| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libu2f-host0 | Distribution: SUSE Linux Enterprise 15 |
| Version: 1.1.10 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 3.9.1 | Build date: Mon May 17 09:52:06 2021 |
| Group: Productivity/Networking/Security | Build host: nebbiolo |
| Size: 68000 | Source RPM: libu2f-host-1.1.10-3.9.1.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://developers.yubico.com/ | |
| Summary: Library for Universal 2nd Factor (U2F) | |
Libu2f-host provide a C library that implements the host-side of the U2F protocol. There are APIs to talk to a U2F device and perform the U2F Register and U2F Authenticate operations.
LGPL-2.1-or-later
* Wed May 05 2021 paolo.perego@suse.com
- Fix some compilation warnings about signedness in b64 routines
- Fix some compilation warnings about unused variables
- Using %autosetup macro
* Fri Aug 21 2020 malte.kraus@suse.com
- Add support for json-c 0.14.0 (json-c-update.patch)
* Tue May 28 2019 kbabioch@suse.de
- Added libu2f-host-CVE-2019-9578.patch: Fixed fix filling out of initresp
(CVE-2019-9578 bsc#1128140)
* Tue May 28 2019 kbabioch@suse.de
- Version 1.1.10 (released 2019-05-15)
- Add new devices to udev rules.
- Fix a potentially uninitialized buffer (CVE-2019-9578, bsc#1128140)
* Wed Mar 06 2019 kbabioch@suse.de
- Version 1.1.9 (released 2019-03-06)
- Fix CID copying from the init response, which broke compatibility with some
devices.
* Tue Mar 05 2019 kbabioch@suse.de
- Version 1.1.8 (released 2019-03-05)
- Add udev rules
- Drop 70-old-u2f.rules and use 70-u2f.rules for everything
- Use a random nonce for setting up CID to prevent fingerprinting
- CVE-2019-9578: Parse the response to init in a more stable way to prevent
leakage of uninitialized stack memory back to the device (bnc#1128140).
- removed libu2f-host-CVE-2019-9578.patch (upstream)
* Fri Feb 08 2019 kbabioch@suse.de
- Added libu2f-host-CVE-2018-20340.patch: Fixed an unchecked buffer, which
could allow a buffer overflow with a custom made malicious USB device
(bsc#1124781 CVE-2018-20340).
* Fri Feb 08 2019 kbabioch@suse.de
- Version 1.1.7 (released 2019-01-08)
- Fix for trusting length from deivce in device init.
- Fix for buffer overflow when receiving data from device. (YSA-2019-01,
CVE-2018-20340, bsc#1124781)
- Add udev rules for some new devices.
- removed libu2f-host-CVE-2018-20340.patch (upstream)
- Using %license macro
- Applied spec-cleaner
* Tue May 15 2018 kbabioch@suse.com
- Version 1.1.6 (released 2018-05-15)
- Change waiting logic on authenticate to allow for faster feedback.
- Version 1.1.5 (released 2018-03-07)
- Fix refcount when adding json_objects.
- Handle fido2 keepalive.
- Add udev rules for more devices.
* Wed Sep 13 2017 kkaempf@suse.com
- Version 1.1.4 (released 2017-09-01)
- Added more u2f devices to the udev rulesets.
- Increase buffer size, allowing for bigger certificates.
- Add u2f.conf.sample for FreeBSD permission handling.
* Wed Oct 12 2016 t.gruner@katodev.de
- Version 1.1.3 (released 2016-10-04)
- Added more u2f devices to the udev rulesets.
- Fixup mac builds.
- Version 1.1.2 (released 2016-06-22)
- Make authenticate return U2FH_OK if touch is set to not needed. Also minor fixes to error output of authenticate.
- Documentation fixes.
- Compilation fixes on visual studio.
- Add udev rules for Feitian devices.
- Add optional cmake build.
- Change license of the commandline tool to LGPL 2.1+
- remove udev.patch
* Thu May 19 2016 t.gruner@katodev.de
- Add buildrequirement for libudev to select the rule for udev.
- Add udev directories in %files
- Add udev rule for Feitian ePass FIDO (udev.patch)
- Change License for the library
* Wed Mar 23 2016 jengelh@inai.de
- Avoid undesired blank lines at start of descriptions.
Expand description. Trim filelist.
* Mon Mar 21 2016 t.gruner@katodev.de
- Version 1.1.1 (released 2016-03-14)
- Use correct index in u2fh_devs_discover()
- Fix an issue where we left the authenticate loop early.
- Fix an issue where authenticate remembered which devices to skip.
- Stop validating the scheme of the origin.
- Fixup a crash in u2fh_devs_discover() with closing unplugged devices.
- Documentation fixes.
* Thu Feb 18 2016 t.gruner@katodev.de
- Version 1.1.0 (released 2016-02-15)
- Add udev rules for more devices.
- Don’t return success when no data is received.
- Fix typos.
- Make send_apdu send data like chrome does.
- Don’t release json object that we don’t own no more.
- Don’t do memcmp on uninitialized memory.
- Add u2fh_authenticate2() and u2fh_register2().
- Remove base64 padding (required by spec).
- Use unsigned ints to prevent buffer overflows.
* Tue Oct 06 2015 t.gruner@katodev.de
- Remove fix in u2f-host/u2f-host.h
- Cleanup .spec file
* Fri Sep 04 2015 t.gruner@katodev.de
- Fix path in u2f-host/u2f-host.h
* Tue Sep 01 2015 t.gruner@katodev.de
- Version 1.0.0 (released 2015-08-27)
- Add udev rules for older version of udev.
- Add pam:// as an allowed protocol.
- Stop using sleep(), use Sleep() on windows and usleep() on others.
- Fixup tool name in help and manpage.
- Add a timeout to the register and authenticate actions.
* Fri Jan 23 2015 t.gruner@katodev.de
- Version 0.0.4 (released 2015-01-22)
- Add an exponential growing timeout for slow devices (PlugUp).
* Thu Jan 08 2015 t.gruner@katodev.de
- Version 0.0.3 (released 2015-01-08)
- Change license to LGPLv2+ for the library.
- Some improvements to internal communication code.
- Some debug mode improvements, from Bram Vandoren.
* Tue Dec 09 2014 t.gruner@katodev.de
- Version 0.0.2 (released 2014-11-28)
- Add more devices to udev.
* Tue Oct 28 2014 t.gruner@katodev.de
- Version 0.0 (released 2014-09-16)
- Initial release.
/usr/lib64/libu2f-host.so.0 /usr/lib64/libu2f-host.so.0.1.10
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 17:57:49 2024