Compare commits

...

No commits in common. "c8-stream-2.3" and "c9-beta" have entirely different histories.

2 changed files with 103 additions and 9 deletions

View File

@ -0,0 +1,53 @@
From b339a18aa06c78d64ac33d891d400eac7b86fff3 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Mon, 17 May 2021 13:30:24 +0200
Subject: [PATCH] Define OPENSSL_API_COMPAT to 0x10101000L
---
src/jwe.c | 2 ++
src/jwk.c | 2 ++
src/jws.c | 2 ++
3 files changed, 6 insertions(+)
diff --git a/src/jwe.c b/src/jwe.c
index 822d408..d6f3149 100644
--- a/src/jwe.c
+++ b/src/jwe.c
@@ -5,6 +5,8 @@
* Copyright (c) 2014-2016 Cisco Systems, Inc. All Rights Reserved.
*/
+#define OPENSSL_API_COMPAT 0x10101000L
+
#include <cjose/base64.h>
#include <cjose/header.h>
#include <cjose/jwe.h>
diff --git a/src/jwk.c b/src/jwk.c
index 860f0e7..87408e9 100644
--- a/src/jwk.c
+++ b/src/jwk.c
@@ -5,6 +5,8 @@
* Copyright (c) 2014-2016 Cisco Systems, Inc. All Rights Reserved.
*/
+#define OPENSSL_API_COMPAT 0x10101000L
+
#include "include/jwk_int.h"
#include "include/util_int.h"
diff --git a/src/jws.c b/src/jws.c
index 4e03554..9d682a0 100644
--- a/src/jws.c
+++ b/src/jws.c
@@ -5,6 +5,8 @@
* Copyright (c) 2014-2016 Cisco Systems, Inc. All Rights Reserved.
*/
+#define OPENSSL_API_COMPAT 0x10101000L
+
#include <cjose/base64.h>
#include <cjose/header.h>
#include <cjose/jws.h>
--
2.31.1

View File

@ -1,6 +1,6 @@
Name: cjose
Version: 0.6.1
Release: 4%{?dist}
Release: 16%{?dist}
Summary: C library implementing the Javascript Object Signing and Encryption (JOSE)
License: MIT
@ -8,14 +8,16 @@ URL: https://github.com/cisco/cjose
Source0: https://github.com/cisco/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
Patch1: concatkdf.patch
Patch2: 0002-check-cjose_get_alloc.patch
Patch3: 0003-CVE-2023-37464.patch
Patch2: 0001-Define-OPENSSL_API_COMPAT-to-0x10101000L.patch
Patch3: 0002-check-cjose_get_alloc.patch
Patch4: 0003-CVE-2023-37464.patch
BuildRequires: gcc
BuildRequires: doxygen
BuildRequires: openssl-devel
BuildRequires: jansson-devel
BuildRequires: check-devel
BuildRequires: make
%description
Implementation of JOSE for C/C++
@ -44,9 +46,7 @@ find %{buildroot} -name '*.a' -exec rm -f {} ';'
find %{buildroot} -name '*.la' -exec rm -f {} ';'
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%ldconfig_scriptlets
%check
@ -66,14 +66,55 @@ make check || (cat test/test-suite.log; exit 1)
%changelog
* Wed Jul 19 2023 <thalman@redhat.com> - 0.6.1-4
* Wed Jul 19 2023 <thalman@redhat.com> - 0.6.1-16
- CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual
Authentication Tag provided in the JWE
Resolves: rhbz#2223308
* Fri Mar 17 2023 <thalman@redhat.com> - 0.6.1-3
* Wed May 3 2023 <spoore@redhat.com> - 0.6.1-15
- Rebuilt for gating
Related: rhbz#2180445
* Tue May 2 2023 <thalman@redhat.com> - 0.6.1-14
- Rebuilt for gating
Related: rhbz#2180445
* Tue Mar 21 2023 <thalman@redhat.com> - 0.6.1-13
- Random memory override
Resolves: rhbz#2072469
Resolves: rhbz#2180445
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.1-12
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Wed Jul 28 2021 Florian Weimer <fweimer@redhat.com> - 0.6.1-11
- Rebuild to pick up OpenSSL 3.0 Beta ABI (#1984097)
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.1-10
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Mon May 17 2021 Jakub Hrozek <jhrozek@redhat.com> - 0.6.1-9
- enable build with openssl 3.0
- Resolves: rhbz#1958026
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.1-8
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Aug 2 2018 <jdennis@redhat.com> - 0.6.1-2
- fix concatkdf big endian architecture problem.