update to libksba-1.6.3 (#2155172)

The fix in 1.6.2 for CVE-2022-3515 was found to be incomplete¹. This release fixes a related bug in the code to parse CRL signatures. Use a glob to match all gnupg tarballs rather than having fedpkg add each one to .gitignore. Also ignore rpm's, extracted source dirs, and the mock build results directory. ¹ https://gnupg.org/blog/20221017-pepe-left-the-ksba.html#sec-2-2
2022-12-20 20:48:14 -05:00 · 2022-12-20 20:48:14 -05:00 · 0ade2b2bc6
commit 0ade2b2bc6
parent 5746749442
3 changed files with 10 additions and 31 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,28 +1,4 @@
-libksba-1.0.8.tar.bz2
-libksba-1.0.8.tar.bz2.sig
-/libksba-1.2.0.tar.bz2
-/libksba-1.2.0.tar.bz2.sig
-/libksba-1.3.0.tar.bz2
-/libksba-1.3.0.tar.bz2.sig
-/libksba-1.3.1.tar.bz2
-/libksba-1.3.1.tar.bz2.sig
-/libksba-1.3.2.tar.bz2
-/libksba-1.3.2.tar.bz2.sig
-/libksba-1.3.3.tar.bz2
-/libksba-1.3.3.tar.bz2.sig
-/libksba-1.3.4.tar.bz2
-/libksba-1.3.4.tar.bz2.sig
-/libksba-1.3.5.tar.bz2
-/libksba-1.3.5.tar.bz2.sig
-/libksba-1.4.0.tar.bz2
-/libksba-1.4.0.tar.bz2.sig
-/libksba-1.5.0.tar.bz2
-/libksba-1.5.0.tar.bz2.sig
-/libksba-1.5.1.tar.bz2
-/libksba-1.5.1.tar.bz2.sig
-/libksba-1.6.0.tar.bz2
-/libksba-1.6.0.tar.bz2.sig
-/libksba-1.6.1.tar.bz2
-/libksba-1.6.1.tar.bz2.sig
-/libksba-1.6.2.tar.bz2
-/libksba-1.6.2.tar.bz2.sig
+/*.rpm
+/libksba-*/
+/libksba-*.tar.bz2*
+/results_libksba/
--- a/libksba.spec
+++ b/libksba.spec
@ -1,6 +1,6 @@
 Summary: CMS and X.509 library
 Name:    libksba
-Version: 1.6.2
+Version: 1.6.3
 Release: 1%{?dist}

 # The library is licensed under LGPLv3+ or GPLv2+,
@ -80,6 +80,9 @@ make check


 %changelog
+* Tue Dec 20 2022 Todd Zullinger <tmz@pobox.com> - 1.6.3-1
+- New upstream release (#2155172)
+
 * Fri Oct 07 2022 Jakub Jelen <jjelen@redhat.com> - 1.6.2-1
 - New upstream release (#2132953)

--- a/4
+++ b/4
@ -1,2 +1,2 @@
-SHA512 (libksba-1.6.2.tar.bz2) = 50533887942921f8009cedd636915c2b27f231151a3b8316af6801a5f8637d66896ba5a24207bf82d8b03e26624133e80c6dd69f1196f06ada929090ef0f178c
-SHA512 (libksba-1.6.2.tar.bz2.sig) = e84f653ee64a6769145df3e4b8e36f9c19983771d63c14e1a27a7f27b8cbed00af44f46db69a47ab9b282c405c21a9445569630b7b7f7ee7cb91b4d836524fc4
+SHA512 (libksba-1.6.3.tar.bz2) = 188f6d27b4904c10cd54ba949c1132dd6c167f53dd1b77eae39c5b8e3ac8b15e87b2a54cdfddac95ac4ed41ee83c3d4e1b17d95126f245b6c204fade6739a2ce
+SHA512 (libksba-1.6.3.tar.bz2.sig) = 57081497e32af41abbe84678dfb2379318ae75fdde1f871f3960b7dce7270b952a832b64accbb2a1f19fbef8db9f4d35ac59890ac6cbe45215a65f6971ba43f1