Hello community, here is the log from the commit of package libtasn1 for openSUSE:Factory checked in at 2015-04-02 16:01:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libtasn1 (Old) and /work/SRC/openSUSE:Factory/.libtasn1.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libtasn1" Changes: -------- --- /work/SRC/openSUSE:Factory/libtasn1/libtasn1.changes 2015-03-25 09:55:27.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libtasn1.new/libtasn1.changes 2015-04-02 16:01:41.000000000 +0200 @@ -1,0 +2,6 @@ +Sun Mar 29 17:27:11 UTC 2015 - astieger@suse.com + +- update to libtasn1 4.4 [bsc#924828]: + * Corrected a two-byte stack overflow in asn1_der_decoding. + +------------------------------------------------------------------- Old: ---- libtasn1-4.3.tar.gz libtasn1-4.3.tar.gz.sig New: ---- libtasn1-4.4.tar.gz libtasn1-4.4.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libtasn1.spec ++++++ --- /var/tmp/diff_new_pack.VB1vcY/_old 2015-04-02 16:01:41.000000000 +0200 +++ /var/tmp/diff_new_pack.VB1vcY/_new 2015-04-02 16:01:41.000000000 +0200 @@ -18,7 +18,7 @@ %define somajor 6 Name: libtasn1 -Version: 4.3 +Version: 4.4 Release: 0 Summary: ASN.1 parsing library License: LGPL-2.1+ and GPL-3.0 ++++++ libtasn1-4.3.tar.gz -> libtasn1-4.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/NEWS new/libtasn1-4.4/NEWS --- old/libtasn1-4.3/NEWS 2015-03-09 21:47:14.000000000 +0100 +++ new/libtasn1-4.4/NEWS 2015-03-29 11:59:03.000000000 +0200 @@ -1,5 +1,9 @@ GNU Libtasn1 NEWS -*- outline -*- +* Noteworthy changes in release 4.4 (released 2015-03-29) [stable] +- Corrected a two-byte stack overflow in asn1_der_decoding. Reported + by Hanno Böck. + * Noteworthy changes in release 4.3 (released 2015-03-09) [stable] - Added asn1_decode_simple_ber() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/configure new/libtasn1-4.4/configure --- old/libtasn1-4.3/configure 2015-03-09 21:46:56.000000000 +0100 +++ new/libtasn1-4.4/configure 2015-03-29 11:59:32.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for GNU Libtasn1 4.3. +# Generated by GNU Autoconf 2.69 for GNU Libtasn1 4.4. # # Report bugs to <help-libtasn1@gnu.org>. # @@ -590,8 +590,8 @@ # Identity of this package. PACKAGE_NAME='GNU Libtasn1' PACKAGE_TARNAME='libtasn1' -PACKAGE_VERSION='4.3' -PACKAGE_STRING='GNU Libtasn1 4.3' +PACKAGE_VERSION='4.4' +PACKAGE_STRING='GNU Libtasn1 4.4' PACKAGE_BUGREPORT='help-libtasn1@gnu.org' PACKAGE_URL='http://www.gnu.org/software/libtasn1/' @@ -1882,7 +1882,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures GNU Libtasn1 4.3 to adapt to many kinds of systems. +\`configure' configures GNU Libtasn1 4.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1952,7 +1952,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of GNU Libtasn1 4.3:";; + short | recursive ) echo "Configuration of GNU Libtasn1 4.4:";; esac cat <<\_ACEOF @@ -2080,7 +2080,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -GNU Libtasn1 configure 4.3 +GNU Libtasn1 configure 4.4 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2732,7 +2732,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by GNU Libtasn1 $as_me 4.3, which was +It was created by GNU Libtasn1 $as_me 4.4, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3609,7 +3609,7 @@ # Define the identity of the package. PACKAGE='libtasn1' - VERSION='4.3' + VERSION='4.4' cat >>confdefs.h <<_ACEOF @@ -3748,7 +3748,7 @@ # Interfaces removed: AGE=0 LT_CURRENT=10 -LT_REVISION=0 +LT_REVISION=1 LT_AGE=4 @@ -21957,7 +21957,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by GNU Libtasn1 $as_me 4.3, which was +This file was extended by GNU Libtasn1 $as_me 4.4, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -22029,7 +22029,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -GNU Libtasn1 config.status 4.3 +GNU Libtasn1 config.status 4.4 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/configure.ac new/libtasn1-4.4/configure.ac --- old/libtasn1-4.3/configure.ac 2015-03-04 17:49:57.000000000 +0100 +++ new/libtasn1-4.4/configure.ac 2015-03-29 11:59:14.000000000 +0200 @@ -17,7 +17,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. AC_PREREQ([2.61]) -AC_INIT([GNU Libtasn1],[4.3],[help-libtasn1@gnu.org]) +AC_INIT([GNU Libtasn1],[4.4],[help-libtasn1@gnu.org]) AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_HEADERS(config.h) @@ -29,7 +29,7 @@ # Interfaces added: AGE++ # Interfaces removed: AGE=0 AC_SUBST(LT_CURRENT, 10) -AC_SUBST(LT_REVISION, 0) +AC_SUBST(LT_REVISION, 1) AC_SUBST(LT_AGE, 4) AC_PROG_CC diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/doc/asn1Coding.1 new/libtasn1-4.4/doc/asn1Coding.1 --- old/libtasn1-4.3/doc/asn1Coding.1 2015-03-09 21:47:19.000000000 +0100 +++ new/libtasn1-4.4/doc/asn1Coding.1 2015-03-29 11:59:48.000000000 +0200 @@ -1,5 +1,5 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.46.4. -.TH ASN1CODING "1" "March 2015" "asn1Coding (libtasn1) 4.3" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.46.5. +.TH ASN1CODING "1" "March 2015" "asn1Coding (libtasn1) 4.4" "User Commands" .SH NAME asn1Coding \- ASN.1 DER encoder .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/doc/asn1Decoding.1 new/libtasn1-4.4/doc/asn1Decoding.1 --- old/libtasn1-4.3/doc/asn1Decoding.1 2015-03-09 21:47:19.000000000 +0100 +++ new/libtasn1-4.4/doc/asn1Decoding.1 2015-03-29 11:59:48.000000000 +0200 @@ -1,5 +1,5 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.46.4. -.TH ASN1DECODING "1" "March 2015" "asn1Decoding (libtasn1) 4.3" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.46.5. +.TH ASN1DECODING "1" "March 2015" "asn1Decoding (libtasn1) 4.4" "User Commands" .SH NAME asn1Decoding \- ASN.1 DER decoder .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/doc/asn1Parser.1 new/libtasn1-4.4/doc/asn1Parser.1 --- old/libtasn1-4.3/doc/asn1Parser.1 2015-03-09 21:47:19.000000000 +0100 +++ new/libtasn1-4.4/doc/asn1Parser.1 2015-03-29 11:59:48.000000000 +0200 @@ -1,5 +1,5 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.46.4. -.TH ASN1PARSER "1" "March 2015" "asn1Parser (libtasn1) 4.3" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.46.5. +.TH ASN1PARSER "1" "March 2015" "asn1Parser (libtasn1) 4.4" "User Commands" .SH NAME asn1Parser \- ASN.1 syntax tree generator for libtasn1 .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/doc/libtasn1.html new/libtasn1-4.4/doc/libtasn1.html --- old/libtasn1-4.3/doc/libtasn1.html 2015-03-09 21:51:35.000000000 +0100 +++ new/libtasn1-4.4/doc/libtasn1.html 2015-03-29 12:00:05.000000000 +0200 @@ -1,7 +1,7 @@ <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <!-- This manual is for GNU Libtasn1 -(version 4.3, 9 March 2015), +(version 4.4, 9 March 2015), which is a library for Abstract Syntax Notation One (ASN.1) and Distinguished Encoding Rules (DER) manipulation. @@ -15,10 +15,10 @@ Documentation License". --> <!-- Created by GNU Texinfo 5.2, http://www.gnu.org/software/texinfo/ --> <head> -<title>GNU Libtasn1 4.3</title> +<title>GNU Libtasn1 4.4</title> -<meta name="description" content="GNU Libtasn1 4.3"> -<meta name="keywords" content="GNU Libtasn1 4.3"> +<meta name="description" content="GNU Libtasn1 4.4"> +<meta name="keywords" content="GNU Libtasn1 4.4"> <meta name="resource-type" content="document"> <meta name="distribution" content="global"> <meta name="Generator" content="makeinfo"> @@ -105,7 +105,7 @@ </head> <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000"> -<h1 class="settitle" align="center">GNU Libtasn1 4.3</h1> +<h1 class="settitle" align="center">GNU Libtasn1 4.4</h1> @@ -159,7 +159,7 @@ <h1 class="top">Libtasn1</h1> <p>This manual is for GNU Libtasn1 -(version 4.3, 9 March 2015), +(version 4.4, 9 March 2015), which is a library for Abstract Syntax Notation One (ASN.1) and Distinguished Encoding Rules (DER) manipulation. </p> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/doc/libtasn1.info new/libtasn1-4.4/doc/libtasn1.info --- old/libtasn1-4.3/doc/libtasn1.info 2015-03-09 21:51:32.000000000 +0100 +++ new/libtasn1-4.4/doc/libtasn1.info 2015-03-29 12:00:23.000000000 +0200 @@ -1,7 +1,7 @@ This is libtasn1.info, produced by makeinfo version 5.2 from libtasn1.texi. -This manual is for GNU Libtasn1 (version 4.3, 9 March 2015), which is a +This manual is for GNU Libtasn1 (version 4.4, 9 March 2015), which is a library for Abstract Syntax Notation One (ASN.1) and Distinguished Encoding Rules (DER) manipulation. @@ -24,7 +24,7 @@ Libtasn1 ******** -This manual is for GNU Libtasn1 (version 4.3, 9 March 2015), which is a +This manual is for GNU Libtasn1 (version 4.4, 9 March 2015), which is a library for Abstract Syntax Notation One (ASN.1) and Distinguished Encoding Rules (DER) manipulation. Files old/libtasn1-4.3/doc/libtasn1.pdf and new/libtasn1-4.4/doc/libtasn1.pdf differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/doc/libtasn1.ps new/libtasn1-4.4/doc/libtasn1.ps --- old/libtasn1-4.3/doc/libtasn1.ps 2015-03-09 21:51:36.000000000 +0100 +++ new/libtasn1-4.4/doc/libtasn1.ps 2015-03-29 12:00:05.000000000 +0200 @@ -1,7 +1,7 @@ %!PS-Adobe-2.0 %%Creator: dvips(k) 5.994 Copyright 2014 Radical Eye Software %%Title: libtasn1.dvi -%%CreationDate: Mon Mar 9 21:51:36 2015 +%%CreationDate: Sun Mar 29 12:00:05 2015 %%Pages: 34 %%PageOrder: Ascend %%BoundingBox: 0 0 612 792 @@ -12,7 +12,7 @@ %DVIPSWebPage: (www.radicaleye.com) %DVIPSCommandLine: dvips -q -o libtasn1.ps libtasn1.dvi %DVIPSParameters: dpi=600 -%DVIPSSource: TeX output 2015.03.09:2151 +%DVIPSSource: TeX output 2015.03.29:1200 %%BeginProcSet: tex.pro 0 0 %! /TeXDict 300 dict def TeXDict begin/N{def}def/B{bind def}N/S{exch}N/X{S @@ -6113,13 +6113,13 @@ TeXDict begin 1 0 bop 150 1318 a Fs(Libtasn1)p 150 1385 3600 34 v 1035 1486 a Fr(Abstract)31 b(Syn)m(tax)f(Notation)j(One)d (\(ASN.1\))h(library)f(for)g(the)h(GNU)g(system)2590 -1594 y(for)f(v)m(ersion)h(4.3,)g(9)g(Marc)m(h)g(2015)150 +1594 y(for)f(v)m(ersion)h(4.4,)g(9)g(Marc)m(h)g(2015)150 4795 y Fq(F)-11 b(abio)45 b(Fiorina)150 4928 y(Simon)g(Josefsson)150 5061 y(Nik)l(os)h(Ma)l(vrogiannop)t(oulos)g(\()p Fp(help-libtasn1@)o (gn)o(u.o)o(rg)o Fq(\))p 150 5141 3600 17 v eop end %%Page: 2 2 TeXDict begin 2 1 bop 150 4523 a Fr(This)21 b(man)m(ual)i(is)f(for)g -(GNU)h(Libtasn1)f(\(v)m(ersion)h(4.3,)i(9)d(Marc)m(h)h(2015\),)j(whic)m +(GNU)h(Libtasn1)f(\(v)m(ersion)h(4.4,)i(9)d(Marc)m(h)h(2015\),)j(whic)m (h)c(is)g(a)h(library)e(for)h(Abstract)150 4633 y(Syn)m(tax)31 b(Notation)h(One)e(\(ASN.1\))h(and)f(Distinguished)h(Enco)s(ding)e (Rules)i(\(DER\))g(manipulation.)150 4767 y(Cop)m(yrigh)m(t)602 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/doc/stamp-vti new/libtasn1-4.4/doc/stamp-vti --- old/libtasn1-4.3/doc/stamp-vti 2015-03-09 21:50:34.000000000 +0100 +++ new/libtasn1-4.4/doc/stamp-vti 2015-03-29 11:59:48.000000000 +0200 @@ -1,4 +1,4 @@ @set UPDATED 9 March 2015 @set UPDATED-MONTH March 2015 -@set EDITION 4.3 -@set VERSION 4.3 +@set EDITION 4.4 +@set VERSION 4.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/doc/version.texi new/libtasn1-4.4/doc/version.texi --- old/libtasn1-4.3/doc/version.texi 2015-03-09 21:50:34.000000000 +0100 +++ new/libtasn1-4.4/doc/version.texi 2015-03-29 11:59:48.000000000 +0200 @@ -1,4 +1,4 @@ @set UPDATED 9 March 2015 @set UPDATED-MONTH March 2015 -@set EDITION 4.3 -@set VERSION 4.3 +@set EDITION 4.4 +@set VERSION 4.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/lib/libtasn1.h new/libtasn1-4.4/lib/libtasn1.h --- old/libtasn1-4.3/lib/libtasn1.h 2015-03-09 21:46:37.000000000 +0100 +++ new/libtasn1-4.4/lib/libtasn1.h 2015-03-29 11:59:37.000000000 +0200 @@ -44,7 +44,7 @@ { #endif -#define ASN1_VERSION "4.3" +#define ASN1_VERSION "4.4" #if defined(__GNUC__) && !defined(ASN1_INTERNAL_BUILD) # define _ASN1_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/lib/parser_aux.c new/libtasn1-4.4/lib/parser_aux.c --- old/libtasn1-4.3/lib/parser_aux.c 2015-02-05 10:29:36.000000000 +0100 +++ new/libtasn1-4.4/lib/parser_aux.c 2015-03-26 18:37:04.000000000 +0100 @@ -543,7 +543,7 @@ char * -_asn1_ltostr (long v, char *str) +_asn1_ltostr (long v, char str[LTOSTR_MAX_SIZE]) { long d, r; char temp[LTOSTR_MAX_SIZE]; @@ -567,7 +567,7 @@ count++; v = d; } - while (v); + while (v && ((start+count) < LTOSTR_MAX_SIZE-1)); for (k = 0; k < count; k++) str[k + start] = temp[start + count - k - 1]; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/lib/parser_aux.h new/libtasn1-4.4/lib/parser_aux.h --- old/libtasn1-4.3/lib/parser_aux.h 2014-11-14 20:53:32.000000000 +0100 +++ new/libtasn1-4.4/lib/parser_aux.h 2015-03-26 18:30:29.000000000 +0100 @@ -52,8 +52,9 @@ void _asn1_delete_list_and_nodes (void); -#define LTOSTR_MAX_SIZE 20 -char *_asn1_ltostr (long v, char *str); +/* Max 64-bit integer length is 20 chars + 1 for sign + 1 for null termination */ +#define LTOSTR_MAX_SIZE 22 +char *_asn1_ltostr (long v, char str[LTOSTR_MAX_SIZE]); asn1_node _asn1_find_up (asn1_node node); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/tests/Makefile.am new/libtasn1-4.4/tests/Makefile.am --- old/libtasn1-4.3/tests/Makefile.am 2014-11-14 20:53:32.000000000 +0100 +++ new/libtasn1-4.4/tests/Makefile.am 2015-03-09 23:03:26.000000000 +0100 @@ -54,6 +54,8 @@ ASN1INDEF2=$(srcdir)/TestIndef2.p12 \ ASN1INDEF3=$(srcdir)/TestIndef3.der \ ASN1ENCODING=$(srcdir)/Test_encoding.asn \ + ASN1CHOICE_OCSP=$(srcdir)/pkix.asn \ + ASN1CHOICE_OCSP_DATA=$(srcdir)/ocsp.der \ THREADSAFETY_FILES=`find $(top_srcdir)/lib -name \*.c` \ EXEEXT=$(EXEEXT) \ $(VALGRIND) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtasn1-4.3/tests/Makefile.in new/libtasn1-4.4/tests/Makefile.in --- old/libtasn1-4.3/tests/Makefile.in 2015-03-09 21:46:58.000000000 +0100 +++ new/libtasn1-4.4/tests/Makefile.in 2015-03-29 11:59:33.000000000 +0200 @@ -1169,6 +1169,8 @@ ASN1INDEF2=$(srcdir)/TestIndef2.p12 \ ASN1INDEF3=$(srcdir)/TestIndef3.der \ ASN1ENCODING=$(srcdir)/Test_encoding.asn \ + ASN1CHOICE_OCSP=$(srcdir)/pkix.asn \ + ASN1CHOICE_OCSP_DATA=$(srcdir)/ocsp.der \ THREADSAFETY_FILES=`find $(top_srcdir)/lib -name \*.c` \ EXEEXT=$(EXEEXT) \ $(VALGRIND)