Projects libksba

libksbaProject
ActivePublic
Watch Project

Members

This project does not have any members.
View All

Watchers (2)

Recent Activity
View All

Thu, Nov 16

werner closed T6822: Release Libksba 1.6.5 as Resolved.

Thu, Nov 16, 11:11 AM · libksba, Release Info

werner triaged T6822: Release Libksba 1.6.5 as Low priority.

Thu, Nov 16, 10:59 AM · libksba, Release Info

Nov 10 2023

werner moved T6545: Support CRL extension issuingDistributionPoint from WiP to Backlog on the gnupg22 board.

Nov 10 2023, 9:08 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

Oct 18 2023

aheinecke assigned T6545: Support CRL extension issuingDistributionPoint to werner.

Oct 18 2023, 2:44 PM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

Oct 13 2023

aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

And yes in gpgsm.conf both the extensions are also marked with ignore-cert-extension.

Oct 13 2023, 10:59 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

While remembering this I added to our standard.conf (and for testing first to my local conf):

Oct 13 2023, 10:48 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

Jun 22 2023

werner updated the task description for T6545: Support CRL extension issuingDistributionPoint.

Jun 22 2023, 11:59 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

werner renamed T6545: Support CRL extension issuingDistributionPoint from Support CRL exension issuingDistributionPoint to Support CRL extension issuingDistributionPoint.

Jun 22 2023, 11:44 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

werner added a comment to T6545: Support CRL extension issuingDistributionPoint.

We had one request to support this back in 2017 but it was closed because the respective CA stopped using this extension. See T2039.

Jun 22 2023, 11:44 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

Jun 19 2023

aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

rGb1ecc8353ae3 is just what I meant, so that we can recommend such an option in the future as a workaround until a new update becomes available which supports such an extension.

Jun 19 2023, 3:21 PM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

werner added a comment to T6545: Support CRL extension issuingDistributionPoint.

Nah, the description for that extension is pretty strict and I won't feel comfortable to just ignore it. BTW there is also T6398 (nameConstraints) which needs support. But for debugging a ignore extension makes sense.

Jun 19 2023, 2:10 PM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

For support reasons I would say that it might make sense to also ignore the extensions from "ignore-cert-extension" when checking CRLs?

Jun 19 2023, 1:54 PM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

werner triaged T6545: Support CRL extension issuingDistributionPoint as Normal priority.

Jun 19 2023, 12:59 PM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

werner closed T6543: Release Libksba 1.6.4 as Resolved.

Jun 19 2023, 11:47 AM · libksba, Release Info

werner triaged T6543: Release Libksba 1.6.4 as Normal priority.

Jun 19 2023, 11:24 AM · libksba, Release Info

Mar 2 2023

werner added a comment to T6398: Support X.509 nameConstraints.

(my example cert is 0x09BB0EEE)

Mar 2 2023, 3:08 PM · Restricted Project, Feature Request, libksba

werner triaged T6398: Support X.509 nameConstraints as Normal priority.

Mar 2 2023, 3:04 PM · Restricted Project, Feature Request, libksba

Dec 22 2022

werner added a project to T6284: Another integer overflow in Libksba: CVE.

This bug is CVE-2022-47629

Dec 22 2022, 10:48 AM · CVE, Bug Report, libksba

werner updated the task description for T6304: Release Libksba 1.6.3.

Dec 22 2022, 10:48 AM · Release Info, libksba

Dec 20 2022

werner closed T6284: Another integer overflow in Libksba as Resolved.

Dec 20 2022, 10:56 AM · CVE, Bug Report, libksba

werner closed T6304: Release Libksba 1.6.3 as Resolved.

Dec 20 2022, 10:51 AM · Release Info, libksba

werner changed the status of T6284: Another integer overflow in Libksba from Open to Testing.

Dec 20 2022, 10:50 AM · CVE, Bug Report, libksba

Dec 14 2022

werner updated the task description for T6284: Another integer overflow in Libksba.

Dec 14 2022, 12:09 PM · CVE, Bug Report, libksba

Dec 6 2022

werner closed T4013: Certificate requests generated from Ed25519 keys are not compliant with draft-ietf-curdle-pkix as Resolved.

I guess we can close this one.

Dec 6 2022, 2:25 PM · S/MIME, Feature Request, libksba

werner updated the task description for T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Dec 6 2022, 2:23 PM · CVE, Release Info, libksba

werner triaged T6304: Release Libksba 1.6.3 as Normal priority.

Dec 6 2022, 2:23 PM · Release Info, libksba

Nov 23 2022

werner added a comment to T6284: Another integer overflow in Libksba.

Here is the patch which will go into the next release

From f61a5ea4e0f6a80fd4b28ef0174bee77793cf070 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 22 Nov 2022 16:36:46 +0100
Subject: [PATCH] Fix an integer overflow in the CRL signature parser.

Nov 23 2022, 11:17 AM · CVE, Bug Report, libksba

Nov 22 2022

werner triaged T6284: Another integer overflow in Libksba as Unbreak Now! priority.

Nov 22 2022, 4:54 PM · CVE, Bug Report, libksba

Oct 18 2022

werner closed T6230: Release Libksba 1.6.2 (CVE-2022-3515) as Resolved.

Oct 18 2022, 7:52 AM · CVE, Release Info, libksba

Oct 17 2022

werner added a comment to T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Fixed Gpg4win version: https://lists.wald.intevation.org/pipermail/gpg4win-announce/2022/000098.html

Oct 17 2022, 3:03 PM · CVE, Release Info, libksba

werner set External Link to https://gnupg.org/blog/20221017-pepe-left-the-ksba.html on T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Oct 17 2022, 9:26 AM · CVE, Release Info, libksba

werner added a comment to T6230: Release Libksba 1.6.2 (CVE-2022-3515).

As usual see https://gnupg.org/download for links to the latest packages. For Gpg4win see https://gpg4win.org

Oct 17 2022, 9:25 AM · CVE, Release Info, libksba

werner reopened T6230: Release Libksba 1.6.2 (CVE-2022-3515) as "Open".

Oct 17 2022, 7:56 AM · CVE, Release Info, libksba

werner renamed T6230: Release Libksba 1.6.2 (CVE-2022-3515) from Release Libksba 1.6.2 to Release Libksba 1.6.2 (CVE-2022-3515).

Oct 17 2022, 7:56 AM · CVE, Release Info, libksba

werner updated the task description for T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Oct 17 2022, 7:46 AM · CVE, Release Info, libksba

Oct 11 2022

werner added a project to T6230: Release Libksba 1.6.2 (CVE-2022-3515): CVE.

Oct 11 2022, 10:43 AM · CVE, Release Info, libksba

gniibe closed T5892: t-cms-parser test program in libksba-1.6.0 needs to open files in binary mode for MS-Windows as Resolved.

Fixed in 1.6.1.

Oct 11 2022, 8:23 AM · libksba, Bug Report

gniibe closed T5579: libksba parallel build error (windows) as Resolved.

Fixed in 1.6.1.

Oct 11 2022, 8:21 AM · libksba, Bug Report

Oct 7 2022

werner closed T6230: Release Libksba 1.6.2 (CVE-2022-3515) as Resolved.

Oct 7 2022, 10:21 AM · CVE, Release Info, libksba

werner renamed T6210: Release LibKSBA 1.6.1 from Release Libksba 1.6.1 to Release LibKSBA 1.6.1.

Oct 7 2022, 10:05 AM · Release Info, libksba

werner created T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Oct 7 2022, 10:03 AM · CVE, Release Info, libksba

Sep 22 2022

werner removed a project from T5892: t-cms-parser test program in libksba-1.6.0 needs to open files in binary mode for MS-Windows: Restricted Project.

Sep 22 2022, 11:04 AM · libksba, Bug Report

werner removed a project from T5579: libksba parallel build error (windows): Restricted Project.

Sep 22 2022, 10:59 AM · libksba, Bug Report

werner removed a project from T4013: Certificate requests generated from Ed25519 keys are not compliant with draft-ietf-curdle-pkix: Restricted Project.

Sep 22 2022, 10:59 AM · S/MIME, Feature Request, libksba

Sep 18 2022

jpalus added a comment to T6210: Release LibKSBA 1.6.1.

Looks like libksba 1.6.1 is available for download at: https://gnupg.org/download/ , however tag is missing at: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=summary

Sep 18 2022, 11:17 AM · Release Info, libksba

Sep 16 2022

werner updated the task description for T5479: Release LibKSBA 1.6.0.

Sep 16 2022, 12:18 PM · Release Info, libksba

werner triaged T6210: Release LibKSBA 1.6.1 as Normal priority.

Sep 16 2022, 12:17 PM · Release Info, libksba

Jul 29 2022

aheinecke closed T4523: Gpg4win: Multiple problems reported 05-2019, a subtask of T4538: Support PSS signed CRLs, as Invalid.

Jul 29 2022, 3:15 PM · dirmngr, S/MIME, libksba

Jul 22 2022

SpriteOvO added a comment to T6078: File `config.guess` is a little out of date.

@gniibe Thanks!

Jul 22 2022, 6:41 PM · gpgme, pinentry, scute, ntbtls, libksba, libassuan, npth, libgcrypt, gpgrt, gnupg, Bug Report

gniibe closed T6078: File `config.guess` is a little out of date as Resolved.

In the repo, for all related software, it's done.

Jul 22 2022, 3:42 AM · gpgme, pinentry, scute, ntbtls, libksba, libassuan, npth, libgcrypt, gpgrt, gnupg, Bug Report