SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for opensc-0.24.0-2.1.x86_64.rpm :

* Sun Feb 25 2024 martin.schreinerAATTsuse.com- Add CVE-2024-1454.patch. Fix for CVE-2024-1454 / bsc#1219868.
* Wed Dec 13 2023 otto.hollmannAATTsuse.com- Update to OpenSC 0.24.0:
* Security - CVE-2023-40660: Fix Potential PIN bypass (#2806, frankmorgner/OpenSCToken#50, #2807) - CVE-2023-40661: Important dynamic analyzers reports - CVE-2023-4535: Out-of-bounds read in MyEID driver handling encryption using symmetric keys (f1993dc)
* General improvements - Fix compatibility of EAC with OpenSSL 3.0 (#2674) - Enable use_file_cache by default (#2501) - Use custom libctx with OpenSSL >= 3.0 (#2712, #2715) - Fix record-based files (#2604) - Fix several race conditions (#2735) - Run tests under Valgrind (#2756) - Test signing of data bigger than 512 bytes (#2789) - Update to OpenPACE 1.1.3 (#2796) - Implement logout for some of the card drivers (#2807) - Fix wrong popup position of opensc-notify (#2901) - Fixed various issues reported by OSS-Fuzz and Coverity regarding card drivers, PKCS#11 and PKCS#15 init
* PKCS#11 - Check card presence state in C_GetSessionInfo (#2740) - Remove onepin-opensc-pkcs11 module (#2681) - Do not use colons in the token info label (#2760) - Present profile objects in all slots with the CKA_TOKEN attribute to resolve issues with NSS (#2928, #2924) - Use secure memory for PUK (#2906) - Don\'t logout to preserve concurrent access from different processes (#2907) - Add more examples to manual page (#2936) - Present profile objects in all virtual slots (#2928) - Provide CKA_TOKEN attribute for profile objects (#2924) - Improve --slot parameter documentation (#2951)
* PKCS#15 - Honor cache offsets when writing file cache (#2858) - Prevent needless amount of PIN prompts from pkcs15init layer (#2916) - Propagate CKA_EXTRACTABLE and SC_PKCS15_PRKEY_ACCESS_SENSITIVE from and back to PKCS#11 (#2936)
* Minidriver - Fix for private keys that do not need a PIN (#2722) - Unbreak decipher when the first null byte of PKCS#1.5 padding is missing (#2939
*
* pkcs11-tool - Fix RSA key import with OpenSSL 3.0 (#2656) - Add support for attribute filtering when listing objects (#2687) - Add support for --private flag when writing certificates (#2768) - Add support for non-AEAD ciphers to the test mode (#2780) - Show CKA_SIGN attribute for secret keys (#2862) - Do not attempt to read CKA_ALWAYS_AUTHENTICATE on secret keys (#2864, #2913) - Show Sign/VerifyRecover attributes (#2888) - Add option to import generic keys (#2955)
* westcos-tool - Generate 2k RSA keys by default (b53fc5c)
* pkcs11-register - Disable autostart on Linux by default (#2680)
* IDPrime - Add support for IDPrime MD 830, 930 and 940 (#2666) - Add support for SafeNet eToken 5110 token (#2812) - Process index even without keyrefmap and use correct label for second PIN (#2878) - Add support for Gemalto IDPrime 940C (#2941)
* EPass2003 - Change of PIN requires verification of the PIN (#2759) - Fix incorrect CMAC computation for subkeys (#2759, issue #2734) - Use true random number for mutual authentication for SM (#2766) - Add verification of data coming from the token in the secure messaging mode (#2772) - Avoid success when using unsupported digest and fix data length for RAW ECDSA signatures (#2845)
* OpenPGP - Fix select data command (#2753, issue #2752) - Unbreak ed/curve25519 support (#2892)
* eOI - Add support for Slovenian eID card (eOI) (#2646)
* Italian CNS - Add support for IDEMIA (Oberthur) tokens (#2483)
* PIV - Add support for Swissbit iShield FIDO2 Authenticator (#2671) - Implement PIV secure messaging (#2053)
* SkeID - Add support for Slovak eID cards (#2672)
* isoApplet - Support ECDSA with off-card hashing (#2642)
* MyEID - Fix WRAP operation when using T0 (#2695) - Identify changes on the card and enable use_file_cache (#2798) - Workaround for unwrapping using 2K RSA key (#2921)
* SC-HSM - Add support for opensc-tool --serial (#2675) - Fix unwrapping of 4096 keys with handling reader limits (#2682) - Indicate supported hashes and MGF1s (#2827)- Remove patches:
* opensc-CVE-2023-40660-1of2.patch
* opensc-CVE-2023-40660-2of2.patch
* opensc-CVE-2023-40661-1of12.patch
* opensc-CVE-2023-40661-2of12.patch
* opensc-CVE-2023-40661-3of12.patch
* opensc-CVE-2023-40661-4of12.patch
* opensc-CVE-2023-40661-5of12.patch
* opensc-CVE-2023-40661-6of12.patch
* opensc-CVE-2023-40661-7of12.patch
* opensc-CVE-2023-40661-8of12.patch
* opensc-CVE-2023-40661-9of12.patch
* opensc-CVE-2023-40661-10of12.patch
* opensc-CVE-2023-40661-11of12.patch
* opensc-CVE-2023-40661-12of12.patch
* opensc-CVE-2023-4535.patch
* opensc-CVE-2023-2977.patch
* opensc-NULL_pointer_fix.patch
* Fri Oct 06 2023 otto.hollmannAATTsuse.com- Security Fix: [CVE-2023-40661, bsc#1215761]
* opensc: multiple memory issues with pkcs15-init (enrollment tool)
* Add patches: - opensc-CVE-2023-40661-1of12.patch - opensc-CVE-2023-40661-2of12.patch - opensc-CVE-2023-40661-3of12.patch - opensc-CVE-2023-40661-4of12.patch - opensc-CVE-2023-40661-5of12.patch - opensc-CVE-2023-40661-6of12.patch - opensc-CVE-2023-40661-7of12.patch - opensc-CVE-2023-40661-8of12.patch - opensc-CVE-2023-40661-9of12.patch - opensc-CVE-2023-40661-10of12.patch - opensc-CVE-2023-40661-11of12.patch - opensc-CVE-2023-40661-12of12.patch
* Thu Oct 05 2023 otto.hollmannAATTsuse.com- Security Fix: [CVE-2023-4535, bsc#1215763]
* Add patches: - opensc-CVE-2023-4535.patch - opensc-NULL_pointer_fix.patch
* Wed Oct 04 2023 otto.hollmannAATTsuse.com- Security Fix: [CVE-2023-40660, bsc#1215762]
* opensc: PIN bypass when card tracks its own login state
* Add patches: - opensc-CVE-2023-40660-1of2.patch - opensc-CVE-2023-40660-2of2.patch
* Thu Jun 01 2023 otto.hollmannAATTsuse.com- Security Fix: [CVE-2023-2977, bsc#1211894]
* opensc: out of bounds read in pkcs15 cardos_have_verifyrc_package()
* Add opensc-CVE-2023-2977.patch
* Tue Nov 29 2022 michaelAATTstroeder.com- Update to OpenSC 0.23.0:
* General improvements - Support signing of data with a length of more than 512 bytes (#2314) - By default, disable support for old card drivers (#2391) and remove support for old drivers MioCOS and JCOP (#2374) - Bump minimal required OpenSSL version to 1.1.1 and add support for OpenSSL 3.0 (#2438, #2506) - Compatibility with LibreSSL (#2495, #2595) - Remove support for DSA (#2503) - Extend p11test to support symmetric keys (#2430) - Notice detached reader on macOS (#2418) - Support for OAEP padding (#2475, #2484) - Fix for PSS salt length (#2478) - Improve fuzzing by adding new tests (#2417, #2500, #2520, #2550, #2637) - Fixed various issues reported by OSS-Fuzz and Coverity regarding card drivers, PKCS#11 and PKCS#15 init - Fix issues with OpenPACE (#2472) - Containers support for local testing - Add support for encryption and decryption using symmetric keys (#2473, #2607) - Stop building support for Gost algorithms with OpenSSL 3.0 as they require deprecated API (#2586) - Fix detection of disconnected readers in PCSC (#2600) - Add configuration option for on-disk caching of private data (#2588) - Skip building empty binaries when dependencies are missing and remove needless linking (#2617) - Define arm64 as a supported architecture in the Installer package (#2610)
* PKCS#11 - Implement C_CreateObject for EC keys and fix signature verification for CKM_ECDSA_SHAx cards (#2420)
* pkcs11-tool - Add more elliptic curves (#2301) - Add support for symmetric encrypt and decrypt, wrap and unwrap operations, and initialization vector (#2268) - Fix consistent handling of secret key attributes (#2497) - Add support for signing and verifying with HMAC (#2385) - Add support for SHA3 (#2467) - Make object selectable via label (#2570) - Do not require an R/W session for some operations and add --session-rw option (#2579) - Print more information: CKA_UNIQUE_ID attribute, SHA3 HMACs and serial number for certificates (#2644, #2643, #2641) - Add new option --undestroyable to create keys with CKA_DESTROYABLE=FALSE (#2645)
* sc-hsm-tool - Add options for public key authentication (#2301)
* Minidriver - Fix reinit of the card (#2525) - Add an entry for Italian CNS (e) (#2548) - Fix detection of ECC mechanisms (#2523) - Fix ATRs before adding them to the windows registry (#2628)
* NQ-Applet - Add support for the JCOP4 Cards with NQ-Applet (#2425)
* ItaCNS - Add support for ItaCMS v1.1 (key length 2048) (#2371)
* Belpic - Add support for applet v1.8 (#2455)
* Starcos - Add ATR for V3.4 (#2464) - Add PKCS#15 emulator for 3.x cards with eSign app (#2544)
* ePass2003 - Fix PKCS#15 initialization (#2403) - Add support for FIPS (#2543) - Fix matching with newer versions and tokens initialized with OpenSC (#2575)
* MyEID - Support logout operation (#2557) - Support for symmetric encryption and decryption (#2473, #2607)
* GIDS - Fix decipher for TPM (#1881)
* OpenPGP - Get the list of supported algorithms from algorithm information on the card (#2287) - Support for 3 certificates with OpenPGP 3+ (#2103)
* nPA - Fix card detection (#2463)
* Rutoken - Fix formatting rtecp cards (#2599)
* PIV - Add new PIVKey ATRs for current cards (#2602)
* Mon Oct 04 2021 daniel.donisaAATTsuse.com- Update to OpenSC 0.22.0:
* Removed changes in opensc-gcc11.patch already present in upstream. - See https://github.com/OpenSC/OpenSC/pull/2241/commits/e549e9c62eb4fcd2260800e2665071e4dd9bbbda
* Removed some false positives from the openrc-rpmlintrc file.
* Use standard paths for file cache on Linux (#2148) and OSX (#2214)
* Various issues of memory/buffer handling in legacy drivers mostly reported by oss-fuzz and coverity (tcos, oberthur, isoapplet, iasecc, westcos, gpk, flex, dnie, mcrd, authentic, belpic)
* Add threading test to `pkcs11-tool` (#2067)
* Add support to generate generic secret keys (#2140)
* `opensc-explorer`: Print information about LCS (Life cycle status byte) (#2195)
* Add support for Apple\'s arm64 (M1) binaries, removed TokenD. A seperate installer with TokenD (and without arm64 binaries) will be available (#2179).
* Support for gcc11 and its new strict aliasing rules (#2241, #2260)
* Initial support for building with OpenSSL 3.0 (#2343)
* pkcs15-tool: Write data objects in binary mode (#2324)
* Avoid limited size of log messages (#2352)
* Support for ECDSA verification (#2211)
* Support for ECDSA with different SHA hashes (#2190)
* Prevent issues in p11-kit by not returning unexpected return codes (#2207)
* Add support for PKCS#11 3.0: The new interfaces, profile objects and functions (#2096, #2293)
* Standardize the version 2 on 2.20 in the code (#2096)
* Fix CKA_MODIFIABLE and CKA_EXTRACTABLE (#2176)
* Copy arguments of C_Initialize (#2350)
* Fix RSA-PSS signing (#2234)
* Fix DO deletion (#2215)
* Add support for (X)EdDSA keys (#1960)
* Add support for applet version 3 and fix RSA-PSS mechanisms (#2205)
* Add support for applet version 4 (#2332)
* New configuration option for opensc.conf to disable pkcs1_padding (#2193)
* Add support for ECDSA with different hashes (#2190)
* Enable more mechanisms (#2178)
* Fixed asking for a user pin when formatting a card (#1737)
* Added support for French CPx Healthcare cards (#2217)
* Added ATR for new CardOS 5.4 version (#2296)
* Fixes security issues:
* tcos: use after return (bsc#1192005, CVE-2021-42780)
* oberthur: use after free (bsc#1191992, CVE-2021-42779)
* oberthur: multiple heap buffer overflows (bsc#1192000, CVE-2021-42781)
* multiple stack buffer overflow issues (bsc#1191957, CVE-2021-42782)
* Sun Jun 27 2021 predivanAATTmts.rs- Fix build on GCC11
* Add opensc-gcc11.patch from Fedora (https://github.com/OpenSC/OpenSC/pull/2241/)
* Fri Mar 12 2021 dmuellerAATTsuse.com- move licenses to licensedir
* Fri Nov 27 2020 andreas.stiegerAATTgmx.de- OpenSC 0.21.0:
* CVE-2020-26571: stack-based buffer overflow in the gemsafe GPK smart card software driver (boo#1177380)
* CVE-2020-26572: stack-based buffer overflow in the TCOS smart card software driver (boo#1177378)
* CVE-2020-26570: heap-based buffer overflow in the Oberthur smart card software driver (boo#1177364)
* CardOS 5.x support boo#1179291
* Support for OAEP encryption, make SHA256 default
* New separate debug level for PIN commands
* Fix handling of card/reader insertion/removal events in pcscd
* Fixes of removed readers handling
* Fix Firefox crash because of invalid pcsc context
* PKCS#11: Return CKR_TOKEN_NOT_RECOGNIZED for not recognized cards
* Propagate ignore_user_content to PKCS#11 layer not to confuse applications
* Minidriver: Fix check of ATR length (2-to 33 characters inclusive)
* pkcs11-tool: allow using SW tokens
* opensc-explorer asn1 accepts offsets and decode records
* opensc-explorer cat accepts records
* OpenPGP: Add new ec curves supported by GNUK
* First steps supporting OpenPGP 3.4
* OpenPGP: Add support for EC key import
* Rutoken: Add ATR for Rutoken ECP SC NFC
* Improve detection of various CardOS 5 configurations
* DNIe: Add new DNIe CA structure for the secure channel
* ePass2003: Improve ECC support
* ePass2003: Fix erase sequence
* IAS-ECC: Fix support for Idemia Cosmo cards
* IAS-ECC: PIN padding settings are now used from PKCS#15 info when available
* IAS-ECC: Added PIN-pad support for PIN unblock
* New driver for Gemalto IDPrime (only some types)
* eDo: New driver with initial support for Polish eID card (e-dowód, eDO)
* MCRD: Remove unused and broken RSA EstEID support
* TCOS: Add missing encryption certificates
* PIV: Add ATR of DOD Yubikey
* fixed PIV global pin bug
* CAC1: Support changing PIN with CAC Alt tokens- includes changes from 0.20.0
* CVE-2019-6502: memory leak in libopensc (boo#1122756)
* CVE-2019-15946: out-of-bounds access of an ASN.1 Octet string (boo#1149747)
* CVE-2019-15945: out-of-bounds access of an ASN.1 Bitstring (boo#1149746)
* CVE-2019-19479: incorrect read operation during parsing of a SETCOS file attribute (boo#1158256)
* CVE-2019-19480: improper free operation in sc_pkcs15_decode_prkdf_entry (boo#1158307)
* CVE-2019-20792: double free in coolkey_free_private_dat (bsc#1170809)
* Support RSA-PSS signature mechanisms using RSA-RAW
* Added memory locking for secrets
* added support for terminal colors
* PC/SC driver: Fixed error handling in case of changing or removing the card reader
* rename md_read_only to read_only and use it for PKCS#11 and Minidriver
* allow global use of ignore_private_certificate
* PKCS#11: Implement write protection (CKF_WRITE_PROTECTED) based on the card profile
* PKCS#11: Add C_WrapKey and C_UnwrapKey implementations
* PKCS#11: Handle CKA_ALWAYS_AUTHENTICATE when creating key objects
* PKCS#11: Truncate long PKCS#11 labels with ...
* PKCS#11: Fixed recognition of a token when being unplugged and reinserted
* Minidriver: Register for CardOS5 cards
* Minidriver: Add support for RSA-PSS
* tools: Harmonize the use of option -r/--reader
* goid-tool: GoID personalization with fingerprint
* openpgp-tool: replace the options -L/--key-length with -t/--key-type
* openpgp-tool: add options -C/--card-info and -K/--key-info
* opensc-explorer: add command pin_info, extend random
* pkcs11-register: Auto-configuration of applications for use of OpenSC PKCS#11
* pkcd11-register: Autostart
* opensc-tool: Show ATR also for cards not recognized by OpenSC
* pkcs11-spy: parse CKM_AES_GCM, EC Derive parameters
* pkcs11-spy: Add support for CKA_OTP_
* and CKM_
*_PSS values
* pkcs11-tool: Support for signature verification via --verify
* pkcs11-tool: Add object type secrkey for --type option
* pkcs11-tool: Implement Secret Key write object
* pkcs11-tool: Add GOSTR3410-2012 support
* pkcs11-tool: Add support for testing CKM_RSA_PKCS_OAEP
* pkcs11-tool: Add extractable option to key import
* pkcs11-tool: list more key access flags when listing keys
* pkcs11-tool: Add support for CKA_ALLOWED_MECHANISMS when creating new objects and listing keys
* pkcs15-crypt:
*Handle keys with user consent
* New separate CAC1 driver using the old CAC specification (#1502)
* CardOS: Add support for 4K RSA keys in CardOS 5
* CardOS: Fixed decryption with CardOS 5
* Enable CoolKey driver to handle 2048-bit keys
* EstEID: add support for a minimalistic, small and fast card profile based on IAS-ECC issued since December 2018
* GIDS Decipher fix (#1881)
* GIDS: Allow RSA 4K support
* MICARDO: Remove long expired EstEID 1.0/1.1 card support
* MyEID: Add support for unwrapping a secret key with an RSA key or secret key
* MyEID Add support for wrapping a secret key with a secret key
* Support for MyEID 4K RSA
* Support for OsEID
* Gemalto GemSafe: add new PTeID ATRs, add support for 4K RSA keys
* OpenPGP Card v3 ECC support
* Add Rutoken ECP SC
* Add Rutoken Lite
* Add SmartCard-HSM 4K ATR
* Add missing secp384r1 curve parameter
* Stacros: Fix decipher with 2.3
* Stacros: Add ATR for 2nd gen. eGK
* Stacros: Add new ATR for 3.5
* Stacros: Detect and allow Globalplatform PIN encoding
* Fix TCOS IDKey support
* TCOS: add encryption certificate for IDKey
* Infocamere, Postecert, Cnipa: Remove profiles
* Remove incomplete acos5 driver- drop patches now upstream:
* opensc-0.19.0-piv_card_matching.patch
* opensc-0.19.0-redundant_logging.patch
* opensc-0.19.0-rsa-pss.patch
* Sun Aug 18 2019 jsikesAATTsuse.com- added opensc-0.19.0-piv_card_matching.patch
* Improve Card Matching for Dual CAC/PIV and PIVKEY cards.
* sourced from https://github.com/OpenSC/OpenSC/pull/1549
* Tue Jul 30 2019 jsikesAATTsuse.de- added opensc-0.19.0-rsa-pss.patch
* Fixes the pkcs11-tool example
* Added missing CKM_SHA224_RSA_PKCS_PSS
* Add support for PSS padding to RSA signatures
* Support for signature verification in pkcs11-tool
* Switch cleanup steps to avoid segfaults on errors and more sanity checking- added opensc-0.19.0-redundant_logging.patch
* Remove redundant debug output
* Tue Jul 23 2019 codeAATTbnavigator.de- add explicit BuildRequires: zlib-devel
* Thu Sep 13 2018 kbabiochAATTsuse.com- Update to version 0.19.0
* Fixed multiple security problems (out of bound writes/reads):
* bsc#1104812
* CVE-2018-16391 (bsc#1106998)
* CVE-2018-16392 (bsc#1106999)
* CVE-2018-16393 (bsc#1108318)
* CVE-2018-16418 (bsc#1107039)
* CVE-2018-16419 (bsc#1107107)
* CVE-2018-16420 (bsc#1107097)
* CVE-2018-16421 (bsc#1107049)
* CVE-2018-16422 (bsc#1107038)
* CVE-2018-16423 (bsc#1107037)
* CVE-2018-16424 (bsc#1107036)
* CVE-2018-16425 (bsc#1107035)
* CVE-2018-16426 (bsc#1107034)
* CVE-2018-16427 (bsc#1107033)
* Workaround cards returning short signatures without leading zeroes
* Distribute minimal opensc.conf
* `pkcs11_enable_InitToken made` global configuration option
* Modify behavior of `OPENSC_DRIVER` environment variable to restrict driver list instead of forcing one driver and skipping vital parts of configuration
* Removed configuration options `zero_ckaid_for_ca_certs`, `force_card_driver`, `reopen_debug_file`, `paranoid-memory`
* Generalized configuration option `ignored_readers`
* If card initialization fails, continue card detection with other card drivers
* reader-pcsc: allow fixing the length of a PIN
* fixed crash during `C_WaitForSlotEvent`
* Allow cancelling the PIN pad prompt before starting the reader transaction. Whether to start the transaction immediately or not is user-configurable for each application
* opensc-notify
* add Exit button to tray icon
* User better description (GenericName) and a generic application icon
* Do not display in the application list- Removed patches included upstream now:
* opensc-desktop.patch
* opensc-desktop2.patch
* opensc-bash-completions.patch- Applied spec-cleaner
* Tue Jul 10 2018 sbrabecAATTsuse.com- Update to version 0.18.0:
* Further improvements of PIN support.
* Large number of improvements and fixes (boo#1097951, boo#1100501).
* See /usr/share/doc/packages/opensc/NEWS for complete list.- Add opensc-desktop.patch, opensc-desktop2.patch and opensc-bash-completions.patch.
* Mon Jan 01 2018 michaelAATTstroeder.com- update to version 0.17.0:
* support for new cards
* PIN support enhancemets
* added .pc file
* builds with OpenSSL 1.1.0 (1074799)
* See /usr/share/doc/packages/opensc/NEWS for complete list.
* Tue Jul 18 2017 tchvatalAATTsuse.com- Switch to tarball fetching from github- Few small cleanups
* Tue Nov 22 2016 sbrabecAATTsuse.com- Add baselibs.conf to provide 32-bit PKCS11 plugins (bsc#996047).- Drop opensc-ADVISORIES. There is no new advisory since 2009.
* Tue Jul 05 2016 t.grunerAATTkatodev.de- update to version 0.16.0- remove fix (issue 505)- clean up spec-file
* Thu Jul 30 2015 bwachter-pkgAATTlart.info- update to version 0.15.0- register with p11-kit (https://www.opensc-project.org/opensc/ticket/390)
* Mon Feb 16 2015 michaelAATTstroeder.com- update to version 0.14.0
* Tue Dec 03 2013 luizlucaAATTtre-sc.gov.br- update to version 0.13.0
* Tue Jun 12 2012 mgorseAATTsuse.com- make needed directories before running make install
* Thu Sep 29 2011 lmedinasAATTopensuse.org- Updated to version 0.12.2:
* Builds are now silent by default when OpenSC is built from source on Unix.
* Using --wait with command line tools works with 64bit Linux again.
* Greatly improved OpenPGP card support, including OpenPGP 2.0 cards like the one found in German Privacy Foundation CryptoStick.
* Fixed support for FINeID cards issued after 01.03.2011 with 2048bit keys.
* #256: Fixed support for TCOS cards (broken since 0.12.0).
* Added support for IDKey-cards to TCOS3 driver.
* #361: Improved PC/SC driver to fetch the maximum PIN sizes from the open source CCID driver. This fixes the issue for Linux/OSX with recent driver.
* Fix FINeID cards for organizations.
* Several smaller bugs and compiler warnings fixed- Updated to version 0.12.1:
* IAS-ECC 1.0.1
* Support for cards with multiple PKCS#15 applications
* New card driver: IAS/ECC 1.0.1
* rutoken-tool has been deprecated and removed.
* eidenv and piv-tool utilities now have manual pages.
* pkcs11-tool now requires the use of --module parameter.
* All tools can now use an ATR as an argument to --reader, to skip to the card with given ATR.
* opensc-tool -l with -v now shows information about the inserted cards.
* Creating files have an enforced upper size limit, 64K
* Support for multiple PKCS#15 applications with different AID-s. PKCS#15 applications can be listed with pkcs15-tool - -list-applications. Binding to a specific AID with PKCS#15 tools can be done with --aid.
* Hex strings (like card ATR or APDU-s) can now be separated by space, in addition to colons.
* Pinpad readers known to be bogus are now ignored by OpenSC. At the moment only \"HP USB Smart Card Keyboard\" is disabled.
* Numerous compiler warnings, unused code and internal bugs have been eliminated.
* Fri Jan 07 2011 sbrabecAATTsuse.cz- Updated to version 0.12.0:
* Security fix (bnc#660109, CVE-2010-4523).
* Only one backend is supported. openSUSE will use pcsc-lite.
* libopensc made private, library should not be used by other applications. Please use generic PKCS#11 interface instead.
* Signer plugin discontinued. Please use openssl engine_pkcs11.
* No more depends on libassuan.
* New card drivers.
* Support for CardOS enhanced.
* More changes and enhancements.- libopensc merged back to the main package, as it is private now.
* Mon Aug 23 2010 sbrabecAATTsuse.cz- Fixed broken opensc-fix-gcc-warnings.patch (bnc#627619).- Simplified plugin installation.
* Tue Apr 13 2010 puzelAATTnovell.com- update to version 0.11.13
* Modify Rutoken S binary interfaces by Aktiv Co.
* Muscle driver fixed (acl reading issue)
* Many small fixes (e.g. mem leaks)
* Compiling with openssl 1.0.0-beta fixed
* Document integer problem in OpenSC and implement workaround
* Improve entersafe profile to support private data objects- Require pinentry- add opensc-libassuan-2.patch- add opensc-fix-gcc-warnings.patch
* Fri Jan 01 2010 jengelhAATTmedozas.de- package baselibs.conf
* Wed Aug 05 2009 sbrabecAATTsuse.cz- Updated to version 0.11.9:
* New rutoken_ecp driver
* Allow more keys/certificates/files etc. with entersafe tokens
* Updates pkcs11.h from scute fixing warnings
* Small fixes in rutoken driver
* Major update for piv driver with increased compatibility
* Thu Jul 30 2009 sbrabecAATTsuse.cz- libopensc2 should not require opensc (bnc#466430).
* Thu May 07 2009 sbrabecAATTsuse.cz- Updated to version 0.11.8:
* Fix security problem in pkcs11-tool gen_keypair (PublicExponent 1) (bnc#501726) See http://en.opensuse.org/Smart_Cards/Advisories for more.
* updated and improve entersafe driver. FTCOS/PK-01C cards are supported now, compatible with cards writen by Feitian\'s software on windows.
* Thu Apr 09 2009 sbrabecAATTsuse.cz- Fixed undefined code (bnc#440853).- Don\'t call autoreconf on older products.
* Tue Mar 17 2009 sbrabecAATTsuse.cz- Updated to version 0.11.7:
* hide_empty_slots now on by default? small logic change?
* ruToken driver was updated.
* openct virtual readers reduced to 2 by default.
* Security issue: Fix private data support. (bnc#480262, CVE-2009-0368) See http://en.opensuse.org/Smart_Cards/Advisories for more.
* Enable lock_login by default.
* Disable allow_soft_keygen by default.
* Wed Dec 10 2008 olhAATTsuse.de- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade (bnc#437293)
* Thu Oct 30 2008 olhAATTsuse.de- obsolete old -XXbit packages (bnc#437293)
* Wed Sep 10 2008 sbrabecAATTsuse.cz- Updated to version 0.11.6:
* New support for Feitian ePass3000.
* GemSafeV1 improved to handle key_ref other than 3.
* Build system rewritten.
* ruToken now supported.
* Allow specifying application name for data objects.
* Basic reader hotplug support.
* PC/SC library is dynamically linked.
* PKCS#11 provider is now installed at LIBDIR/pkcs11.
* PKCS#11 - Number of virtual slots moved into configuration.
* PKCS#11 - Fix fork() compliance.
* make sign_with_decrypt hack configureable for siemens cards.
* Mon Sep 01 2008 sbrabecAATTsuse.cz- Check validity of SSL certificates for all Siemens CardOS M4 cards (SCA and SCB are affected as well, bnc#413496#c6).
* Thu Jul 31 2008 sbrabecAATTsuse.cz- Fixed initialization access rights for Siemens CardOS M4, added a security check to pkcs15-tool (bnc#413496, CVE-2008-2235)
* Thu Apr 10 2008 roAATTsuse.de- added baselibs.conf file to build xxbit packages for multilib support
* Thu Feb 07 2008 sbrabecAATTsuse.cz- Updated to version 0.11.4:
* Browser plugin support
* Support Siemens CardOS initialized cards (signing with decryption)
* Add Siemens CardOS M4.2B support (experimental)
* Support for AKIS cards added (partial)
* Thu Jul 26 2007 sbrabecAATTsuse.cz- Updated to version 0.11.3:
* make lots of internal functions and variables static.
* fix 0 vs NULL in many places. fix ansi c style (void).
* avoid variable names used also as glibc function (random etc.).
* new code for deleting objects.
* special hack for firefox.
* suport for Athena APCOS cards added.
* piv driver now supports bigger rsa keys too.
* enabled pin caching by default.
* use max_send_size 255 / max_recv_size 256 bytes by default.
* increase pin buffer size to allow longer pin codes.
* Added --read-ssk-key option to pkcs15-tool
* use pkg-config for finding openct
* use strlcpy function
* use new pkcs11.h from scute with an open source license
* add support for sha2 to pkcs15-crypt
* add piv-tool for managing piv cards
* add muscle driver
* improved oberthur driver
* add support for pcsc v2 part10
* convert source files to utf-8- Split package according to shared library packaging policy.
* Tue Feb 27 2007 mvanerAATTsuse.cz- Fixing dodgy use of sizeof (#238660) - sizeof.patch
* Mon Oct 02 2006 sbrabecAATTsuse.cz- Updated to version 0.11.1:
* Update for piv pkcs#15 emulation
* Improved TCOS driver for Uni Giesen Card
* Handle size_t printf with \"%lu\" and (unsigned long) cast
* Add support for d-trust cards / improve micardo 2.1 driver
* Thu May 25 2006 sbrabecAATTsuse.cz- Fixed build for old SuSE Linux versions.
* Thu May 11 2006 sbrabecAATTsuse.cz- Fixed devel dependencies.
* Wed May 10 2006 sbrabecAATTsuse.cz- Updated to version 0.11.0.
* Wed Jan 25 2006 mlsAATTsuse.de- converted neededforbuild to BuildRequires
* Thu Jan 05 2006 roAATTsuse.de- added unpackaged so-links to devel filelist
* Tue Oct 25 2005 rhaferAATTsuse.de- added LDAP_DEPRECATED to CFLAGS to build correctly with· OpenLDAP 2.3
* Fri Sep 02 2005 okirAATTsuse.de- Removed +x permissions on opensc.conf (#114849)
* Thu Jul 14 2005 okirAATTsuse.de- Updated to latest upstream version- Added missing documentation files (#75425)
* Fri Mar 04 2005 meissnerAATTsuse.de- fixed gcc4 compilation.
* Fri Jan 21 2005 okirAATTsuse.de- Updated to latest upstream version (0.9.4)
* Thu Nov 18 2004 roAATTsuse.de- use kerberos-devel-packages
* Mon Jul 19 2004 adrianAATTsuse.de- fix file list
* Mon Jul 12 2004 adrianAATTsuse.de- update to version 0.8.1
* Fri Mar 19 2004 okirAATTsuse.de- Fixed permissions and path names of some include files (#36432)
* Fri Jan 16 2004 kukukAATTsuse.de- Add pam-devel to neededforbuild
* Sat Jan 10 2004 adrianAATTsuse.de- add %run_ldconfig and %defattr
* Mon Aug 04 2003 okirAATTsuse.de- Build fixes for x86_64/ppc64- use a version string other than \"CVS\" (#28423)
* Fri Aug 01 2003 okirAATTsuse.de- Updated to most recent upstream snapshot
* Thu Jun 12 2003 kukukAATTsuse.de- Fix filelist and permissions
* Tue Jun 03 2003 roAATTsuse.de- added rest of static libs to devel filelist- remove unpackaged files from buildroot
* Wed Jan 15 2003 roAATTsuse.de- use sasl2
* Thu Dec 05 2002 okirAATTsuse.de- fixed x86_64 build problem- updated to latest upstream
* Fri Nov 29 2002 okirAATTsuse.de- updated to current CVS snapshot
* Fri Aug 09 2002 okirAATTsuse.de- added missing libs to files list
* Thu Jul 04 2002 roAATTsuse.de- added heimdal-devel to neededforbuild to make libtool happy
* Fri Jun 28 2002 schwabAATTsuse.de- Fix bootstrap script.- Use correct libtool macros.
* Mon May 27 2002 sfAATTsuse.de- AATTlibdirAATT added to Makefile.am to use correct dirs for
* /lib
*/lib64
* Tue Apr 30 2002 okirAATTsuse.de- Initial check-in
  
ICM