Page MenuHome GnuPG
Projects libksba

libksbaProject
ActivePublic
Watch Project

Members

  • This project does not have any members.
  • View All

Watchers (2)

Recent Activity
View All

Mar 2 2023

werner added a comment to T6398: Support X.509 nameConstraints.

(my example cert is 0x09BB0EEE)

Mar 2 2023, 3:08 PM · Restricted Project, Feature Request, libksba
werner triaged T6398: Support X.509 nameConstraints as Normal priority.
Mar 2 2023, 3:04 PM · Restricted Project, Feature Request, libksba

Dec 22 2022

werner added a project to T6284: Another integer overflow in Libksba: CVE.

This bug is CVE-2022-47629

Dec 22 2022, 10:48 AM · CVE, Bug Report, libksba
werner updated the task description for T6304: Release Libksba 1.6.3.
Dec 22 2022, 10:48 AM · Release Info, libksba

Dec 20 2022

werner closed T6284: Another integer overflow in Libksba as Resolved.
Dec 20 2022, 10:56 AM · CVE, Bug Report, libksba
werner closed T6304: Release Libksba 1.6.3 as Resolved.
Dec 20 2022, 10:51 AM · Release Info, libksba
werner changed the status of T6284: Another integer overflow in Libksba from Open to Testing.
Dec 20 2022, 10:50 AM · CVE, Bug Report, libksba

Dec 14 2022

werner updated the task description for T6284: Another integer overflow in Libksba.
Dec 14 2022, 12:09 PM · CVE, Bug Report, libksba

Dec 6 2022

werner closed T4013: Certificate requests generated from Ed25519 keys are not compliant with draft-ietf-curdle-pkix as Resolved.

I guess we can close this one.

Dec 6 2022, 2:25 PM · S/MIME, Feature Request, libksba
werner updated the task description for T6230: Release Libksba 1.6.2 (CVE-2022-3515).
Dec 6 2022, 2:23 PM · CVE, Release Info, libksba
werner triaged T6304: Release Libksba 1.6.3 as Normal priority.
Dec 6 2022, 2:23 PM · Release Info, libksba

Nov 23 2022

werner added a comment to T6284: Another integer overflow in Libksba.

Here is the patch which will go into the next release

From f61a5ea4e0f6a80fd4b28ef0174bee77793cf070 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 22 Nov 2022 16:36:46 +0100
Subject: [PATCH] Fix an integer overflow in the CRL signature parser.
Nov 23 2022, 11:17 AM · CVE, Bug Report, libksba

Nov 22 2022

werner triaged T6284: Another integer overflow in Libksba as Unbreak Now! priority.
Nov 22 2022, 4:54 PM · CVE, Bug Report, libksba

Oct 18 2022

werner closed T6230: Release Libksba 1.6.2 (CVE-2022-3515) as Resolved.
Oct 18 2022, 7:52 AM · CVE, Release Info, libksba

Oct 17 2022

werner added a comment to T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Fixed Gpg4win version: https://lists.wald.intevation.org/pipermail/gpg4win-announce/2022/000098.html

Oct 17 2022, 3:03 PM · CVE, Release Info, libksba
werner set External Link to https://gnupg.org/blog/20221017-pepe-left-the-ksba.html on T6230: Release Libksba 1.6.2 (CVE-2022-3515).
Oct 17 2022, 9:26 AM · CVE, Release Info, libksba
werner added a comment to T6230: Release Libksba 1.6.2 (CVE-2022-3515).

As usual see https://gnupg.org/download for links to the latest packages. For Gpg4win see https://gpg4win.org

Oct 17 2022, 9:25 AM · CVE, Release Info, libksba
werner reopened T6230: Release Libksba 1.6.2 (CVE-2022-3515) as "Open".
Oct 17 2022, 7:56 AM · CVE, Release Info, libksba
werner renamed T6230: Release Libksba 1.6.2 (CVE-2022-3515) from Release Libksba 1.6.2 to Release Libksba 1.6.2 (CVE-2022-3515).
Oct 17 2022, 7:56 AM · CVE, Release Info, libksba
werner updated the task description for T6230: Release Libksba 1.6.2 (CVE-2022-3515).
Oct 17 2022, 7:46 AM · CVE, Release Info, libksba

Oct 11 2022

werner added a project to T6230: Release Libksba 1.6.2 (CVE-2022-3515): CVE.
Oct 11 2022, 10:43 AM · CVE, Release Info, libksba
gniibe closed T5892: t-cms-parser test program in libksba-1.6.0 needs to open files in binary mode for MS-Windows as Resolved.

Fixed in 1.6.1.

Oct 11 2022, 8:23 AM · libksba, Bug Report
gniibe closed T5579: libksba parallel build error (windows) as Resolved.

Fixed in 1.6.1.

Oct 11 2022, 8:21 AM · libksba, Bug Report

Oct 7 2022

werner closed T6230: Release Libksba 1.6.2 (CVE-2022-3515) as Resolved.
Oct 7 2022, 10:21 AM · CVE, Release Info, libksba
werner renamed T6210: Release LibKSBA 1.6.1 from Release Libksba 1.6.1 to Release LibKSBA 1.6.1.
Oct 7 2022, 10:05 AM · Release Info, libksba
werner created T6230: Release Libksba 1.6.2 (CVE-2022-3515).
Oct 7 2022, 10:03 AM · CVE, Release Info, libksba

Sep 22 2022

werner removed a project from T5892: t-cms-parser test program in libksba-1.6.0 needs to open files in binary mode for MS-Windows: Restricted Project.
Sep 22 2022, 11:04 AM · libksba, Bug Report
werner removed a project from T5579: libksba parallel build error (windows): Restricted Project.
Sep 22 2022, 10:59 AM · libksba, Bug Report
werner removed a project from T4013: Certificate requests generated from Ed25519 keys are not compliant with draft-ietf-curdle-pkix: Restricted Project.
Sep 22 2022, 10:59 AM · S/MIME, Feature Request, libksba

Sep 18 2022

jpalus added a comment to T6210: Release LibKSBA 1.6.1.

Looks like libksba 1.6.1 is available for download at: https://gnupg.org/download/ , however tag is missing at: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=summary

Sep 18 2022, 11:17 AM · Release Info, libksba

Sep 16 2022

werner updated the task description for T5479: Release LibKSBA 1.6.0.
Sep 16 2022, 12:18 PM · Release Info, libksba
werner triaged T6210: Release LibKSBA 1.6.1 as Normal priority.
Sep 16 2022, 12:17 PM · Release Info, libksba

Jul 29 2022

aheinecke closed T4523: Gpg4win: Multiple problems reported 05-2019, a subtask of T4538: Support PSS signed CRLs, as Invalid.
Jul 29 2022, 3:15 PM · dirmngr, S/MIME, libksba

Jul 22 2022

SpriteOvO added a comment to T6078: File `config.guess` is a little out of date.

@gniibe Thanks!

Jul 22 2022, 6:41 PM · gpgme, pinentry, scute, ntbtls, libksba, libassuan, npth, libgcrypt, gpgrt, gnupg, Bug Report
gniibe closed T6078: File `config.guess` is a little out of date as Resolved.

In the repo, for all related software, it's done.

Jul 22 2022, 3:42 AM · gpgme, pinentry, scute, ntbtls, libksba, libassuan, npth, libgcrypt, gpgrt, gnupg, Bug Report
gniibe added a comment to T6078: File `config.guess` is a little out of date.

Note that versions since 2020-11-07 to 2021-07-03 have major problem with non-POSIX shell, which doesn't support $(..) construct.

Jul 22 2022, 3:40 AM · gpgme, pinentry, scute, ntbtls, libksba, libassuan, npth, libgcrypt, gpgrt, gnupg, Bug Report

Jul 18 2022

gniibe triaged T6078: File `config.guess` is a little out of date as Normal priority.

Thank you.

Jul 18 2022, 10:56 AM · gpgme, pinentry, scute, ntbtls, libksba, libassuan, npth, libgcrypt, gpgrt, gnupg, Bug Report

May 27 2022

sergi added a watcher for libksba: sergi.
May 27 2022, 10:09 PM

May 16 2022

gniibe removed a project from T5616: asn1-parse.y:861:20: error: 'yytoknum' undeclared: Restricted Project.
May 16 2022, 8:23 AM · toolchain, libksba, Bug Report

May 13 2022

werner closed T5616: asn1-parse.y:861:20: error: 'yytoknum' undeclared as Resolved.
May 13 2022, 3:48 PM · toolchain, libksba, Bug Report

Mar 25 2022

gniibe added a project to T5892: t-cms-parser test program in libksba-1.6.0 needs to open files in binary mode for MS-Windows: Restricted Project.
Mar 25 2022, 6:17 AM · libksba, Bug Report

Mar 22 2022

gniibe triaged T5892: t-cms-parser test program in libksba-1.6.0 needs to open files in binary mode for MS-Windows as Normal priority.
Mar 22 2022, 3:22 AM · libksba, Bug Report
gniibe changed the status of T5892: t-cms-parser test program in libksba-1.6.0 needs to open files in binary mode for MS-Windows from Open to Testing.

Thank you. Confirmed and applied.

Mar 22 2022, 3:21 AM · libksba, Bug Report

Dec 8 2021

gniibe added a project to T5579: libksba parallel build error (windows): Restricted Project.
Dec 8 2021, 9:07 AM · libksba, Bug Report

Nov 10 2021

gniibe added a project to T5610: macOS 11 or newer support: Update libtool: gpgme.

Also applied to gpgme.

Nov 10 2021, 3:07 AM · gpgme, MacOS, ntbtls, npth, libksba, libassuan, libgcrypt, gpgrt
gniibe added a comment to T5610: macOS 11 or newer support: Update libtool.

Since there is no problem with libgpg-error 1.43, I applied it to other libraries: npth, libassuan, libksba, and ntbtls.

Nov 10 2021, 3:04 AM · gpgme, MacOS, ntbtls, npth, libksba, libassuan, libgcrypt, gpgrt

Nov 3 2021

werner closed T5610: macOS 11 or newer support: Update libtool as Resolved.
Nov 3 2021, 3:16 PM · gpgme, MacOS, ntbtls, npth, libksba, libassuan, libgcrypt, gpgrt

Oct 13 2021

gniibe added a project to T5616: asn1-parse.y:861:20: error: 'yytoknum' undeclared: Restricted Project.
Oct 13 2021, 10:03 AM · toolchain, libksba, Bug Report

Oct 12 2021

werner added a comment to T5616: asn1-parse.y:861:20: error: 'yytoknum' undeclared.

Bison used to be the de-facto standard yacc ;-)

Oct 12 2021, 2:33 PM · toolchain, libksba, Bug Report
gniibe claimed T5616: asn1-parse.y:861:20: error: 'yytoknum' undeclared.

I think that a simple way is defining a table (string -> token) by ourselves in yylex, not enabling %token-table.
(Then, we don't need to depend on the feature of string with %token, which is not supported by POSIX yacc.)

Oct 12 2021, 9:50 AM · toolchain, libksba, Bug Report