Projects libksba

libksbaProject
ActivePublic
Watch Project

Members

This project does not have any members.
View All

Watchers (2)

Recent Activity
View All

Feb 29 2024

• werner triaged T7023: Support SYSROOT in all Gupg related libraries as Normal priority.

Feb 29 2024, 4:27 PM · Feature Request, Cross-Compiler, gpgrt, libassuan, libksba

• gniibe closed T6992: Fix possible uninitialized err variable in libskba der builder as Resolved.

Fixed in libksba 1.6.6.

Feb 29 2024, 2:08 AM · libksba, Bug Report

Feb 23 2024

• werner triaged T7009: Release Libksba 1.6.6 as Normal priority.

Feb 23 2024, 9:57 AM · Release Info, libksba

Feb 14 2024

• werner added a comment to T6992: Fix possible uninitialized err variable in libskba der builder.

@Jakuje, you are right. This is a plain error and we should do a new release to avoid false errors.

Feb 14 2024, 8:54 AM · libksba, Bug Report

• gniibe added a comment to T6992: Fix possible uninitialized err variable in libskba der builder.

Thank you, applied.

Feb 14 2024, 1:19 AM · libksba, Bug Report

• gniibe changed the status of T6992: Fix possible uninitialized err variable in libskba der builder from Open to Testing.

Feb 14 2024, 1:19 AM · libksba, Bug Report

Feb 13 2024

• gniibe claimed T6992: Fix possible uninitialized err variable in libskba der builder.

Feb 13 2024, 9:05 AM · libksba, Bug Report

Feb 12 2024

Jakuje created T6992: Fix possible uninitialized err variable in libskba der builder.

Feb 12 2024, 10:08 AM · libksba, Bug Report

Nov 16 2023

• werner closed T6822: Release Libksba 1.6.5 as Resolved.

Nov 16 2023, 11:11 AM · libksba, Release Info

• werner triaged T6822: Release Libksba 1.6.5 as Low priority.

Nov 16 2023, 10:59 AM · libksba, Release Info

Nov 10 2023

• werner moved T6545: Support CRL extension issuingDistributionPoint from WiP to Backlog on the gnupg22 board.

Nov 10 2023, 9:08 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

Oct 18 2023

aheinecke assigned T6545: Support CRL extension issuingDistributionPoint to • werner.

Oct 18 2023, 2:44 PM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

Oct 13 2023

aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

And yes in gpgsm.conf both the extensions are also marked with ignore-cert-extension.

Oct 13 2023, 10:59 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

While remembering this I added to our standard.conf (and for testing first to my local conf):

Oct 13 2023, 10:48 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

Jun 22 2023

• werner updated the task description for T6545: Support CRL extension issuingDistributionPoint.

Jun 22 2023, 11:59 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

• werner renamed T6545: Support CRL extension issuingDistributionPoint from Support CRL exension issuingDistributionPoint to Support CRL extension issuingDistributionPoint.

Jun 22 2023, 11:44 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

• werner added a comment to T6545: Support CRL extension issuingDistributionPoint.

We had one request to support this back in 2017 but it was closed because the respective CA stopped using this extension. See T2039.

Jun 22 2023, 11:44 AM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

Jun 19 2023

aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

rGb1ecc8353ae3 is just what I meant, so that we can recommend such an option in the future as a workaround until a new update becomes available which supports such an extension.

Jun 19 2023, 3:21 PM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

• werner added a comment to T6545: Support CRL extension issuingDistributionPoint.

Nah, the description for that extension is pretty strict and I won't feel comfortable to just ignore it. BTW there is also T6398 (nameConstraints) which needs support. But for debugging a ignore extension makes sense.

Jun 19 2023, 2:10 PM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

aheinecke added a comment to T6545: Support CRL extension issuingDistributionPoint.

For support reasons I would say that it might make sense to also ignore the extensions from "ignore-cert-extension" when checking CRLs?

Jun 19 2023, 1:54 PM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

• werner triaged T6545: Support CRL extension issuingDistributionPoint as Normal priority.

Jun 19 2023, 12:59 PM · Restricted Project, libksba, gnupg24, gnupg22, Feature Request

• werner closed T6543: Release Libksba 1.6.4 as Resolved.

Jun 19 2023, 11:47 AM · libksba, Release Info

• werner triaged T6543: Release Libksba 1.6.4 as Normal priority.

Jun 19 2023, 11:24 AM · libksba, Release Info

Mar 2 2023

• werner added a comment to T6398: Support X.509 nameConstraints.

(my example cert is 0x09BB0EEE)

Mar 2 2023, 3:08 PM · Restricted Project, Feature Request, libksba

• werner triaged T6398: Support X.509 nameConstraints as Normal priority.

Mar 2 2023, 3:04 PM · Restricted Project, Feature Request, libksba

Dec 22 2022

• werner added a project to T6284: Another integer overflow in Libksba: CVE.

This bug is CVE-2022-47629

Dec 22 2022, 10:48 AM · CVE, Bug Report, libksba

• werner updated the task description for T6304: Release Libksba 1.6.3.

Dec 22 2022, 10:48 AM · Release Info, libksba

Dec 20 2022

• werner closed T6284: Another integer overflow in Libksba as Resolved.

Dec 20 2022, 10:56 AM · CVE, Bug Report, libksba

• werner closed T6304: Release Libksba 1.6.3 as Resolved.

Dec 20 2022, 10:51 AM · Release Info, libksba

• werner changed the status of T6284: Another integer overflow in Libksba from Open to Testing.

Dec 20 2022, 10:50 AM · CVE, Bug Report, libksba

Dec 14 2022

• werner updated the task description for T6284: Another integer overflow in Libksba.

Dec 14 2022, 12:09 PM · CVE, Bug Report, libksba

Dec 6 2022

• werner closed T4013: Certificate requests generated from Ed25519 keys are not compliant with draft-ietf-curdle-pkix as Resolved.

I guess we can close this one.

Dec 6 2022, 2:25 PM · S/MIME, Feature Request, libksba

• werner updated the task description for T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Dec 6 2022, 2:23 PM · CVE, Release Info, libksba

• werner triaged T6304: Release Libksba 1.6.3 as Normal priority.

Dec 6 2022, 2:23 PM · Release Info, libksba

Nov 23 2022

• werner added a comment to T6284: Another integer overflow in Libksba.

Here is the patch which will go into the next release

From f61a5ea4e0f6a80fd4b28ef0174bee77793cf070 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 22 Nov 2022 16:36:46 +0100
Subject: [PATCH] Fix an integer overflow in the CRL signature parser.

Nov 23 2022, 11:17 AM · CVE, Bug Report, libksba

Nov 22 2022

• werner triaged T6284: Another integer overflow in Libksba as Unbreak Now! priority.

Nov 22 2022, 4:54 PM · CVE, Bug Report, libksba

Oct 18 2022

• werner closed T6230: Release Libksba 1.6.2 (CVE-2022-3515) as Resolved.

Oct 18 2022, 7:52 AM · CVE, Release Info, libksba

Oct 17 2022

• werner added a comment to T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Fixed Gpg4win version: https://lists.wald.intevation.org/pipermail/gpg4win-announce/2022/000098.html

Oct 17 2022, 3:03 PM · CVE, Release Info, libksba

• werner set External Link to https://gnupg.org/blog/20221017-pepe-left-the-ksba.html on T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Oct 17 2022, 9:26 AM · CVE, Release Info, libksba

• werner added a comment to T6230: Release Libksba 1.6.2 (CVE-2022-3515).

As usual see https://gnupg.org/download for links to the latest packages. For Gpg4win see https://gpg4win.org

Oct 17 2022, 9:25 AM · CVE, Release Info, libksba

• werner reopened T6230: Release Libksba 1.6.2 (CVE-2022-3515) as "Open".

Oct 17 2022, 7:56 AM · CVE, Release Info, libksba

• werner renamed T6230: Release Libksba 1.6.2 (CVE-2022-3515) from Release Libksba 1.6.2 to Release Libksba 1.6.2 (CVE-2022-3515).

Oct 17 2022, 7:56 AM · CVE, Release Info, libksba

• werner updated the task description for T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Oct 17 2022, 7:46 AM · CVE, Release Info, libksba

Oct 11 2022

• werner added a project to T6230: Release Libksba 1.6.2 (CVE-2022-3515): CVE.

Oct 11 2022, 10:43 AM · CVE, Release Info, libksba

• gniibe closed T5892: t-cms-parser test program in libksba-1.6.0 needs to open files in binary mode for MS-Windows as Resolved.

Fixed in 1.6.1.

Oct 11 2022, 8:23 AM · libksba, Bug Report

• gniibe closed T5579: libksba parallel build error (windows) as Resolved.

Fixed in 1.6.1.

Oct 11 2022, 8:21 AM · libksba, Bug Report

Oct 7 2022

• werner closed T6230: Release Libksba 1.6.2 (CVE-2022-3515) as Resolved.

Oct 7 2022, 10:21 AM · CVE, Release Info, libksba

• werner renamed T6210: Release LibKSBA 1.6.1 from Release Libksba 1.6.1 to Release LibKSBA 1.6.1.

Oct 7 2022, 10:05 AM · Release Info, libksba

• werner created T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Oct 7 2022, 10:03 AM · CVE, Release Info, libksba

Sep 22 2022

• werner removed a project from T5892: t-cms-parser test program in libksba-1.6.0 needs to open files in binary mode for MS-Windows: Restricted Project.

Sep 22 2022, 11:04 AM · libksba, Bug Report