rpms/opencryptoki
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8
Branches Tags
rpms:c8
rpms:c8s
rpms:c8s-private-than
rpms:c9-beta
rpms:c9
rpms:c10
rpms:c9s
rpms:c9s-private-than
rpms:c10s
rpms:c10s-private-than
rpms:a8
rpms:c8-beta
rpms:a9
rpms:imports/c9-beta/opencryptoki-3.26.0-2.el9
rpms:imports/c8/opencryptoki-3.22.0-3.el8_10.2
rpms:imports/c9/opencryptoki-3.25.0-4.el9_7.2
rpms:imports/c10/opencryptoki-3.25.0-5.el10_1.2
rpms:imports/c10/opencryptoki-3.25.0-5.el10_1.1
rpms:imports/c9/opencryptoki-3.25.0-4.el9_7.1
rpms:imports/c10s/opencryptoki-3.26.0-2.el10
rpms:imports/c10s/opencryptoki-3.26.0-1.el10
rpms:imports/c9/opencryptoki-3.25.0-4.el9
rpms:imports/c10/opencryptoki-3.24.0-6.el10_0
rpms:imports/c9/opencryptoki-3.24.0-5.el9_6
rpms:imports/c9-beta/opencryptoki-3.25.0-4.el9
rpms:importsc/c8/opencryptoki-3.22.0-3.el8_10.1
rpms:imports/c10s/opencryptoki-3.25.0-5.el10
rpms:imports/c10s/opencryptoki-3.25.0-4.el10
rpms:imports/c10s/opencryptoki-3.25.0-2.el10
rpms:imports/c10s/opencryptoki-3.25.0-1.el10
rpms:imports/c10s/opencryptoki-3.24.0-8.el10
rpms:imports/c10s/opencryptoki-3.24.0-7.el10
rpms:imports/c9-beta/opencryptoki-3.24.0-3.el9
rpms:imports/c10s/opencryptoki-3.24.0-6.el10
rpms:imports/c10s/opencryptoki-3.24.0-5.el10
rpms:imports/c10s/opencryptoki-3.24.0-4.el10
rpms:imports/c10s/opencryptoki-3.24.0-3.el10
rpms:imports/c10s/opencryptoki-3.24.0-2.el10
rpms:imports/c10s/opencryptoki-3.24.0-1.el10
rpms:imports/c9-beta/opencryptoki-3.23.0-1.el9
rpms:imports/c10s/opencryptoki-3.23.0-5.el10
rpms:imports/c8/opencryptoki-3.22.0-3.el8
rpms:imports/c9/opencryptoki-3.22.0-3.el9
rpms:changed/a8/opencryptoki-3.21.0-10.el8_9.alma.1
rpms:imports/c8/opencryptoki-3.21.0-9.el8
rpms:changed/a9/opencryptoki-3.21.0-9.el9_3.alma.1
rpms:imports/c8-beta/opencryptoki-3.21.0-9.el8
rpms:imports/c9-beta/opencryptoki-3.21.0-8.el9
rpms:imports/c8/opencryptoki-3.19.0-2.el8
rpms:imports/c9/opencryptoki-3.19.0-2.el9
rpms:imports/c9-beta/opencryptoki-3.19.0-2.el9
rpms:imports/c8-beta/opencryptoki-3.19.0-2.el8
rpms:imports/c8s/opencryptoki-3.19.0-2.el8
rpms:imports/c9/opencryptoki-3.18.0-5.el9_1
rpms:imports/c8/opencryptoki-3.18.0-5.el8_7
rpms:imports/c9/opencryptoki-3.18.0-4.el9
rpms:imports/c8s/opencryptoki-3.19.0-1.el8
rpms:imports/c8/opencryptoki-3.18.0-3.el8
rpms:imports/c9/opencryptoki-3.17.0-8.el9_0
rpms:imports/c9-beta/opencryptoki-3.18.0-4.el9
rpms:imports/c8-beta/opencryptoki-3.18.0-3.el8
rpms:imports/c9/opencryptoki-3.17.0-7.el9_0
rpms:imports/c8/opencryptoki-3.17.0-5.el8_6
rpms:imports/c8s/opencryptoki-3.18.0-3.el8
rpms:imports/c8/opencryptoki-3.17.0-4.el8_6
rpms:imports/c9/opencryptoki-3.17.0-6.el9_0
rpms:imports/c8s/opencryptoki-3.18.0-2.el8
rpms:imports/c8s/opencryptoki-3.18.0-1.el8
rpms:imports/c9/opencryptoki-3.17.0-5.el9_0
rpms:imports/c8s/opencryptoki-3.17.0-4.el8_6
rpms:imports/c8/opencryptoki-3.17.0-3.el8
rpms:imports/c9-beta/opencryptoki-3.17.0-5.el9_0
rpms:imports/c8-beta/opencryptoki-3.17.0-3.el8
rpms:imports/c9-beta/opencryptoki-3.17.0-4.el9
rpms:imports/c8s/opencryptoki-3.17.0-3.el8
rpms:imports/c9-beta/opencryptoki-3.17.0-3.el9
rpms:imports/c8/opencryptoki-3.16.0-7.el8_5
rpms:imports/c9-beta/opencryptoki-3.16.0-12.el9
rpms:imports/c8s/opencryptoki-3.17.0-2.el8
rpms:imports/c8s/opencryptoki-3.16.0-7.el8_5
rpms:imports/c8/opencryptoki-3.16.0-5.el8
rpms:imports/c8-beta/opencryptoki-3.16.0-5.el8
rpms:imports/c8-beta/opencryptoki-3.15.1-5.el8
rpms:imports/c8-beta/opencryptoki-3.14.0-3.el8
rpms:imports/c8-beta/opencryptoki-3.12.1-2.el8
rpms:imports/c8-beta/opencryptoki-3.11.1-1.el8
rpms:imports/c8/opencryptoki-3.15.1-7.el8_4
rpms:imports/c8s/opencryptoki-3.16.0-5.el8
rpms:imports/c8s/opencryptoki-3.16.0-4.el8
rpms:imports/c8s/opencryptoki-3.16.0-3.el8
rpms:imports/c8s/opencryptoki-3.15.1-5.el8
rpms:imports/c8s/opencryptoki-3.15.1-3.el8
rpms:imports/c8/opencryptoki-3.15.1-6.el8_4
rpms:imports/c8/opencryptoki-3.15.1-5.el8
rpms:imports/c8/opencryptoki-3.14.0-5.el8
rpms:imports/c8/opencryptoki-3.12.1-2.el8
rpms:imports/c8/opencryptoki-3.11.1-3.el8_1
...
pull from: rpms:c8s-private-than
Branches Tags
rpms:c8s
rpms:c8s-private-than
rpms:c9-beta
rpms:c8
rpms:c9
rpms:c10
rpms:c9s
rpms:c9s-private-than
rpms:c10s
rpms:c10s-private-than
rpms:a8
rpms:c8-beta
rpms:a9
rpms:imports/c9-beta/opencryptoki-3.26.0-2.el9
rpms:imports/c8/opencryptoki-3.22.0-3.el8_10.2
rpms:imports/c9/opencryptoki-3.25.0-4.el9_7.2
rpms:imports/c10/opencryptoki-3.25.0-5.el10_1.2
rpms:imports/c10/opencryptoki-3.25.0-5.el10_1.1
rpms:imports/c9/opencryptoki-3.25.0-4.el9_7.1
rpms:imports/c10s/opencryptoki-3.26.0-2.el10
rpms:imports/c10s/opencryptoki-3.26.0-1.el10
rpms:imports/c9/opencryptoki-3.25.0-4.el9
rpms:imports/c10/opencryptoki-3.24.0-6.el10_0
rpms:imports/c9/opencryptoki-3.24.0-5.el9_6
rpms:imports/c9-beta/opencryptoki-3.25.0-4.el9
rpms:importsc/c8/opencryptoki-3.22.0-3.el8_10.1
rpms:imports/c10s/opencryptoki-3.25.0-5.el10
rpms:imports/c10s/opencryptoki-3.25.0-4.el10
rpms:imports/c10s/opencryptoki-3.25.0-2.el10
rpms:imports/c10s/opencryptoki-3.25.0-1.el10
rpms:imports/c10s/opencryptoki-3.24.0-8.el10
rpms:imports/c10s/opencryptoki-3.24.0-7.el10
rpms:imports/c9-beta/opencryptoki-3.24.0-3.el9
rpms:imports/c10s/opencryptoki-3.24.0-6.el10
rpms:imports/c10s/opencryptoki-3.24.0-5.el10
rpms:imports/c10s/opencryptoki-3.24.0-4.el10
rpms:imports/c10s/opencryptoki-3.24.0-3.el10
rpms:imports/c10s/opencryptoki-3.24.0-2.el10
rpms:imports/c10s/opencryptoki-3.24.0-1.el10
rpms:imports/c9-beta/opencryptoki-3.23.0-1.el9
rpms:imports/c10s/opencryptoki-3.23.0-5.el10
rpms:imports/c8/opencryptoki-3.22.0-3.el8
rpms:imports/c9/opencryptoki-3.22.0-3.el9
rpms:changed/a8/opencryptoki-3.21.0-10.el8_9.alma.1
rpms:imports/c8/opencryptoki-3.21.0-9.el8
rpms:changed/a9/opencryptoki-3.21.0-9.el9_3.alma.1
rpms:imports/c8-beta/opencryptoki-3.21.0-9.el8
rpms:imports/c9-beta/opencryptoki-3.21.0-8.el9
rpms:imports/c8/opencryptoki-3.19.0-2.el8
rpms:imports/c9/opencryptoki-3.19.0-2.el9
rpms:imports/c9-beta/opencryptoki-3.19.0-2.el9
rpms:imports/c8-beta/opencryptoki-3.19.0-2.el8
rpms:imports/c8s/opencryptoki-3.19.0-2.el8
rpms:imports/c9/opencryptoki-3.18.0-5.el9_1
rpms:imports/c8/opencryptoki-3.18.0-5.el8_7
rpms:imports/c9/opencryptoki-3.18.0-4.el9
rpms:imports/c8s/opencryptoki-3.19.0-1.el8
rpms:imports/c8/opencryptoki-3.18.0-3.el8
rpms:imports/c9/opencryptoki-3.17.0-8.el9_0
rpms:imports/c9-beta/opencryptoki-3.18.0-4.el9
rpms:imports/c8-beta/opencryptoki-3.18.0-3.el8
rpms:imports/c9/opencryptoki-3.17.0-7.el9_0
rpms:imports/c8/opencryptoki-3.17.0-5.el8_6
rpms:imports/c8s/opencryptoki-3.18.0-3.el8
rpms:imports/c8/opencryptoki-3.17.0-4.el8_6
rpms:imports/c9/opencryptoki-3.17.0-6.el9_0
rpms:imports/c8s/opencryptoki-3.18.0-2.el8
rpms:imports/c8s/opencryptoki-3.18.0-1.el8
rpms:imports/c9/opencryptoki-3.17.0-5.el9_0
rpms:imports/c8s/opencryptoki-3.17.0-4.el8_6
rpms:imports/c8/opencryptoki-3.17.0-3.el8
rpms:imports/c9-beta/opencryptoki-3.17.0-5.el9_0
rpms:imports/c8-beta/opencryptoki-3.17.0-3.el8
rpms:imports/c9-beta/opencryptoki-3.17.0-4.el9
rpms:imports/c8s/opencryptoki-3.17.0-3.el8
rpms:imports/c9-beta/opencryptoki-3.17.0-3.el9
rpms:imports/c8/opencryptoki-3.16.0-7.el8_5
rpms:imports/c9-beta/opencryptoki-3.16.0-12.el9
rpms:imports/c8s/opencryptoki-3.17.0-2.el8
rpms:imports/c8s/opencryptoki-3.16.0-7.el8_5
rpms:imports/c8/opencryptoki-3.16.0-5.el8
rpms:imports/c8-beta/opencryptoki-3.16.0-5.el8
rpms:imports/c8-beta/opencryptoki-3.15.1-5.el8
rpms:imports/c8-beta/opencryptoki-3.14.0-3.el8
rpms:imports/c8-beta/opencryptoki-3.12.1-2.el8
rpms:imports/c8-beta/opencryptoki-3.11.1-1.el8
rpms:imports/c8/opencryptoki-3.15.1-7.el8_4
rpms:imports/c8s/opencryptoki-3.16.0-5.el8
rpms:imports/c8s/opencryptoki-3.16.0-4.el8
rpms:imports/c8s/opencryptoki-3.16.0-3.el8
rpms:imports/c8s/opencryptoki-3.15.1-5.el8
rpms:imports/c8s/opencryptoki-3.15.1-3.el8
rpms:imports/c8/opencryptoki-3.15.1-6.el8_4
rpms:imports/c8/opencryptoki-3.15.1-5.el8
rpms:imports/c8/opencryptoki-3.14.0-5.el8
rpms:imports/c8/opencryptoki-3.12.1-2.el8
rpms:imports/c8/opencryptoki-3.11.1-3.el8_1

No commits in common. "c8" and "c8s-private-than" have entirely different histories.
c8 ... c8s-privat

18 changed files with 1795 additions and 3 deletions
Show Stats Expand all files Collapse all files

1
.fmf/version Normal file
View File

@ -0,0 +1 @@
1

5
.gitignore vendored
View File

@ -1 +1,4 @@
SOURCES/opencryptoki-3.22.0.tar.gz
SOURCES/opencryptoki-3.19.0.tar.gz
/opencryptoki-3.19.0.tar.gz
/opencryptoki-3.21.0.tar.gz
/opencryptoki-3.22.0.tar.gz

1
.opencryptoki.metadata
View File

@ -1 +0,0 @@
4618b82afde56a8177e888c26d336c6f521bed8a SOURCES/opencryptoki-3.22.0.tar.gz

0
SOURCES/3.22-CCA-Adjust-CCA-host-library-version-detection-for-ne.patch → 3.22-CCA-Adjust-CCA-host-library-version-detection-for-ne.patch
View File

38
CI_plan.fmf Normal file
View File

@ -0,0 +1,38 @@
/tier1-tests-on-x86_64-with-swtok:
summary: opencryptoki Tier1 tests on x86_64 with swtok
tag:
- Tier1
discover:
url: https://gitlab.cee.redhat.com/rhel-tests/opencryptoki.git
filter: "tag:Tier1"
how: fmf
test:
- "Sanity/.*"
- "Regression/.*"
execute:
how: tmt
/sw-token-package-update:
summary: perform opencryptoki package update on a configured SW token
prepare:
- how: shell
order: 90
script:
- dnf -y downgrade 'opencryptoki*'
discover:
url: https://gitlab.cee.redhat.com/rhel-tests/opencryptoki.git
how: fmf
test:
- /Update/initialized-sw-token/setup
- /Update/dnf-update-opencryptoki
- /Update/initialized-sw-token/test
execute:
how: tmt

7
gating.yaml Normal file
View File

@ -0,0 +1,7 @@
--- !Policy
product_versions:
- rhel-8
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.openstack-tier1-gating.functional}
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.beaker-tier1-gating.functional}

0
SOURCES/opencryptoki-3.11.0-lockdir.patch → opencryptoki-3.11.0-lockdir.patch
View File

1738
opencryptoki-3.20.0-CVE-2026-40253.patch Normal file
View File

File diff suppressed because it is too large Load Diff

0
SOURCES/opencryptoki-3.20.0-CVE-3-2026-23893.patch → opencryptoki-3.20.0-CVE-3-2026-23893.patch
View File

0
SOURCES/opencryptoki-3.21-sandboxing.patch → opencryptoki-3.21-sandboxing.patch
View File

0
SOURCES/opencryptoki-3.21.0-p11sak.patch → opencryptoki-3.21.0-p11sak.patch
View File

0
SOURCES/opencryptoki-CVE-2024-0914-part1.patch → opencryptoki-CVE-2024-0914-part1.patch
View File

0
SOURCES/opencryptoki-CVE-2024-0914-part2.patch → opencryptoki-CVE-2024-0914-part2.patch
View File

0
SOURCES/opencryptoki-CVE-2024-0914-part3.patch → opencryptoki-CVE-2024-0914-part3.patch
View File

0
SOURCES/opencryptoki-CVE-2024-0914-part4.patch → opencryptoki-CVE-2024-0914-part4.patch
View File

0
SOURCES/opencryptoki-CVE-2024-0914-part5.patch → opencryptoki-CVE-2024-0914-part5.patch
View File

7
SPECS/opencryptoki.spec → opencryptoki.spec
View File

@ -1,7 +1,7 @@
Name: opencryptoki
Summary: Implementation of the PKCS#11 (Cryptoki) specification v3.0
Version: 3.22.0
Release: 3%{?dist}.2
Release: 3%{?dist}.3
License: CPL
Group: System Environment/Base
URL: https://github.com/opencryptoki/opencryptoki
@ -25,6 +25,8 @@ Patch24: opencryptoki-CVE-2024-0914-part5.patch
Patch25: 3.22-CCA-Adjust-CCA-host-library-version-detection-for-ne.patch
# CVE-3-2026-23893, symlink-following vulnerabilities
Patch26: opencryptoki-3.20.0-CVE-3-2026-23893.patch
# CVE-2026-40253, possible out-of-bounds access in BER decode functions
Patch27: opencryptoki-3.20.0-CVE-2026-40253.patch
Requires(pre): coreutils diffutils
Requires: (selinux-policy >= 3.14.3-121 if selinux-policy-targeted)
@ -385,6 +387,9 @@ fi
%changelog
* Tue May 19 2026 Than Ngo <than@redhat.com> - 3.22.0-3.3
- Resolves: RHEL-171558, Fix possible out-of-bounds access in BER decode functions
* Mon Mar 02 2026 Than Ngo <than@redhat.com> - 3.22.0-3.2
- Resolves: RHEL-144817, CVE-2026-23893 Privilege Escalation or Data Exposure via Symlink Following

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (opencryptoki-3.22.0.tar.gz) = 404b32b19ef70c3e971bf6dd918fa5fa23701eff591282330085b53491597a2fb5928f800110a28dbc8a22744e00477dadadedf5cea5503984078cad38c46b25