| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: oath-toolkit | Distribution: openSUSE Tumbleweed |
| Version: 2.6.11.12 | Vendor: openSUSE |
| Release: 2.1 | Build date: Wed Oct 16 16:24:27 2024 |
| Group: Productivity/Networking/Security | Build host: reproducible |
| Size: 280909 | Source RPM: oath-toolkit-2.6.11.12-2.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://www.nongnu.org/oath-toolkit/ | |
| Summary: Toolkit for one-time password authentication systems | |
The OATH Toolkit makes it possible to build one-time password authentication systems. It contains shared libraries, command line tools and a PAM module. Supported technologies include the event-based HOTP algorithm (RFC4226) and the time-based TOTP algorithm (RFC6238). OATH stands for Open AuTHentication, which is the organization that specify the algorithms. For managing secret key files, the Portable Symmetric Key Container (PSKC) format described in RFC6030 is supported.
GPL-3.0-or-later AND LGPL-2.1-or-later
* Wed Oct 16 2024 Jan Zerebecki <jan.suse@zerebecki.de>
- Update 0001-usersfile-fix-potential-security-issues-in-PAM-modul.patch
with bsc#1231699 improvements for security fix CVE-2024-47191
* Fri Sep 13 2024 Jan Zerebecki <jan.suse@zerebecki.de>
- Fix security issue CVE-2024-47191 by adding
0001-usersfile-fix-potential-security-issues-in-PAM-modul.patch .
- Add patch to implement new null_usersfile_okay argument
42-null_usersfile_okay.patch .
- Makes this version 2.6.11.12 to be able to depend on it.
* Wed Apr 03 2024 pgajdos@suse.com
- version update to 2.6.11
* liboath: Handle invalid base32 encoded secrets. Fixes: #41.
* Various build fixes including updated gnulib files.
* Improve compatibility with recent libxmlsec.
* Sun Jul 09 2023 Martin Hauke <mardnh@gmx.de>
- Update to version 2.6.8
* libpskc: Fixes for recent libxmlsec releases.
* pam_oath: Provide fallback pam_modutil_getpwnam implementation.
* pam_oath: Don't fail authentication when pam_modutil_getpwnam
doesn't ** know the user when usersfile don't include ${USER}
or ${HOME}.
* pam_oath: Self-test improvements.
* Tue Aug 02 2022 Torsten Gruner <simmphonie@opensuse.org>
- Use %_pam_moduledir instead of hardcoding %{_lib}/security
- Define macro _pam_moduledir if not set to fix builds for Leap and SLE
* Thu Apr 21 2022 Marcus Meissner <meissner@suse.com>
- url -> https
* Sun May 02 2021 Martin Hauke <mardnh@gmx.de>
- Update to version 2.6.7
* pam_oath: Support variables in usersfile string parameter.
These changes introduce the ${USER} and ${HOME} placeholder
values for the usersfile string in the pam_oath configuration
file. The placeholder values allow the user credentials file
to be stored in a file path that is relative to the user, and
mimics similar behavior found in google-authenticator-libpam.
The motivation for these changes is to allow for
non-privileged processes to use pam_oath (e.g., for 2FA with
xscreensaver). Non-privileged and non-suid programs are
unable to use pam_oath. These changes are a proposed
alternative to a suid helper binary as well.
* doc: Fix project URL in man pages.
* build: Drop use of libxml's AM_PATH_XML2 in favor of pkg-config.
* build: Modernize autotools usage.
Most importantly, no longer use -Werror with AM_INIT_AUTOMAKE
to make rebuilding from source more safe with future automake
versions.
* Updated gnulib files.
* Wed Jan 20 2021 Martin Hauke <mardnh@gmx.de>
- Update to version 2.6.6
* oathtool: Support for reading KEY and OTP from standard input
or filename. KEY and OTP may now be given as '-' to mean
stdin, or @FILE to read from a particular file. This is
recommended on multi-user systems, since secrets as command
line parameters leak.
* pam_oath: Fix unlikely logic fail on out of memory conditions.
* Tue Dec 29 2020 Martin Hauke <mardnh@gmx.de>
- Update to version 2.6.5
* oathtool: Support for reading KEY and OTP from standard input
or filename.
KEY and OTP may now be given as '-' to mean stdin, or @FILE to
read from a particular file. This is recommended on multi-user
systems, since secrets as command line parameters leak.
* pam_oath: Fix unlikely logic fail on out of memory conditions.
* Doc fixes.
- Update to version 2.6.4
* libpskc: New --with-xmlsec-crypto-engine to hard-code crypto
engine. Use it like --with-xmlsec-crypto-engine=gnutls or
- -with-xmlsec-crypto-engine=openssl if the default dynamic
loading fails because of runtime linker search path issues.
* oathtool --totp --verbose now prints TOTP hash mode.
* oathtool: Hash names (e.g., SHA256) for --totp are now upper
case. Lower/mixed case hash names are supported for
compatibility.
* pam_oath: Fail gracefully for missing users.
This allows you to incrementally add support for OATH
authentication instead of forcing it on all users.
* Fix libpskc memory corruption bug.
* Fix man pages.
* Build fixes.
- Update to version 2.6.3
* pam_oath: Fix self-tests.
- Drop not longer needed patches:
* 0001-Fix-no-return-in-nonvoid-function-errors-reported-by.patch
* 0003-pam_oath-assign-safe-default-to-alwaysok-config-memb.patch
* 0002-update_gnulibs_files.patch
* gnulib-libio.patch
- Use source verification
- Use proper source URLs
* Mon Aug 06 2018 schwab@suse.de
- gnulib-libio.patch: Update gnulib for libio.h removal
/usr/bin/oathtool /usr/bin/pskctool /usr/share/doc/packages/oath-toolkit /usr/share/doc/packages/oath-toolkit/ChangeLog /usr/share/doc/packages/oath-toolkit/NEWS /usr/share/doc/packages/oath-toolkit/README /usr/share/licenses/oath-toolkit /usr/share/licenses/oath-toolkit/COPYING /usr/share/licenses/oath-toolkit/COPYING.summary /usr/share/man/man1/oathtool.1.gz /usr/share/man/man1/pskctool.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Nov 16 01:36:29 2024