SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for p11-kit-server-0.24.1-1.1.x86_64.rpm :

* Mon Aug 08 2022 Dirk Müller - skip testsuite on qemu arches, it fails
* Wed Mar 09 2022 Ludwig Nussel - make sure p11-kit components have matching versions (boo#1196812)
* Tue Jan 25 2022 Bjørn Lie - Update to version 0.24.1:
* rpc: Support protocol version negotiation.
* proxy: Support copying attribute array recursively.
* Link libp11-kit so that it cannot unload.
* Translation improvements.
* Build fixes.
* Fri Dec 17 2021 Bjørn Lie - Update to version 0.24.0:
* Use inclusive language on certificate distrust. Note: This changes the directory and attribute names to distrust certain CAs to \"blocklist\".
* Fix issues spotted by coverity and ASan.
* Integrate gettext with tools more tightly.
* rpc: Forbid use of array of attributes.
* Build fixes.- Change dirs from blacklist to blocklist ref upstream changes.
* Mon Dec 13 2021 Ludwig Nussel - Enable systemd support
* Sun Jan 17 2021 Dirk Müller - update to 0.23.22 (bsc#1180064, bsc#1180065, bsc#1180066, jsc#SLE-18495):
* Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook
* anchor: Prefer persistent format when storing anchor [PR#329]
* common: Fix infloop in p11_path_build [PR#326, PR#327]
* proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [PR#325]
* common: Check for a NULL locale before freeing it [PR#321]
* proxy: Do not assign duplicate slot IDs [PR#282]
* common: Get program name based on executable path if possible [PR#307]
* anchor: Exit with non-zero code, if any error occurs [PR#304]
* Build and test fixes
* Mon Oct 05 2020 Ludwig Nussel - avoid bareword to fix build failure
* Wed Apr 15 2020 Martin Pluskal - Update to version 0.23.20:
* Revert \"Fix RPC when length-s are 0\" changes [PR#276]- Changes for version 0.23.19:
* common: add Russian PKCS#11 extensions to pkcs11x.h header [PR#255]
* Add simple bash completion for provided commands [PR#258]
* Unbreak list matching in enable-in and disable-in [PR#262]
* Fix RPC when length-s are 0 [PR#259]
* rpc: Add vsock transport support [PR#270]
* trust: Support CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER [PR#265]
* Build fixes [PR#271, PR#272, PR#273, ...]- Changes for version 0.23.18:
* rpc: Allow empty CK_DATE value [PR#253]
* build: Meson fixes [PR#245]
* build: Adjust feature parity between meson and autotools [PR#247]- Changes for version 0.23.17:
* common: Fix uClibc-ng compilation [PR#237]
* trust: do not allow daylight to invalidate date validation [PR#236]
* build: Port to meson build system [PR#231, PR#234]
* rpc: On UNIX wait on condition variable instead of FD if header is for a different thread [PR#232]
* doc: Add \'server\' command in help [PR#229]
* Build and test fixes [PR#230]- Changes for version 0.23.16:
* proxy: Support C_WaitForSlotEvent() if CKF_DONT_BLOCK is specified [PR#225]
* conf: Ignore user configuration if the program is running as root [PR#226]
* proxy: Refresh slot list on every C_GetSlotList call [PR#224]
* modules: Fix index used in call to p11_dict_remove() [PR#219]
* Fix Win32 p11_dl_error crash [PR#218]
* modules: check gl.modules before iterates on it when freeing [PR#217]
* trust: Ignore unreadable content in anchors [PR#215]
* extract-jks: Prefer _p11_extract_jks_timestamp to SOURCE_DATE_EPOCH [PR#213]- Changes for version 0.23.15:
* trust: Improve error handling if backed trust file is corrupted [PR#206]
* url: Prefer upper-case letters in hex characters when encoding [PR#193]
* trust/extract-jks.c: also honor SOURCE_DATE_EPOCH time [PR#202]
* virtual: Prefer fixed closures to libffi closures [PR#196]
* Fix issues spotted by coverity and cppcheck [PR#194, PR#204]
* Build and test fixes [PR#164, PR#191, PR#199, PR#201]- Changes for version 0.23.14:
* proxy: Avoid invalid memory access when unloading proxy module [PR#180]
* Update pkcs11 header to allow SoftHSMv2 to compile [PR#181]
* build: Restore libpthread dependency [PR#183]
* Build fixes [PR#188]- Changes for version 0.23.13:
* server: Enable socket activation through systemd [PR#173]
* rpc-server: p11_kit_remote_serve_tokens: Allow exporting all modules [PR#174]
* proxy: Fail early if there is no slot mapping [PR#175]
* Remove hard dependency on libpthread [PR#177]
* Build fixes [PR#170, PR#176]- Remove obsolete patches:
* 0001-Support-loading-new-NSS-attribute-CKA_NSS_MOZILLA_CA.patch
* 0001-Fix-a-typo-in-x-cetrificate-value-see-also-https-bug.patch
* Mon Dec 23 2019 Ludwig Nussel - Also build documentation (boo#1013125)
* Fri Nov 15 2019 Ludwig Nussel - support loading NSS attribute CKA_NSS_MOZILLA_CA_POLICY so Firefox detects built in certificates (boo#1154871, 0001-Fix-a-typo-in-x-cetrificate-value-see-also-https-bug.patch, 0001-Support-loading-new-NSS-attribute-CKA_NSS_MOZILLA_CA.patch)
* Fri May 10 2019 Dominique Leuenberger - Move RPM macros to %_rpmmacrodir.
* Fri Jun 15 2018 fezhangAATTsuse.com- New version 0.23.12
* Fix compile error when PKCS#11 GNU calling convention enabled- Changelog from version 0.23.11
* trust: Add extractor for edk2/cacerts.bin
* modules: Add option to control module visibility from proxy
* trust: Prevent trust module being loaded by proxy module
* library: Use dedicated locale object for printing error
* Treat CKR_CRYPTOKI_ALREADY_INITIALIZED correctly
* Improve const correctness for P11KitUri
* PKCS#11 URI scheme comparison is now case insensitive- Drop p11-kit-biarch.patch: Obsolete since 0.23.10
* Tue Mar 27 2018 lnusselAATTsuse.de- New version 0.23.10
* New p11-kit server command
* The trust policy module now recognizes CKA_NSS_MOZILLA_CA_POLICY attribute
* New trust dump command
* New envvar P11_KIT_NO_USER_CONFIG to stop looking at user configurations
* trust: Respect anyExtendedKeyUsage in CA certificates
* Support x-init-reserved argument of C_Initialize() in remote modules
* install private executables in libexecdir, obsoletes p11-kit-biarch.patch- new server subpackage- change keyring to new maintainer Daiki Ueno- Changes for version 0.23.9
* Fix p11-kit server regressions [PR#103, PR#104]
* trust: Respect anyExtendedKeyUsage in CA certificates [PR#99]
* Build fixes related to reallocarray [PR#96, PR#98, PR#100]- Changes for version 0.23.8
* Improve vendor query attributes handling in PKCS#11 URI [PR#92]
* Add OTP and GOST mechanisms to pkcs11.h [PR#90, PR#91]
* New envvar P11_KIT_NO_USER_CONFIG to stop looking at user configurations [PR#87]
* Build fixes for Solaris and 32-bit big-endian platforms [PR#81, PR#86]- Changes for version 0.23.7
* Fix memory issues with \"p11-kit server\" [PR#78]
* Build fixes [PR#77 ...]- Changes for version 0.23.6
* Port \"p11-kit server\" to Windows and portability fixes of the RPC protocol [PR#67, PR#72, PR#74]
* Recover the old behavior of \"trust anchor --remove\" [PR#70, PR#71]
* Build fixes [PR#63 ...]- Changes for version 0.23.5
* Fix license notice of common/unix-peer.c [PR#58]
* Remove systemd unit files for now [PR#60]
* Build fixes for FreeBSD [PR#56]- Changes for version 0.23.4
* Recognize query attributes defined in PKCS#11 URI (RFC7512) [PR#31, PR#37, PR#52]
* The trust policy module now recognizes CKA_NSS_MOZILLA_CA_POLICY attribute, used by Firefox [#99453, PR#46]
* Add \'trust dump\' command to dump all PKCS#11 objects in the persistence format [PR#44]
* New experimental \'p11-kit server\' command that allows PKCS#11 forwarding through a Unix domain socket. A client-side module p11-kit-client.so is also provided [PR#15]
* Add systemd unit files for exporting the proxy module through a Unix domain socket [PR#35]
* New P11KitIter API to iterate over slots, tokens, and modules in addition to objects [PR#28]
* libffi dependency is now optional [PR#9]
* Build fixes for FreeBSD, macOS, and Windows [PR#32, PR#39, PR#45]- Changes for version 0.23.3
* Install private executables in libexecdir [fdo#98817]
* Fix link error of proxy module on macOS [fdo#98022]
* Use new PKCS#11 URI specification for URIs [fdo#97245]
* Support x-init-reserved argument of C_Initialize() in remote modules [fdo#80519]
* Incorporate changes from PKCS#11 2.40 specification
* Bump libtool library version
* Documentation fixes
* Build fixes [fdo#87192 ...]
* Tue Mar 20 2018 kukukAATTsuse.de- Use %license instead of %doc [bsc#1082318]
  
ICM