* [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1
@ 2026-04-21 18:48 Bernd Kuhls
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
` (3 more replies)
0 siblings, 4 replies; 8+ messages in thread
From: Bernd Kuhls @ 2026-04-21 18:48 UTC (permalink / raw)
To: buildroot; +Cc: Alexis Lothoré
https://github.com/OpenSC/OpenSC/blob/0.27.1/NEWS
Switched to sha256 tarball hash provided by upstream.
Removed patch which is included in this release.
Fixes the following CVEs:
* CVE-2025-13763: Several uses of potentially uninitialized memory
detected by fuzzers
* CVE-2025-49010: Possible write beyond buffer bounds during processing
of GET RESPONSE APDU
* CVE-2025-66215: Possible write beyond buffer bounds in oberthur driver
* CVE-2025-66038: Possible read beyond buffer bounds when parsing
historical bytes in PIV driver
* CVE-2025-66037: Possible buffer overrun while parsing SPKI
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
...ble-wrap-unwrap-test-until-OpenSC-17.patch | 41 -------------------
package/opensc/opensc.hash | 4 +-
package/opensc/opensc.mk | 2 +-
3 files changed, 3 insertions(+), 44 deletions(-)
delete mode 100644 package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
diff --git a/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch b/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
deleted file mode 100644
index 9bf601370a..0000000000
--- a/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 768c9bfcd91206f0d85cd4757fde48e00850a014 Mon Sep 17 00:00:00 2001
-From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-Date: Mon, 6 Jan 2025 22:36:10 +0100
-Subject: [PATCH] pkcs11-tool: disable wrap/unwrap test until OpenSC#1796 is
- resolved
-
-Similar to ab74fae4d71d1705b77b9459141987a95dcfc91e ("pkcs11-tool:
-disable wrap/unwrap test until OpenSC#1796 is resolved"), but for
-0.26, since OpenSC#1796 is still open.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-Upstream: https://github.com/OpenSC/OpenSC/pull/3303
----
- src/tools/pkcs11-tool.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
-index d701d76d6..871a39977 100644
---- a/src/tools/pkcs11-tool.c
-+++ b/src/tools/pkcs11-tool.c
-@@ -7681,7 +7681,7 @@ static int test_verify(CK_SESSION_HANDLE sess)
- return errors;
- }
-
--#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 25
-+#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 26
- #else
- #ifdef ENABLE_OPENSSL
- static int wrap_unwrap(CK_SESSION_HANDLE session,
-@@ -7805,7 +7805,7 @@ static int wrap_unwrap(CK_SESSION_HANDLE session,
- */
- static int test_unwrap(CK_SESSION_HANDLE sess)
- {
--#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 25
-+#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 26
- /* temporarily disable test, see https://github.com/OpenSC/OpenSC/issues/1796 */
- return 0;
- #else
---
-2.47.1
-
diff --git a/package/opensc/opensc.hash b/package/opensc/opensc.hash
index e12d2d4bfa..b24a6bca98 100644
--- a/package/opensc/opensc.hash
+++ b/package/opensc/opensc.hash
@@ -1,5 +1,5 @@
-# Computed locally from https://https://github.com/OpenSC/OpenSC/releases/
-sha256 837baead45e1505260d868871056150ede6e73d35460a470f2595a9e5e75f82b opensc-0.26.0.tar.gz
+# From https://github.com/OpenSC/OpenSC/releases/tag/0.27.1
+sha256 976f4a23eaf3397a1a2c3a7aac80bf971a8c3d829c9a79f06145bfaeeae5eca7 opensc-0.27.1.tar.gz
# Computed locally
sha256 376b54d4c5f4aa99421823fa4da93e3ab73096fce2400e89858632aa7da24a14 COPYING
diff --git a/package/opensc/opensc.mk b/package/opensc/opensc.mk
index 11d1507d45..dbc83c2b0e 100644
--- a/package/opensc/opensc.mk
+++ b/package/opensc/opensc.mk
@@ -4,7 +4,7 @@
#
################################################################################
-OPENSC_VERSION = 0.26.0
+OPENSC_VERSION = 0.27.1
OPENSC_SITE = https://github.com/OpenSC/OpenSC/releases/download/$(OPENSC_VERSION)
OPENSC_LICENSE = LGPL-2.1+
OPENSC_LICENSE_FILES = COPYING
--
2.47.3
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 8+ messages in thread* [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4
2026-04-21 18:48 [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Bernd Kuhls
@ 2026-04-21 18:48 ` Bernd Kuhls
2026-04-22 7:32 ` Alexis Lothoré via buildroot
2026-05-05 19:19 ` Marcus Hoffmann via buildroot
2026-04-22 7:00 ` [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Alexis Lothoré via buildroot
` (2 subsequent siblings)
3 siblings, 2 replies; 8+ messages in thread
From: Bernd Kuhls @ 2026-04-21 18:48 UTC (permalink / raw)
To: buildroot; +Cc: Alexis Lothoré
https://github.com/OpenSCAP/openscap/blob/1.4.4/NEWS
Removed patch which is included in this release.
Added tarball hashes provided by upstream.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
...oject-as-C-project-in-CMakeLists.txt.patch | 78 -------------------
package/openscap/openscap.hash | 5 +-
package/openscap/openscap.mk | 2 +-
3 files changed, 5 insertions(+), 80 deletions(-)
delete mode 100644 package/openscap/0001-Set-project-as-C-project-in-CMakeLists.txt.patch
diff --git a/package/openscap/0001-Set-project-as-C-project-in-CMakeLists.txt.patch b/package/openscap/0001-Set-project-as-C-project-in-CMakeLists.txt.patch
deleted file mode 100644
index 2ccbfd138d..0000000000
--- a/package/openscap/0001-Set-project-as-C-project-in-CMakeLists.txt.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From d2fa8df126b533317b4b863758cf579fff3a2b45 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Alexis=20Lothor=C3=A9?= <alexis.lothore@bootlin.com>
-Date: Mon, 16 Feb 2026 13:50:48 +0100
-Subject: [PATCH] Set project as C project in CMakeLists.txt
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The openscap tool has been recently integrated in the buildroot build
-system ([1]), which makes the openscap tool buildable for a wide variety
-or architectures/OSes, with a wide variety of _compilers_. And so when
-such compilers are not supporting C++ projects (as it is the case with a
-default buildroot toolchain), the build breaks on the following error
-(see [2] for an example):
-
- -- Detecting CXX compiler ABI info
- -- Detecting CXX compiler ABI info - failed
- -- Check for working CXX compiler: /bin/false
- -- Check for working CXX compiler: /bin/false - broken
- CMake Error at /usr/share/cmake/Modules/CMakeTestCXXCompiler.cmake:73 (message):
- The C++ compiler
-
- "/bin/false"
-
- is not able to compile a simple test program.
-
- It fails with the following output:
-
- Change Dir: '/home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI'
-
- Run Build Command(s): /usr/bin/cmake -E env VERBOSE=1 /usr/bin/make -f Makefile cmTC_1834b/fast
- make[1]: Entering directory '/home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI'
- /usr/bin/make -f CMakeFiles/cmTC_1834b.dir/build.make CMakeFiles/cmTC_1834b.dir/build
- make[2]: Entering directory '/home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI'
- Building CXX object CMakeFiles/cmTC_1834b.dir/testCXXCompiler.cxx.o
- /bin/false -o CMakeFiles/cmTC_1834b.dir/testCXXCompiler.cxx.o -c /home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI/testCXXCompiler.cxx
- make[2]: *** [CMakeFiles/cmTC_1834b.dir/build.make:81: CMakeFiles/cmTC_1834b.dir/testCXXCompiler.cxx.o] Error 1
- make[2]: Leaving directory '/home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI'
- make[1]: *** [Makefile:134: cmTC_1834b/fast] Error 2
- make[1]: Leaving directory '/home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI'
-
- CMake will not be able to correctly generate this project.
- Call Stack (most recent call first):
- CMakeLists.txt:11 (project)
-
-openscap does not have any C++ code to build, so restricting builds to
-toolchains supporting C++ is overconstraining, the configuration step
-should rather not try to check C++ support.
-
-Enforce the project as a C project in CMakeLists.txt to make sure not to
-test C++ features on the used toolchain.
-
-[1] https://buildroot.org/
-[2] https://autobuild.buildroot.org/results/1fe550ffa79f0a083a450ae03fe067a8ab7336be/build-end.log
-
-Upstream: https://github.com/OpenSCAP/openscap/commit/bbfb2d7b00cbb8e08d999546734d3ba6ae150736
-[patch slightly adapted to be applicable on v1.4.3]
-Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
----
- CMakeLists.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index c561116d826c..570812667036 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -8,7 +8,7 @@ if(NOT CMAKE_BUILD_TYPE AND NOT CMAKE_CONFIGURATION_TYPES)
- "MinSizeRel" "RelWithDebInfo")
- endif()
-
--project("openscap")
-+project("openscap" C)
- set(OPENSCAP_VERSION_MAJOR "1")
- set(OPENSCAP_VERSION_MINOR "4")
- set(OPENSCAP_VERSION_PATCH "3")
---
-2.53.0
-
diff --git a/package/openscap/openscap.hash b/package/openscap/openscap.hash
index 7a25789b5b..16cebc54c9 100644
--- a/package/openscap/openscap.hash
+++ b/package/openscap/openscap.hash
@@ -1,3 +1,6 @@
+# From https://github.com/OpenSCAP/openscap/releases/tag/1.4.4
+sha256 25b1b046822121204e6d53d877a532c88bf7fde14b94c9c72297cd5709b03478 openscap-1.4.4.tar.gz
+# From https://github.com/OpenSCAP/openscap/releases/download/1.4.4/openscap-1.4.4.tar.gz.sha512
+sha512 c69736bee997e50a04aff8e4f22da880f342190e1289c5df0fb73b7af34833d3bd9f4e5055b227a18d571167671f821701a09f8c9a3e4568c7da68cc4be51133 openscap-1.4.4.tar.gz
# Locally computed
-sha256 96ebe697aafc83eb297a8f29596d57319278112467c46e6aaf3649b311cf8fba openscap-1.4.3.tar.gz
sha256 5df07007198989c622f5d41de8d703e7bef3d0e79d62e24332ee739a452af62a COPYING
diff --git a/package/openscap/openscap.mk b/package/openscap/openscap.mk
index 42f644db55..7da38df345 100644
--- a/package/openscap/openscap.mk
+++ b/package/openscap/openscap.mk
@@ -4,7 +4,7 @@
#
################################################################################
-OPENSCAP_VERSION = 1.4.3
+OPENSCAP_VERSION = 1.4.4
OPENSCAP_SITE = https://github.com/OpenSCAP/openscap/releases/download/$(OPENSCAP_VERSION)
OPENSCAP_LICENSE = LGPL-2.1+
OPENSCAP_LICENSE_FILES = COPYING
--
2.47.3
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 8+ messages in thread* Re: [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
@ 2026-04-22 7:32 ` Alexis Lothoré via buildroot
2026-05-05 19:19 ` Marcus Hoffmann via buildroot
1 sibling, 0 replies; 8+ messages in thread
From: Alexis Lothoré via buildroot @ 2026-04-22 7:32 UTC (permalink / raw)
To: Bernd Kuhls, buildroot; +Cc: Alexis Lothoré
On Tue Apr 21, 2026 at 8:48 PM CEST, Bernd Kuhls wrote:
> https://github.com/OpenSCAP/openscap/blob/1.4.4/NEWS
>
> Removed patch which is included in this release.
>
> Added tarball hashes provided by upstream.
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Reviewed-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Thanks,
Alexis
--
Alexis Lothoré, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
2026-04-22 7:32 ` Alexis Lothoré via buildroot
@ 2026-05-05 19:19 ` Marcus Hoffmann via buildroot
1 sibling, 0 replies; 8+ messages in thread
From: Marcus Hoffmann via buildroot @ 2026-05-05 19:19 UTC (permalink / raw)
To: Bernd Kuhls, buildroot; +Cc: Alexis Lothoré
On 4/21/26 20:48, Bernd Kuhls wrote:
> https://github.com/OpenSCAP/openscap/blob/1.4.4/NEWS
>
> Removed patch which is included in this release.
>
> Added tarball hashes provided by upstream.
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
> ---
Applied to master, thanks!
Marcus
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1
2026-04-21 18:48 [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Bernd Kuhls
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
@ 2026-04-22 7:00 ` Alexis Lothoré via buildroot
2026-04-22 7:02 ` Alexis Lothoré via buildroot
2026-04-29 8:46 ` Marcus Hoffmann via buildroot
2026-05-15 13:34 ` Thomas Perale via buildroot
3 siblings, 1 reply; 8+ messages in thread
From: Alexis Lothoré via buildroot @ 2026-04-22 7:00 UTC (permalink / raw)
To: Bernd Kuhls, buildroot; +Cc: Alexis Lothoré
On Tue Apr 21, 2026 at 8:48 PM CEST, Bernd Kuhls wrote:
> https://github.com/OpenSC/OpenSC/blob/0.27.1/NEWS
>
> Switched to sha256 tarball hash provided by upstream.
>
> Removed patch which is included in this release.
>
> Fixes the following CVEs:
> * CVE-2025-13763: Several uses of potentially uninitialized memory
> detected by fuzzers
> * CVE-2025-49010: Possible write beyond buffer bounds during processing
> of GET RESPONSE APDU
> * CVE-2025-66215: Possible write beyond buffer bounds in oberthur driver
> * CVE-2025-66038: Possible read beyond buffer bounds when parsing
> historical bytes in PIV driver
> * CVE-2025-66037: Possible buffer overrun while parsing SPKI
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
I suspect the CC on my address to be a mistake, as my name can be found
for the openscAP package.
LGTM though ;)
Thanks,
Alexis
--
Alexis Lothoré, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1
2026-04-22 7:00 ` [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Alexis Lothoré via buildroot
@ 2026-04-22 7:02 ` Alexis Lothoré via buildroot
0 siblings, 0 replies; 8+ messages in thread
From: Alexis Lothoré via buildroot @ 2026-04-22 7:02 UTC (permalink / raw)
To: Alexis Lothoré, Bernd Kuhls, buildroot
On Wed Apr 22, 2026 at 9:00 AM CEST, Alexis Lothoré wrote:
> On Tue Apr 21, 2026 at 8:48 PM CEST, Bernd Kuhls wrote:
>> https://github.com/OpenSC/OpenSC/blob/0.27.1/NEWS
>>
>> Switched to sha256 tarball hash provided by upstream.
>>
>> Removed patch which is included in this release.
>>
>> Fixes the following CVEs:
>> * CVE-2025-13763: Several uses of potentially uninitialized memory
>> detected by fuzzers
>> * CVE-2025-49010: Possible write beyond buffer bounds during processing
>> of GET RESPONSE APDU
>> * CVE-2025-66215: Possible write beyond buffer bounds in oberthur driver
>> * CVE-2025-66038: Possible read beyond buffer bounds when parsing
>> historical bytes in PIV driver
>> * CVE-2025-66037: Possible buffer overrun while parsing SPKI
>>
>> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
>
> I suspect the CC on my address to be a mistake, as my name can be found
> for the openscAP package.
Ah, nevermind, I missed the openscap related patch in the same series
>
> LGTM though ;)
>
> Thanks,
>
> Alexis
--
Alexis Lothoré, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1
2026-04-21 18:48 [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Bernd Kuhls
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
2026-04-22 7:00 ` [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Alexis Lothoré via buildroot
@ 2026-04-29 8:46 ` Marcus Hoffmann via buildroot
2026-05-15 13:34 ` Thomas Perale via buildroot
3 siblings, 0 replies; 8+ messages in thread
From: Marcus Hoffmann via buildroot @ 2026-04-29 8:46 UTC (permalink / raw)
To: Bernd Kuhls, buildroot; +Cc: Alexis Lothoré
On 4/21/26 20:48, Bernd Kuhls wrote:
> https://github.com/OpenSC/OpenSC/blob/0.27.1/NEWS
>
> Switched to sha256 tarball hash provided by upstream.
>
> Removed patch which is included in this release.
>
> Fixes the following CVEs:
> * CVE-2025-13763: Several uses of potentially uninitialized memory
> detected by fuzzers
> * CVE-2025-49010: Possible write beyond buffer bounds during processing
> of GET RESPONSE APDU
> * CVE-2025-66215: Possible write beyond buffer bounds in oberthur driver
> * CVE-2025-66038: Possible read beyond buffer bounds when parsing
> historical bytes in PIV driver
> * CVE-2025-66037: Possible buffer overrun while parsing SPKI
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
> ---
Applied to master, thanks!
Marcus
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1
2026-04-21 18:48 [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Bernd Kuhls
` (2 preceding siblings ...)
2026-04-29 8:46 ` Marcus Hoffmann via buildroot
@ 2026-05-15 13:34 ` Thomas Perale via buildroot
3 siblings, 0 replies; 8+ messages in thread
From: Thomas Perale via buildroot @ 2026-05-15 13:34 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: Thomas Perale, buildroot
In reply of:
> https://github.com/OpenSC/OpenSC/blob/0.27.1/NEWS
>
> Switched to sha256 tarball hash provided by upstream.
>
> Removed patch which is included in this release.
>
> Fixes the following CVEs:
> * CVE-2025-13763: Several uses of potentially uninitialized memory
> detected by fuzzers
> * CVE-2025-49010: Possible write beyond buffer bounds during processing
> of GET RESPONSE APDU
> * CVE-2025-66215: Possible write beyond buffer bounds in oberthur driver
> * CVE-2025-66038: Possible read beyond buffer bounds when parsing
> historical bytes in PIV driver
> * CVE-2025-66037: Possible buffer overrun while parsing SPKI
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Applied to 2025.02.x & 2026.02.x. Thanks
> ---
> ...ble-wrap-unwrap-test-until-OpenSC-17.patch | 41 -------------------
> package/opensc/opensc.hash | 4 +-
> package/opensc/opensc.mk | 2 +-
> 3 files changed, 3 insertions(+), 44 deletions(-)
> delete mode 100644 package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
>
> diff --git a/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch b/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
> deleted file mode 100644
> index 9bf601370a..0000000000
> --- a/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
> +++ /dev/null
> @@ -1,41 +0,0 @@
> -From 768c9bfcd91206f0d85cd4757fde48e00850a014 Mon Sep 17 00:00:00 2001
> -From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
> -Date: Mon, 6 Jan 2025 22:36:10 +0100
> -Subject: [PATCH] pkcs11-tool: disable wrap/unwrap test until OpenSC#1796 is
> - resolved
> -
> -Similar to ab74fae4d71d1705b77b9459141987a95dcfc91e ("pkcs11-tool:
> -disable wrap/unwrap test until OpenSC#1796 is resolved"), but for
> -0.26, since OpenSC#1796 is still open.
> -
> -Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
> -Upstream: https://github.com/OpenSC/OpenSC/pull/3303
> ----
> - src/tools/pkcs11-tool.c | 4 ++--
> - 1 file changed, 2 insertions(+), 2 deletions(-)
> -
> -diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
> -index d701d76d6..871a39977 100644
> ---- a/src/tools/pkcs11-tool.c
> -+++ b/src/tools/pkcs11-tool.c
> -@@ -7681,7 +7681,7 @@ static int test_verify(CK_SESSION_HANDLE sess)
> - return errors;
> - }
> -
> --#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 25
> -+#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 26
> - #else
> - #ifdef ENABLE_OPENSSL
> - static int wrap_unwrap(CK_SESSION_HANDLE session,
> -@@ -7805,7 +7805,7 @@ static int wrap_unwrap(CK_SESSION_HANDLE session,
> - */
> - static int test_unwrap(CK_SESSION_HANDLE sess)
> - {
> --#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 25
> -+#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 26
> - /* temporarily disable test, see https://github.com/OpenSC/OpenSC/issues/1796 */
> - return 0;
> - #else
> ---
> -2.47.1
> -
> diff --git a/package/opensc/opensc.hash b/package/opensc/opensc.hash
> index e12d2d4bfa..b24a6bca98 100644
> --- a/package/opensc/opensc.hash
> +++ b/package/opensc/opensc.hash
> @@ -1,5 +1,5 @@
> -# Computed locally from https://https://github.com/OpenSC/OpenSC/releases/
> -sha256 837baead45e1505260d868871056150ede6e73d35460a470f2595a9e5e75f82b opensc-0.26.0.tar.gz
> +# From https://github.com/OpenSC/OpenSC/releases/tag/0.27.1
> +sha256 976f4a23eaf3397a1a2c3a7aac80bf971a8c3d829c9a79f06145bfaeeae5eca7 opensc-0.27.1.tar.gz
>
> # Computed locally
> sha256 376b54d4c5f4aa99421823fa4da93e3ab73096fce2400e89858632aa7da24a14 COPYING
> diff --git a/package/opensc/opensc.mk b/package/opensc/opensc.mk
> index 11d1507d45..dbc83c2b0e 100644
> --- a/package/opensc/opensc.mk
> +++ b/package/opensc/opensc.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -OPENSC_VERSION = 0.26.0
> +OPENSC_VERSION = 0.27.1
> OPENSC_SITE = https://github.com/OpenSC/OpenSC/releases/download/$(OPENSC_VERSION)
> OPENSC_LICENSE = LGPL-2.1+
> OPENSC_LICENSE_FILES = COPYING
> --
> 2.47.3
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2026-05-15 13:34 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-21 18:48 [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Bernd Kuhls
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
2026-04-22 7:32 ` Alexis Lothoré via buildroot
2026-05-05 19:19 ` Marcus Hoffmann via buildroot
2026-04-22 7:00 ` [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Alexis Lothoré via buildroot
2026-04-22 7:02 ` Alexis Lothoré via buildroot
2026-04-29 8:46 ` Marcus Hoffmann via buildroot
2026-05-15 13:34 ` Thomas Perale via buildroot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.