Menu
▾
▴
opensc-commits — commit notifications
You can subscribe to this list here.
| 2013 |
Jan
(18) |
Feb
(20) |
Mar
(15) |
Apr
(5) |
May
(7) |
Jun
(3) |
Jul
(4) |
Aug
(20) |
Sep
(10) |
Oct
(12) |
Nov
(12) |
Dec
(7) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2014 |
Jan
(12) |
Feb
(8) |
Mar
(3) |
Apr
(7) |
May
(12) |
Jun
(19) |
Jul
(1) |
Aug
(5) |
Sep
(9) |
Oct
(11) |
Nov
(13) |
Dec
(20) |
| 2015 |
Jan
(12) |
Feb
(25) |
Mar
(33) |
Apr
(37) |
May
(36) |
Jun
(2) |
Jul
(18) |
Aug
(31) |
Sep
(98) |
Oct
(50) |
Nov
(25) |
Dec
(34) |
| 2016 |
Jan
(95) |
Feb
(35) |
Mar
(78) |
Apr
(12) |
May
(11) |
Jun
(20) |
Jul
(28) |
Aug
(21) |
Sep
(30) |
Oct
(29) |
Nov
(15) |
Dec
(15) |
| 2017 |
Jan
(29) |
Feb
(17) |
Mar
(34) |
Apr
(28) |
May
(12) |
Jun
(25) |
Jul
(39) |
Aug
(14) |
Sep
(12) |
Oct
(38) |
Nov
(28) |
Dec
(6) |
| 2018 |
Jan
(15) |
Feb
(22) |
Mar
(27) |
Apr
(71) |
May
(78) |
Jun
(47) |
Jul
(24) |
Aug
(63) |
Sep
(43) |
Oct
(34) |
Nov
(27) |
Dec
(18) |
| 2019 |
Jan
(51) |
Feb
(17) |
Mar
(48) |
Apr
(46) |
May
(25) |
Jun
(9) |
Jul
(14) |
Aug
(46) |
Sep
(18) |
Oct
(25) |
Nov
(26) |
Dec
(25) |
| 2020 |
Jan
(28) |
Feb
(30) |
Mar
(20) |
Apr
(69) |
May
(40) |
Jun
(16) |
Jul
(13) |
Aug
(9) |
Sep
(17) |
Oct
(40) |
Nov
(55) |
Dec
(6) |
| 2021 |
Jan
(44) |
Feb
(13) |
Mar
(33) |
Apr
(31) |
May
(32) |
Jun
(10) |
Jul
(9) |
Aug
(27) |
Sep
(33) |
Oct
(7) |
Nov
(14) |
Dec
(17) |
| 2022 |
Jan
(25) |
Feb
(11) |
Mar
(42) |
Apr
(14) |
May
(18) |
Jun
(3) |
Jul
(10) |
Aug
(41) |
Sep
(12) |
Oct
(13) |
Nov
(18) |
Dec
(9) |
| 2023 |
Jan
(10) |
Feb
(18) |
Mar
(25) |
Apr
(27) |
May
(16) |
Jun
(26) |
Jul
(9) |
Aug
(29) |
Sep
(17) |
Oct
(24) |
Nov
(18) |
Dec
(16) |
| 2024 |
Jan
(23) |
Feb
(55) |
Mar
(40) |
Apr
(17) |
May
(15) |
Jun
(12) |
Jul
(12) |
Aug
(6) |
Sep
(15) |
Oct
(16) |
Nov
(29) |
Dec
(26) |
| 2025 |
Jan
(29) |
Feb
(37) |
Mar
(24) |
Apr
(35) |
May
(38) |
Jun
(20) |
Jul
(7) |
Aug
(13) |
Sep
(4) |
Oct
(9) |
Nov
(30) |
Dec
(7) |
| 2026 |
Jan
(41) |
Feb
(23) |
Mar
(34) |
Apr
(56) |
May
(10) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Frank M. <no...@gi...> - 2026-05-18 11:38:11
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 04d9b35619625f8460447f2e47b12c4a00478c9e https://github.com/OpenSC/OpenSC/commit/04d9b35619625f8460447f2e47b12c4a00478c9e Author: Frank Morgner <fra...@gm...> Date: 2026-05-18 (Mon, 18 May 2026) Changed paths: M src/pkcs15init/pkcs15-oberthur-awp.c Log Message: ----------- oberthur-awp: fixed possible out of bounds write on card initialization To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: vesajaaskelainen <no...@gi...> - 2026-05-18 11:37:48
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 2a31d3c0f21e590909d630d46647e8eb92f53daa https://github.com/OpenSC/OpenSC/commit/2a31d3c0f21e590909d630d46647e8eb92f53daa Author: Vesa Jääskeläinen <ves...@va...> Date: 2026-05-18 (Mon, 18 May 2026) Changed paths: M src/libopensc/pkcs15.c Log Message: ----------- pkcs15: mark AlgorithmInfo parameters CHOICE as optional The PKCS#15 v1.1 AlgorithmInfo.parameters field is an Information Object Class (IOC) field whose presence depends on whether the referenced algorithm's class object defines &Parameters. AES algorithms are not part of the PKCS#15 v1.1 AlgorithmSet; cards encode them using NIST OIDs (2.16.840.1.101.3.4.1.*) as a de-facto extension, and no &Parameters is defined for those OIDs, so the field is correctly absent from AES entries. Mark the parameters CHOICE as SC_ASN1_OPTIONAL so that cards whose EF(TokenInfo) contains only AES AlgorithmInfo entries do not fail with "Required ASN.1 object not found" during PKCS#15 binding. Add a clang-format guard around c_asn1_algorithm_info to preserve its tab-column layout, consistent with similar guards elsewhere in the tree. Signed-off-by: Vesa Jääskeläinen <ves...@va...> Commit: 0d967c303f0f0b3c11d89ccb7126b82294bee616 https://github.com/OpenSC/OpenSC/commit/0d967c303f0f0b3c11d89ccb7126b82294bee616 Author: Vesa Jääskeläinen <ves...@va...> Date: 2026-05-18 (Mon, 18 May 2026) Changed paths: M src/libopensc/asn1.c Log Message: ----------- asn1: honour SC_ASN1_OPTIONAL for CHOICE entries asn1_decode() has a fast path for SC_ASN1_CHOICE entries (which carry no tag of their own) that returns the inner decoder's error directly, without ever inspecting the entry's SC_ASN1_OPTIONAL flag. The general optional-skip logic that follows the fast path is therefore never reached for CHOICE entries. When the inner call fails it returns before writing back to *newp and *len_left, so the caller's p/left are unchanged. Swallowing the error for an optional CHOICE is therefore safe: the next field will be attempted at the same position. Signed-off-by: Vesa Jääskeläinen <ves...@va...> Commit: e794eddab10b25d014d52dfd199e6730b8685832 https://github.com/OpenSC/OpenSC/commit/e794eddab10b25d014d52dfd199e6730b8685832 Author: Vesa Jääskeläinen <ves...@va...> Date: 2026-05-18 (Mon, 18 May 2026) Changed paths: M src/tests/unittests/asn1.c Log Message: ----------- tests/unittests: add tests for optional CHOICE in asn1_decode Add five cmocka unit tests covering asn1_decode() behaviour for SC_ASN1_CHOICE entries marked SC_ASN1_OPTIONAL: - torture_asn1_decode_optional_choice_absent: optional CHOICE absent from the byte stream -> SC_SUCCESS, surrounding fields decoded - torture_asn1_decode_optional_choice_present: optional CHOICE present -> SC_SUCCESS, alternative consumed normally - torture_asn1_decode_mandatory_choice_absent: mandatory CHOICE absent -> SC_ERROR_ASN1_OBJECT_NOT_FOUND - torture_asn1_decode_optional_choice_malformed: tag matches a CHOICE alternative but content is malformed; a real storage pointer is needed so content is actually validated -> error swallowed by the optional CHOICE with position unchanged, next mandatory field fails - torture_asn1_decode_optional_choice_end_of_stream: optional CHOICE at end of stream -> SC_SUCCESS Add clang-format guards around the struct array initializers and the main() test registration block to preserve tab-column layout. Signed-off-by: Vesa Jääskeläinen <ves...@va...> Compare: https://github.com/OpenSC/OpenSC/compare/814f745b3b6d...e794eddab10b To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Frank M. <no...@gi...> - 2026-05-15 12:04:05
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 814f745b3b6d100295f65f1935edd33d520d33ab https://github.com/OpenSC/OpenSC/commit/814f745b3b6d100295f65f1935edd33d520d33ab Author: Frank Morgner <fra...@gm...> Date: 2026-05-15 (Fri, 15 May 2026) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool: prevent buffer overflow Reported by @HMF2021 hippofu999 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Jakub J. <no...@gi...> - 2026-05-11 13:41:15
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 123f11eb34cf90d027d97228b8c57bee84b7e85d https://github.com/OpenSC/OpenSC/commit/123f11eb34cf90d027d97228b8c57bee84b7e85d Author: Jakub Jelen <jj...@re...> Date: 2026-05-11 (Mon, 11 May 2026) Changed paths: M src/libopensc/card-oberthur.c Log Message: ----------- oberthur: Avoid memory leak while writing public keys Thanks oss-fuzz https://issues.oss-fuzz.com/issues/510130167 Signed-off-by: Jakub Jelen <jj...@re...> Commit: 3f3d484c4508d4265d0519fbe5a85b30c1469497 https://github.com/OpenSC/OpenSC/commit/3f3d484c4508d4265d0519fbe5a85b30c1469497 Author: Jakub Jelen <jj...@re...> Date: 2026-05-11 (Mon, 11 May 2026) Changed paths: M .github/setup-fedora.sh Log Message: ----------- ci: Fix 32b Fedora build Compare: https://github.com/OpenSC/OpenSC/compare/afbc8632eae6...3f3d484c4508 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Frank M. <no...@gi...> - 2026-05-11 09:22:47
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: afbc8632eae65bfd912293b5c7075e40ca9588f5 https://github.com/OpenSC/OpenSC/commit/afbc8632eae65bfd912293b5c7075e40ca9588f5 Author: Frank Morgner <fra...@gm...> Date: 2026-05-11 (Mon, 11 May 2026) Changed paths: M src/tools/pkcs15-tool.c Log Message: ----------- pkcs15-tool: prevent buffer overflow on RSA key parsing Attribution This vulnerability was discovered by Claude, Anthropic's AI assistant, with OSS-Fuzz fuzzing and triaged by Ada Logics manually in collaboration with Anthropic Research. reborted by @arthurscchan Arthur Chan To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Raul M. <no...@gi...> - 2026-05-06 11:48:46
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: a7586e080720f946a6bdb31d2d4641a4a9493a6f https://github.com/OpenSC/OpenSC/commit/a7586e080720f946a6bdb31d2d4641a4a9493a6f Author: Raul Metsma <ra...@me...> Date: 2026-05-06 (Wed, 06 May 2026) Changed paths: M src/tools/pkcs11-register.c M src/tools/pkcs11-register.desktop.in Log Message: ----------- Add new paths to pkcs11-register https://bugzilla.mozilla.org/show_bug.cgi?id=259356 https://issues.chromium.org/issues/40666379 https://issues.chromium.org/issues/41424903 Signed-off-by: Raul Metsma <ra...@me...> To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: dependabot[bot] <no...@gi...> - 2026-05-05 08:24:02
|
Branch: refs/heads/dependabot/vcpkg/dot-github/github.com/microsoft/vcpkg-2026.03.18 Home: https://github.com/OpenSC/OpenSC To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: dependabot[bot] <no...@gi...> - 2026-05-05 08:23:56
|
Branch: refs/heads/dependabot/vcpkg/dot-github/github.com/microsoft/vcpkg-2026.04.27 Home: https://github.com/OpenSC/OpenSC Commit: 20a7e1e4754c2e0eeb25f8295adf49312d3630d5 https://github.com/OpenSC/OpenSC/commit/20a7e1e4754c2e0eeb25f8295adf49312d3630d5 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: 2026-05-05 (Tue, 05 May 2026) Changed paths: M .github/vcpkg.json Log Message: ----------- build(deps): bump github.com/microsoft/vcpkg in /.github Bumps [github.com/microsoft/vcpkg](https://github.com/microsoft/vcpkg) from master to 2026.04.27. This release includes the previously tagged commit. - [Release notes](https://github.com/microsoft/vcpkg/releases) - [Commits](https://github.com/microsoft/vcpkg/compare/bc38a15b0bee8bc48a49ea267cc32fbb49aedfc4...56bb2411609227288b70117ead2c47585ba07713) --- updated-dependencies: - dependency-name: github.com/microsoft/vcpkg dependency-version: 2026.04.27 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <su...@gi...> To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Frank M. <no...@gi...> - 2026-05-05 06:11:33
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 680d44478b997253e5c7d342a9b980d57768e939 https://github.com/OpenSC/OpenSC/commit/680d44478b997253e5c7d342a9b980d57768e939 Author: Frank Morgner <fra...@gm...> Date: 2026-05-04 (Mon, 04 May 2026) Changed paths: M src/libopensc/card-gids.c Log Message: ----------- gids: fixed possible CWE-125 on non-null-terminated GIDS directory strings thanks to Alex Kelchin (@Medoedus) for reporting Fixes https://github.com/OpenSC/OpenSC/security/advisories/GHSA-324p-w2mr-xmrg Commit: 52ba3c81d1e7ec3c5e2416f3f1976b68bea34a11 https://github.com/OpenSC/OpenSC/commit/52ba3c81d1e7ec3c5e2416f3f1976b68bea34a11 Author: Frank Morgner <fra...@gm...> Date: 2026-05-04 (Mon, 04 May 2026) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- openpgp: fixed possible overflow thanks to Alex Kelchin (@Medoedus) for reporting fixes https://github.com/OpenSC/OpenSC/security/advisories/GHSA-4pf9-2w58-mgxm Commit: 11326df92b823095e2fdebdaadd4b5c110e4c6f3 https://github.com/OpenSC/OpenSC/commit/11326df92b823095e2fdebdaadd4b5c110e4c6f3 Author: Frank Morgner <fra...@gm...> Date: 2026-05-04 (Mon, 04 May 2026) Changed paths: M src/libopensc/reader-tr03119.c Log Message: ----------- fixed Off-by-One OOB Write in reader-tr03119.c reported by @qp-x-qp patch from Jakub Jelen (@Jakuje) fixes https://github.com/OpenSC/OpenSC/security/advisories/GHSA-g7xr-h79f-h7pq Commit: 5ebb04ded3e8a54a9544a3745b3b5bd566d1e0b2 https://github.com/OpenSC/OpenSC/commit/5ebb04ded3e8a54a9544a3745b3b5bd566d1e0b2 Author: Frank Morgner <fra...@gm...> Date: 2026-05-04 (Mon, 04 May 2026) Changed paths: M src/libopensc/card-epass2003.c M src/libopensc/iasecc-sdo.c Log Message: ----------- epass2003/iasecc: fixed possible heap over-reads thanks to Alex Kelchin (@Medoedus) for reporting patch partially from Jakub Jelen (@Jakuje) fixes https://github.com/OpenSC/OpenSC/security/advisories/GHSA-7xf3-32f8-23h9 Commit: 0254d273784b62fa48cba5e52af1ebcf8db7b7ee https://github.com/OpenSC/OpenSC/commit/0254d273784b62fa48cba5e52af1ebcf8db7b7ee Author: Frank Morgner <fra...@gm...> Date: 2026-05-04 (Mon, 04 May 2026) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- fixed possible Null-dereference READ Fixes https://issues.oss-fuzz.com/issues/501179374 Commit: 6852460211aab8a074af68d4e4e89ef1f5c554d3 https://github.com/OpenSC/OpenSC/commit/6852460211aab8a074af68d4e4e89ef1f5c554d3 Author: Frank Morgner <fra...@gm...> Date: 2026-05-04 (Mon, 04 May 2026) Changed paths: M src/libopensc/card-epass2003.c M src/libopensc/iasecc-sdo.c Log Message: ----------- fixed formatting Commit: 3106355f560263ddf5bb69d25f6f1b90e30f4adb https://github.com/OpenSC/OpenSC/commit/3106355f560263ddf5bb69d25f6f1b90e30f4adb Author: Frank Morgner <fra...@gm...> Date: 2026-05-05 (Tue, 05 May 2026) Changed paths: M src/libopensc/card-epass2003.c M src/libopensc/card-gids.c M src/libopensc/card-openpgp.c M src/libopensc/iasecc-sdo.c M src/libopensc/pkcs15-pubkey.c M src/libopensc/reader-tr03119.c Log Message: ----------- Merge pull request #3642 from frankmorgner/reports Fix minor issues reported via security issues Compare: https://github.com/OpenSC/OpenSC/compare/86c5005b2463...3106355f5602 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Frank M. <no...@gi...> - 2026-05-03 01:30:47
|
Branch: refs/heads/oobw Home: https://github.com/OpenSC/OpenSC Commit: 90834874b85e5639473c1d69a1445cc2b93a1a71 https://github.com/OpenSC/OpenSC/commit/90834874b85e5639473c1d69a1445cc2b93a1a71 Author: Frank Morgner <fra...@gm...> Date: 2026-05-03 (Sun, 03 May 2026) Changed paths: M src/pkcs15init/pkcs15-oberthur-awp.c Log Message: ----------- oberthur-awp: fixed possible out of bounds write on card initialization Commit: f6b36d0b68b5e4965b25f102b10379f31d6ef446 https://github.com/OpenSC/OpenSC/commit/f6b36d0b68b5e4965b25f102b10379f31d6ef446 Author: Frank Morgner <fra...@gm...> Date: 2026-05-03 (Sun, 03 May 2026) Changed paths: M src/pkcs15init/pkcs15-oberthur-awp.c Log Message: ----------- fixed formatting Compare: https://github.com/OpenSC/OpenSC/compare/90834874b85e%5E...f6b36d0b68b5 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Simo S. <no...@gi...> - 2026-04-30 16:04:42
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 549f2479c8137328011e99835513384904b0042d https://github.com/OpenSC/OpenSC/commit/549f2479c8137328011e99835513384904b0042d Author: Simo Sorce <si...@re...> Date: 2026-04-30 (Thu, 30 Apr 2026) Changed paths: M src/pkcs11/openssl.c Log Message: ----------- Prevent in-place modification of verify data The reverse function previously modified buffers in-place, which unintentionally altered the caller's input data during GOST R 34.10 verification. This updates the function to allocate and return a reversed copy instead. It also simplifies public key parsing by replacing manual byte reversal with OpenSSL BN_lebin2bn, making the code cleaner and preventing input data corruption. Co-authored-by: Gemini <ge...@go...> Signed-off-by: Simo Sorce <si...@re...> Commit: 86c5005b246360f8e0ab1edfac19d568a949bfa1 https://github.com/OpenSC/OpenSC/commit/86c5005b246360f8e0ab1edfac19d568a949bfa1 Author: Simo Sorce <si...@re...> Date: 2026-04-30 (Thu, 30 Apr 2026) Changed paths: M src/sm/sm-eac.c Log Message: ----------- Replace direct ASN1_STRING field access Update the terminal authentication code to use ASN1_STRING_get0_data and ASN1_STRING_length instead of directly reading the data and length fields. This ensures compatibility with modern OpenSSL versions where these structures are opaque and must be accessed via their official API to prevent compilation errors. Co-authored-by: Gemini <ge...@go...> Signed-off-by: Simo Sorce <si...@re...> Compare: https://github.com/OpenSC/OpenSC/compare/7de20377ef5a...86c5005b2463 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Małgorzata O. <no...@gi...> - 2026-04-30 14:21:11
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 4e3ba09fdd8d484ba0be0082e532205e0af364e0 https://github.com/OpenSC/libp11/commit/4e3ba09fdd8d484ba0be0082e532205e0af364e0 Author: olszomal <Mal...@st...> Date: 2026-04-30 (Thu, 30 Apr 2026) Changed paths: M src/libp11-int.h M src/p11_ec.c M src/p11_eddsa.c M src/p11_key.c M src/p11_pkey.c M src/p11_rsa.c Log Message: ----------- Simplify PKCS#11 C_Sign and C_Decrypt handling To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Małgorzata O. <no...@gi...> - 2026-04-28 11:23:40
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 42a598fad755877cc76cac2f1cf0a2d304965e15 https://github.com/OpenSC/libp11/commit/42a598fad755877cc76cac2f1cf0a2d304965e15 Author: olszomal <Mal...@st...> Date: 2026-04-28 (Tue, 28 Apr 2026) Changed paths: M .github/workflows/ci.yml M .github/workflows/ci.yml.in Log Message: ----------- CI: use macos-26 instead of macOS-latest for OpenSSL 4 job Commit: f5da9f3a38d098f2b741c8d96c3c8052f42703b7 https://github.com/OpenSC/libp11/commit/f5da9f3a38d098f2b741c8d96c3c8052f42703b7 Author: olszomal <Mal...@st...> Date: 2026-04-28 (Tue, 28 Apr 2026) Changed paths: M configure.ac M src/Makefile.am Log Message: ----------- disable ENGINE for OpenSSL 4 and make it conditional via LIBP11_BUILD_ENGINE Commit: 97c899192df657583f5d7b08a721a73343e3ca24 https://github.com/OpenSC/libp11/commit/97c899192df657583f5d7b08a721a73343e3ca24 Author: olszomal <Mal...@st...> Date: 2026-04-28 (Tue, 28 Apr 2026) Changed paths: M src/libp11.h M src/p11_pkey.c Log Message: ----------- Provide PKCS11_pkey_meths() stub for OpenSSL 4 Commit: da3bd7975ce712e6f4d52ccd462497bae98dff8e https://github.com/OpenSC/libp11/commit/da3bd7975ce712e6f4d52ccd462497bae98dff8e Author: olszomal <Mal...@st...> Date: 2026-04-28 (Tue, 28 Apr 2026) Changed paths: M tests/common.sh Log Message: ----------- tests: do not prefer using Homebrew Cellar for pkcs11-tool lookup Compare: https://github.com/OpenSC/libp11/compare/078b7ee79544...da3bd7975ce7 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: dependabot[bot] <no...@gi...> - 2026-04-27 09:28:30
|
Branch: refs/heads/dependabot/vcpkg/dot-github/github.com/microsoft/vcpkg-2026.03.18 Home: https://github.com/OpenSC/OpenSC Commit: af812902895c093c7e76a065847b72cd165f17f8 https://github.com/OpenSC/OpenSC/commit/af812902895c093c7e76a065847b72cd165f17f8 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M .github/vcpkg.json Log Message: ----------- build(deps): bump github.com/microsoft/vcpkg in /.github Bumps [github.com/microsoft/vcpkg](https://github.com/microsoft/vcpkg) from master to 2026.03.18. This release includes the previously tagged commit. - [Release notes](https://github.com/microsoft/vcpkg/releases) - [Commits](https://github.com/microsoft/vcpkg/compare/bc38a15b0bee8bc48a49ea267cc32fbb49aedfc4...c3867e714dd3a51c272826eea77267876517ed99) --- updated-dependencies: - dependency-name: github.com/microsoft/vcpkg dependency-version: 2026.03.18 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <su...@gi...> To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Frank M. <no...@gi...> - 2026-04-27 08:55:07
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 7de20377ef5a51d7f97725294a3a68f8fdeb2d6c https://github.com/OpenSC/OpenSC/commit/7de20377ef5a51d7f97725294a3a68f8fdeb2d6c Author: Frank Morgner <fra...@gm...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M configure.ac M src/pkcs11/pkcs11-global.c Log Message: ----------- pkcs11: enable C_WaitForSlotEvent for all platforms To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Jakub J. <no...@gi...> - 2026-04-27 08:12:29
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 80ea44e9fcd01785742dea8df62fecd755be14fd https://github.com/OpenSC/OpenSC/commit/80ea44e9fcd01785742dea8df62fecd755be14fd Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-authentic.c Log Message: ----------- authentic: Make coverity happy about bounds Coverity thinks about this as illegal access, when pin1->len == pin1->pad_length == sizeof(pin_buff) but this would really result only in the memset of 0-length, which should not really access that memory. But this call is technically not needed so lets skip it. CID 503305 Commit: a5f0f407497655e4468c515a7ac37066baabea32 https://github.com/OpenSC/OpenSC/commit/a5f0f407497655e4468c515a7ac37066baabea32 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/pkcs15init/pkcs15-lib.c Log Message: ----------- pkcs15init: Avoid memory leak Thanks coverity CID 503351 Commit: f47791e76d1dc26db94c2857685fea14ab26fff0 https://github.com/OpenSC/OpenSC/commit/f47791e76d1dc26db94c2857685fea14ab26fff0 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-isoApplet.c Log Message: ----------- isoapplet: Avoid possible NULL dereference by moving the NULL check before all uses of the card pointer CID 503459 Commit: fc72a397c4d669fa797eaf95046c27482ce5d130 https://github.com/OpenSC/OpenSC/commit/fc72a397c4d669fa797eaf95046c27482ce5d130 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-rutoken.c Log Message: ----------- rutoken: Remove dead code CID 503460 The file_out is already checked its not NULL before. Commit: 3715c068a6f4a4f9c82b4519cf4587332283d770 https://github.com/OpenSC/OpenSC/commit/3715c068a6f4a4f9c82b4519cf4587332283d770 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-setcos.c Log Message: ----------- setcos: Avoid negative indexing CID 503461 Commit: cf9e46bc2977f5bcd3e7e8a7c7b8ad697bcc0cfd https://github.com/OpenSC/OpenSC/commit/cf9e46bc2977f5bcd3e7e8a7c7b8ad697bcc0cfd Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-myeid.c Log Message: ----------- myeid: Avoid possible NULL pointer dereference by moving the check before using the pointer CID 503462 Commit: 3ad3d13730f6d72917c4f1d6fee9ae95fe9c2584 https://github.com/OpenSC/OpenSC/commit/3ad3d13730f6d72917c4f1d6fee9ae95fe9c2584 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-entersafe.c Log Message: ----------- entersafe: Fis possible NULL pointer dereference by moving the check before dereferencing the pointer CID 503463 Commit: b14ea2f85b8bd421357293a7387b53490850aa16 https://github.com/OpenSC/OpenSC/commit/b14ea2f85b8bd421357293a7387b53490850aa16 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-cardos.c Log Message: ----------- cardos: Avoid NULL dereference by moving the check before using the pointer CID 503464 Commit: 3a5b551fc2f76e6330a0998249b781fa1ddb3115 https://github.com/OpenSC/OpenSC/commit/3a5b551fc2f76e6330a0998249b781fa1ddb3115 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-belpic.c Log Message: ----------- belpic: Avoid NULL dereference by moving the ckeck before using the pointer CID 503465, CID 503466 Commit: 5919be38397d22dd4ee4748ee95d40bfe9c9680e https://github.com/OpenSC/OpenSC/commit/5919be38397d22dd4ee4748ee95d40bfe9c9680e Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-entersafe.c Log Message: ----------- entersafe: Avoid NULL dereference by moving the check before using the pointer CID 503467 Commit: 607aa2a1ab1827bd22b8d40f029302a4a46f58cb https://github.com/OpenSC/OpenSC/commit/607aa2a1ab1827bd22b8d40f029302a4a46f58cb Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-coolkey.c Log Message: ----------- coolkey: Avoid NULL deference by moving the check after using the pointer CID 503468 Commit: 679a9873fc426299c4cb23fc2160c99c6e6c558a https://github.com/OpenSC/OpenSC/commit/679a9873fc426299c4cb23fc2160c99c6e6c558a Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-entersafe.c Log Message: ----------- entersafe: Avoid NULL dereference by moving the check before using the pointer CID 503469 Commit: 554beb4b6d9864a35b2ddd9d6ab5854a97e26085 https://github.com/OpenSC/OpenSC/commit/554beb4b6d9864a35b2ddd9d6ab5854a97e26085 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/pkcs15init/pkcs15-rtecp.c Log Message: ----------- rtecp: Avoid memory leak on error CID 503470 Commit: a6a311a1df4d7dfb23035c99fb1f6b61db976de2 https://github.com/OpenSC/OpenSC/commit/a6a311a1df4d7dfb23035c99fb1f6b61db976de2 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-cac.c M src/libopensc/card-cac1.c Log Message: ----------- cac: Avoid NULL dereference by moving the NULL check before the pointer usage CID 503471 Commit: 7e0c63c0bad28aafae67117cb895e5249a3abb1c https://github.com/OpenSC/OpenSC/commit/7e0c63c0bad28aafae67117cb895e5249a3abb1c Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/pkcs15init/pkcs15-rtecp.c Log Message: ----------- rtecp: Remove dead code CID 503472 Commit: e7fbecbe5ec261d39fb35eaf76ef05cfde4f8061 https://github.com/OpenSC/OpenSC/commit/e7fbecbe5ec261d39fb35eaf76ef05cfde4f8061 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- openpgp: Avoid invalid integer handling Fixes-up a807d69706ee6d88f7e57f4b455e5631f331d5a1, which made the set_taglength_tlv() return negative value, which was not expected by the caller. CID 503473 Commit: 7e0a2c0f40f1f00084738077e4942deb917bea58 https://github.com/OpenSC/OpenSC/commit/7e0a2c0f40f1f00084738077e4942deb917bea58 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-entersafe.c Log Message: ----------- entersafe: Fix NULL dereference by moving the check before pointer use CID 503474 Commit: bb62549a7d8de7b51bdcf6c63e3ac70df48f62dd https://github.com/OpenSC/OpenSC/commit/bb62549a7d8de7b51bdcf6c63e3ac70df48f62dd Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-oberthur.c Log Message: ----------- oberthur: Fix NULL dereference CID 503475 Commit: cf1c82bdc0ecfc0bcc12d22e2aa69bdff8d8ef77 https://github.com/OpenSC/OpenSC/commit/cf1c82bdc0ecfc0bcc12d22e2aa69bdff8d8ef77 Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/pkcs15init/pkcs15-rtecp.c Log Message: ----------- rtecp: Remove dead code the variable was already checked for NULL before CID 503476 Commit: 5c6f4b831ab29a9d754d7f8a65d4dc2d4d4d742c https://github.com/OpenSC/OpenSC/commit/5c6f4b831ab29a9d754d7f8a65d4dc2d4d4d742c Author: Jakub Jelen <jj...@re...> Date: 2026-04-27 (Mon, 27 Apr 2026) Changed paths: M src/libopensc/card-piv.c Log Message: ----------- piv: Fix Off-by-one comparison Introduced in previous commit rewriting asserts (a807d69706ee6d88f7e57f4b455e5631f331d5a1) CID 503477 Compare: https://github.com/OpenSC/OpenSC/compare/6a8b1b65714e...5c6f4b831ab2 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: dependabot[bot] <no...@gi...> - 2026-04-24 18:23:31
|
Branch: refs/heads/dependabot/github_actions/vapier/coverity-scan-action-1 Home: https://github.com/OpenSC/OpenSC To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: dependabot[bot] <no...@gi...> - 2026-04-24 18:23:27
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 6a8b1b65714ecb99c6ecc35e95aec4fc27002776 https://github.com/OpenSC/OpenSC/commit/6a8b1b65714ecb99c6ecc35e95aec4fc27002776 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: 2026-04-24 (Fri, 24 Apr 2026) Changed paths: M .github/workflows/coverity.yml Log Message: ----------- build(deps): bump vapier/coverity-scan-action from 0 to 1 Bumps [vapier/coverity-scan-action](https://github.com/vapier/coverity-scan-action) from 0 to 1. - [Release notes](https://github.com/vapier/coverity-scan-action/releases) - [Commits](https://github.com/vapier/coverity-scan-action/compare/v0...v1) --- updated-dependencies: - dependency-name: vapier/coverity-scan-action dependency-version: '1' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <su...@gi...> To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Frank M. <no...@gi...> - 2026-04-24 15:50:14
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: a807d69706ee6d88f7e57f4b455e5631f331d5a1 https://github.com/OpenSC/OpenSC/commit/a807d69706ee6d88f7e57f4b455e5631f331d5a1 Author: Frank Morgner <fra...@gm...> Date: 2026-04-24 (Fri, 24 Apr 2026) Changed paths: M src/libopensc/asn1.c M src/libopensc/card-atrust-acos.c M src/libopensc/card-belpic.c M src/libopensc/card-cac.c M src/libopensc/card-cac1.c M src/libopensc/card-cardos.c M src/libopensc/card-coolkey.c M src/libopensc/card-entersafe.c M src/libopensc/card-gids.c M src/libopensc/card-isoApplet.c M src/libopensc/card-itacns.c M src/libopensc/card-masktech.c M src/libopensc/card-mcrd.c M src/libopensc/card-muscle.c M src/libopensc/card-myeid.c M src/libopensc/card-oberthur.c M src/libopensc/card-openpgp.c M src/libopensc/card-piv.c M src/libopensc/card-rutoken.c M src/libopensc/card-sc-hsm.c M src/libopensc/card-setcos.c M src/libopensc/card-skeid.c M src/libopensc/card-tcos.c M src/libopensc/iso7816.c M src/libopensc/muscle-filesystem.c M src/libopensc/pkcs15-cache.c M src/libopensc/pkcs15-gemsafeV1.c M src/libopensc/pkcs15-pubkey.c M src/libopensc/pkcs15-sc-hsm.c M src/libopensc/pkcs15-syn.c M src/pkcs15init/pkcs15-lib.c M src/pkcs15init/pkcs15-rtecp.c M src/pkcs15init/pkcs15-rutoken.c M src/pkcs15init/profile.c M src/sm/sm-common.c M src/tests/print.c M src/tools/pkcs15-init.c M src/tools/pkcs15-tool.c Log Message: ----------- replaced assert() with error handling (#3659) Co-authored-by: Jakub Jelen <ja...@gm...> To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Doug E. <no...@gi...> - 2026-04-23 14:51:38
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 24d4bf95f3323eaa210a1f5fedc652303d392f90 https://github.com/OpenSC/OpenSC/commit/24d4bf95f3323eaa210a1f5fedc652303d392f90 Author: Doug Engert <dee...@gm...> Date: 2026-04-23 (Thu, 23 Apr 2026) Changed paths: M .github/workflows/linux-strict.yml Log Message: ----------- linux-strict.yml - test with --enable-piv-sm As suggested in https://github.com/OpenSC/OpenSC/pull/3661#issuecomment-4276558016 On branch Wshorten-64-to-32 Changes to be committed: modified: .github/workflows/linux-strict.yml Commit: b41e08aa84e8e6b46f69d5c561054fb216b30c59 https://github.com/OpenSC/OpenSC/commit/b41e08aa84e8e6b46f69d5c561054fb216b30c59 Author: Doug Engert <dee...@gm...> Date: 2026-04-23 (Thu, 23 Apr 2026) Changed paths: M src/libopensc/card-piv.c Log Message: ----------- card-piv.c - fix -Wshorten-64-to-32 errors Add typecasts and reformat the multiline if statement to meet clang code style. The changes are only compiled when using --enable-piv-sm Please enter the commit message for your changes. Lines starting Changes to be committed: modified: src/libopensc/card-piv.c Commit: 5fb109f9216d7d6f2ef22a05cc47ea3598937c59 https://github.com/OpenSC/OpenSC/commit/5fb109f9216d7d6f2ef22a05cc47ea3598937c59 Author: Doug Engert <dee...@gm...> Date: 2026-04-23 (Thu, 23 Apr 2026) Changed paths: M src/tests/fuzzing/fuzz_pkcs11.c Log Message: ----------- fuzz_pkcs11.c - fix -Wshorten-64-to-32 errors Changes to be committed: modified: src/tests/fuzzing/fuzz_pkcs11.c Commit: 4407f3afded2c3e9adda6a116c1f4969459fc80c https://github.com/OpenSC/OpenSC/commit/4407f3afded2c3e9adda6a116c1f4969459fc80c Author: Doug Engert <dee...@gm...> Date: 2026-04-23 (Thu, 23 Apr 2026) Changed paths: M .github/workflows/linux-strict.yml M src/libopensc/card-piv.c M src/tests/fuzzing/fuzz_pkcs11.c Log Message: ----------- Merge pull request #3661 from dengert/Wshorten-64-to-32 card-piv.c, fuzz_pkcs11.c fix -Wshorten-64-to-32 errors Compare: https://github.com/OpenSC/OpenSC/compare/a06089461094...4407f3afded2 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Małgorzata O. <no...@gi...> - 2026-04-23 10:36:21
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 078b7ee79544eea2c3f6a5aeb84150a278827115 https://github.com/OpenSC/libp11/commit/078b7ee79544eea2c3f6a5aeb84150a278827115 Author: olszomal <Mal...@st...> Date: 2026-04-23 (Thu, 23 Apr 2026) Changed paths: M .github/workflows/ci.yml M .github/workflows/ci.yml.in Log Message: ----------- CI: add OpenSSL 4 support (cached build on Ubuntu and Homebrew on macOS) To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Shawn C <no...@gi...> - 2026-04-23 07:59:50
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: a060894610945a4c297b04122b94c51fb224bcc3 https://github.com/OpenSC/OpenSC/commit/a060894610945a4c297b04122b94c51fb224bcc3 Author: Shawn C <ci...@ha...> Date: 2026-04-23 (Thu, 23 Apr 2026) Changed paths: M src/pkcs11/mechanism.c Log Message: ----------- Add a NULL check at the entry of `sc_pkcs11_find_mechanism`. This ensures that callers who pass `slot->p11card` (which may be NULL if no card is present in the slot) do not trigger a crash. Signed-off-by: Shawn C <ci...@ha...> To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: dependabot[bot] <no...@gi...> - 2026-04-23 07:53:17
|
Branch: refs/heads/dependabot/github_actions/actions/download-artifact-8 Home: https://github.com/OpenSC/OpenSC To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: dependabot[bot] <no...@gi...> - 2026-04-23 07:53:06
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 6c101a4cb4ade7be74a618b47bb2b5d7558e60f1 https://github.com/OpenSC/OpenSC/commit/6c101a4cb4ade7be74a618b47bb2b5d7558e60f1 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: 2026-04-23 (Thu, 23 Apr 2026) Changed paths: M .github/workflows/linux.yml M .github/workflows/macos.yml Log Message: ----------- build(deps): bump actions/download-artifact from 7 to 8 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7 to 8. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v7...v8) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <su...@gi...> To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Frank M. <no...@gi...> - 2026-04-22 15:27:38
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 09c15aaddfb3d0a0bcd92a325325372e5bdd4ea7 https://github.com/OpenSC/OpenSC/commit/09c15aaddfb3d0a0bcd92a325325372e5bdd4ea7 Author: Frank Morgner <fra...@gm...> Date: 2026-04-22 (Wed, 22 Apr 2026) Changed paths: R .appveyor.yml M README.md Log Message: ----------- CI: removed AppVeyor provider AppVeyor is flaky and slower than GH actions, unfortunately. All functionality is now also available via the Windows CI run in GH actions. To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
