation for DER encoded INTEGER as Low priority.

See the gnupg-devel mailing list for more discussions. Subject: libgcrypt P256 signature malleability via weak DER enforcement"

Jan 16 2026, 11:01 AM · S/MIME, libksba, Bug Report

Jan 14 2026

• werner added a comment to T8032: libksba: Input validation for DER encoded INTEGER.

Some historic integer encoding glitches from Peter Gutmann's style guide:

Jan 14 2026, 10:08 AM · S/MIME, libksba, Bug Report

• gniibe added a project to T8032: libksba: Input validation for DER encoded INTEGER: S/MIME.

Jan 14 2026, 3:03 AM · S/MIME, libksba, Bug Report

• gniibe created T8032: libksba: Input validation for DER encoded INTEGER.

Jan 14 2026, 3:02 AM · S/MIME, libksba, Bug Report

May 20 2025

sachint added a comment to D610: Add support for IBM z/OS.

Please review the patch and feedback.

May 20 2025, 8:30 AM · libksba

sachint requested review of D610: Add support for IBM z/OS.

May 20 2025, 8:29 AM · libksba

May 13 2025

• werner closed T7171: Allow for empty Subject in X.509 as Resolved.

May 13 2025, 3:21 PM · libksba, Bug Report, gnupg, S/MIME

• werner closed T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN", a subtask of T7171: Allow for empty Subject in X.509, as Resolved.

May 13 2025, 3:00 PM · libksba, Bug Report, gnupg, S/MIME

• werner added a subtask for T7171: Allow for empty Subject in X.509: T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN".

May 13 2025, 2:58 PM · libksba, Bug Report, gnupg, S/MIME

Apr 23 2025

• gniibe changed the status of T7624: libksba: __non_string for GCC 15 or later from Open to Testing.

Apr 23 2025, 3:21 AM · libksba, Bug Report

• gniibe triaged T7624: libksba: __non_string for GCC 15 or later as Normal priority.

Apr 23 2025, 3:18 AM · libksba, Bug Report

Jan 17 2025

• werner added a comment to T4538: Support PSS signed CRLs.

Jan 17 2025, 4:23 PM · dirmngr, S/MIME, libksba

Jan 15 2025

• gniibe triaged T7486: libgcrypt: Remove WindowsCE support as Wishlist priority.

Jan 15 2025, 7:44 AM · libgcrypt

Dec 5 2024

• werner added a project to T6545: Support CRL extension issuingDistributionPoint: workaround.

A workaround exists with the new option --ignore-crl-extensions.

Dec 5 2024, 10:19 AM · workaround, gnupg26, libksba, Feature Request

Oct 29 2024

• werner edited projects for T6545: Support CRL extension issuingDistributionPoint, added: gnupg26; removed gnupg24.

Oct 29 2024, 1:31 PM · workaround, gnupg26, libksba, Feature Request

Jun 21 2024

• werner closed T7173: Release libksba 1.6.7 as Resolved.

Jun 21 2024, 2:20 PM · Release Info, libksba