* [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1
@ 2026-04-21 18:48 Bernd Kuhls
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
` (3 more replies)
0 siblings, 4 replies; 8+ messages in thread
From: Bernd Kuhls @ 2026-04-21 18:48 UTC (permalink / raw)
To: buildroot; +Cc: Alexis Lothoré
https://github.com/OpenSC/OpenSC/blob/0.27.1/NEWS
Switched to sha256 tarball hash provided by upstream.
Removed patch which is included in this release.
Fixes the following CVEs:
* CVE-2025-13763: Several uses of potentially uninitialized memory
detected by fuzzers
* CVE-2025-49010: Possible write beyond buffer bounds during processing
of GET RESPONSE APDU
* CVE-2025-66215: Possible write beyond buffer bounds in oberthur driver
* CVE-2025-66038: Possible read beyond buffer bounds when parsing
historical bytes in PIV driver
* CVE-2025-66037: Possible buffer overrun while parsing SPKI
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
...ble-wrap-unwrap-test-until-OpenSC-17.patch | 41 -------------------
package/opensc/opensc.hash | 4 +-
package/opensc/opensc.mk | 2 +-
3 files changed, 3 insertions(+), 44 deletions(-)
delete mode 100644 package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
diff --git a/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch b/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
deleted file mode 100644
index 9bf601370a..0000000000
--- a/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 768c9bfcd91206f0d85cd4757fde48e00850a014 Mon Sep 17 00:00:00 2001
-From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-Date: Mon, 6 Jan 2025 22:36:10 +0100
-Subject: [PATCH] pkcs11-tool: disable wrap/unwrap test until OpenSC#1796 is
- resolved
-
-Similar to ab74fae4d71d1705b77b9459141987a95dcfc91e ("pkcs11-tool:
-disable wrap/unwrap test until OpenSC#1796 is resolved"), but for
-0.26, since OpenSC#1796 is still open.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-Upstream: https://github.com/OpenSC/OpenSC/pull/3303
----
- src/tools/pkcs11-tool.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
-index d701d76d6..871a39977 100644
---- a/src/tools/pkcs11-tool.c
-+++ b/src/tools/pkcs11-tool.c
-@@ -7681,7 +7681,7 @@ static int test_verify(CK_SESSION_HANDLE sess)
- return errors;
- }
-
--#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 25
-+#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 26
- #else
- #ifdef ENABLE_OPENSSL
- static int wrap_unwrap(CK_SESSION_HANDLE session,
-@@ -7805,7 +7805,7 @@ static int wrap_unwrap(CK_SESSION_HANDLE session,
- */
- static int test_unwrap(CK_SESSION_HANDLE sess)
- {
--#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 25
-+#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 26
- /* temporarily disable test, see https://github.com/OpenSC/OpenSC/issues/1796 */
- return 0;
- #else
---
-2.47.1
-
diff --git a/package/opensc/opensc.hash b/package/opensc/opensc.hash
index e12d2d4bfa..b24a6bca98 100644
--- a/package/opensc/opensc.hash
+++ b/package/opensc/opensc.hash
@@ -1,5 +1,5 @@
-# Computed locally from https://https://github.com/OpenSC/OpenSC/releases/
-sha256 837baead45e1505260d868871056150ede6e73d35460a470f2595a9e5e75f82b opensc-0.26.0.tar.gz
+# From https://github.com/OpenSC/OpenSC/releases/tag/0.27.1
+sha256 976f4a23eaf3397a1a2c3a7aac80bf971a8c3d829c9a79f06145bfaeeae5eca7 opensc-0.27.1.tar.gz
# Computed locally
sha256 376b54d4c5f4aa99421823fa4da93e3ab73096fce2400e89858632aa7da24a14 COPYING
diff --git a/package/opensc/opensc.mk b/package/opensc/opensc.mk
index 11d1507d45..dbc83c2b0e 100644
--- a/package/opensc/opensc.mk
+++ b/package/opensc/opensc.mk
@@ -4,7 +4,7 @@
#
################################################################################
-OPENSC_VERSION = 0.26.0
+OPENSC_VERSION = 0.27.1
OPENSC_SITE = https://github.com/OpenSC/OpenSC/releases/download/$(OPENSC_VERSION)
OPENSC_LICENSE = LGPL-2.1+
OPENSC_LICENSE_FILES = COPYING
--
2.47.3
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 8+ messages in thread* [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4
2026-04-21 18:48 [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Bernd Kuhls
@ 2026-04-21 18:48 ` Bernd Kuhls
2026-04-22 7:32 ` Alexis Lothoré via buildroot
2026-05-05 19:19 ` Marcus Hoffmann via buildroot
2026-04-22 7:00 ` [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Alexis Lothoré via buildroot
` (2 subsequent siblings)
3 siblings, 2 replies; 8+ messages in thread
From: Bernd Kuhls @ 2026-04-21 18:48 UTC (permalink / raw)
To: buildroot; +Cc: Alexis Lothoré
https://github.com/OpenSCAP/openscap/blob/1.4.4/NEWS
Removed patch which is included in this release.
Added tarball hashes provided by upstream.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
...oject-as-C-project-in-CMakeLists.txt.patch | 78 -------------------
package/openscap/openscap.hash | 5 +-
package/openscap/openscap.mk | 2 +-
3 files changed, 5 insertions(+), 80 deletions(-)
delete mode 100644 package/openscap/0001-Set-project-as-C-project-in-CMakeLists.txt.patch
diff --git a/package/openscap/0001-Set-project-as-C-project-in-CMakeLists.txt.patch b/package/openscap/0001-Set-project-as-C-project-in-CMakeLists.txt.patch
deleted file mode 100644
index 2ccbfd138d..0000000000
--- a/package/openscap/0001-Set-project-as-C-project-in-CMakeLists.txt.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From d2fa8df126b533317b4b863758cf579fff3a2b45 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Alexis=20Lothor=C3=A9?= <alexis.lothore@bootlin.com>
-Date: Mon, 16 Feb 2026 13:50:48 +0100
-Subject: [PATCH] Set project as C project in CMakeLists.txt
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The openscap tool has been recently integrated in the buildroot build
-system ([1]), which makes the openscap tool buildable for a wide variety
-or architectures/OSes, with a wide variety of _compilers_. And so when
-such compilers are not supporting C++ projects (as it is the case with a
-default buildroot toolchain), the build breaks on the following error
-(see [2] for an example):
-
- -- Detecting CXX compiler ABI info
- -- Detecting CXX compiler ABI info - failed
- -- Check for working CXX compiler: /bin/false
- -- Check for working CXX compiler: /bin/false - broken
- CMake Error at /usr/share/cmake/Modules/CMakeTestCXXCompiler.cmake:73 (message):
- The C++ compiler
-
- "/bin/false"
-
- is not able to compile a simple test program.
-
- It fails with the following output:
-
- Change Dir: '/home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI'
-
- Run Build Command(s): /usr/bin/cmake -E env VERBOSE=1 /usr/bin/make -f Makefile cmTC_1834b/fast
- make[1]: Entering directory '/home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI'
- /usr/bin/make -f CMakeFiles/cmTC_1834b.dir/build.make CMakeFiles/cmTC_1834b.dir/build
- make[2]: Entering directory '/home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI'
- Building CXX object CMakeFiles/cmTC_1834b.dir/testCXXCompiler.cxx.o
- /bin/false -o CMakeFiles/cmTC_1834b.dir/testCXXCompiler.cxx.o -c /home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI/testCXXCompiler.cxx
- make[2]: *** [CMakeFiles/cmTC_1834b.dir/build.make:81: CMakeFiles/cmTC_1834b.dir/testCXXCompiler.cxx.o] Error 1
- make[2]: Leaving directory '/home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI'
- make[1]: *** [Makefile:134: cmTC_1834b/fast] Error 2
- make[1]: Leaving directory '/home/autobuild/autobuild/instance-6/output-1/build/openscap-1.3.12/buildroot-build/CMakeFiles/CMakeScratch/TryCompile-tUydqI'
-
- CMake will not be able to correctly generate this project.
- Call Stack (most recent call first):
- CMakeLists.txt:11 (project)
-
-openscap does not have any C++ code to build, so restricting builds to
-toolchains supporting C++ is overconstraining, the configuration step
-should rather not try to check C++ support.
-
-Enforce the project as a C project in CMakeLists.txt to make sure not to
-test C++ features on the used toolchain.
-
-[1] https://buildroot.org/
-[2] https://autobuild.buildroot.org/results/1fe550ffa79f0a083a450ae03fe067a8ab7336be/build-end.log
-
-Upstream: https://github.com/OpenSCAP/openscap/commit/bbfb2d7b00cbb8e08d999546734d3ba6ae150736
-[patch slightly adapted to be applicable on v1.4.3]
-Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
----
- CMakeLists.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index c561116d826c..570812667036 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -8,7 +8,7 @@ if(NOT CMAKE_BUILD_TYPE AND NOT CMAKE_CONFIGURATION_TYPES)
- "MinSizeRel" "RelWithDebInfo")
- endif()
-
--project("openscap")
-+project("openscap" C)
- set(OPENSCAP_VERSION_MAJOR "1")
- set(OPENSCAP_VERSION_MINOR "4")
- set(OPENSCAP_VERSION_PATCH "3")
---
-2.53.0
-
diff --git a/package/openscap/openscap.hash b/package/openscap/openscap.hash
index 7a25789b5b..16cebc54c9 100644
--- a/package/openscap/openscap.hash
+++ b/package/openscap/openscap.hash
@@ -1,3 +1,6 @@
+# From https://github.com/OpenSCAP/openscap/releases/tag/1.4.4
+sha256 25b1b046822121204e6d53d877a532c88bf7fde14b94c9c72297cd5709b03478 openscap-1.4.4.tar.gz
+# From https://github.com/OpenSCAP/openscap/releases/download/1.4.4/openscap-1.4.4.tar.gz.sha512
+sha512 c69736bee997e50a04aff8e4f22da880f342190e1289c5df0fb73b7af34833d3bd9f4e5055b227a18d571167671f821701a09f8c9a3e4568c7da68cc4be51133 openscap-1.4.4.tar.gz
# Locally computed
-sha256 96ebe697aafc83eb297a8f29596d57319278112467c46e6aaf3649b311cf8fba openscap-1.4.3.tar.gz
sha256 5df07007198989c622f5d41de8d703e7bef3d0e79d62e24332ee739a452af62a COPYING
diff --git a/package/openscap/openscap.mk b/package/openscap/openscap.mk
index 42f644db55..7da38df345 100644
--- a/package/openscap/openscap.mk
+++ b/package/openscap/openscap.mk
@@ -4,7 +4,7 @@
#
################################################################################
-OPENSCAP_VERSION = 1.4.3
+OPENSCAP_VERSION = 1.4.4
OPENSCAP_SITE = https://github.com/OpenSCAP/openscap/releases/download/$(OPENSCAP_VERSION)
OPENSCAP_LICENSE = LGPL-2.1+
OPENSCAP_LICENSE_FILES = COPYING
--
2.47.3
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 8+ messages in thread* Re: [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
@ 2026-04-22 7:32 ` Alexis Lothoré via buildroot
2026-05-05 19:19 ` Marcus Hoffmann via buildroot
1 sibling, 0 replies; 8+ messages in thread
From: Alexis Lothoré via buildroot @ 2026-04-22 7:32 UTC (permalink / raw)
To: Bernd Kuhls, buildroot; +Cc: Alexis Lothoré
On Tue Apr 21, 2026 at 8:48 PM CEST, Bernd Kuhls wrote:
> https://github.com/OpenSCAP/openscap/blob/1.4.4/NEWS
>
> Removed patch which is included in this release.
>
> Added tarball hashes provided by upstream.
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Reviewed-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Thanks,
Alexis
--
Alexis Lothoré, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
2026-04-22 7:32 ` Alexis Lothoré via buildroot
@ 2026-05-05 19:19 ` Marcus Hoffmann via buildroot
1 sibling, 0 replies; 8+ messages in thread
From: Marcus Hoffmann via buildroot @ 2026-05-05 19:19 UTC (permalink / raw)
To: Bernd Kuhls, buildroot; +Cc: Alexis Lothoré
On 4/21/26 20:48, Bernd Kuhls wrote:
> https://github.com/OpenSCAP/openscap/blob/1.4.4/NEWS
>
> Removed patch which is included in this release.
>
> Added tarball hashes provided by upstream.
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
> ---
Applied to master, thanks!
Marcus
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1
2026-04-21 18:48 [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Bernd Kuhls
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
@ 2026-04-22 7:00 ` Alexis Lothoré via buildroot
2026-04-22 7:02 ` Alexis Lothoré via buildroot
2026-04-29 8:46 ` Marcus Hoffmann via buildroot
2026-05-15 13:34 ` Thomas Perale via buildroot
3 siblings, 1 reply; 8+ messages in thread
From: Alexis Lothoré via buildroot @ 2026-04-22 7:00 UTC (permalink / raw)
To: Bernd Kuhls, buildroot; +Cc: Alexis Lothoré
On Tue Apr 21, 2026 at 8:48 PM CEST, Bernd Kuhls wrote:
> https://github.com/OpenSC/OpenSC/blob/0.27.1/NEWS
>
> Switched to sha256 tarball hash provided by upstream.
>
> Removed patch which is included in this release.
>
> Fixes the following CVEs:
> * CVE-2025-13763: Several uses of potentially uninitialized memory
> detected by fuzzers
> * CVE-2025-49010: Possible write beyond buffer bounds during processing
> of GET RESPONSE APDU
> * CVE-2025-66215: Possible write beyond buffer bounds in oberthur driver
> * CVE-2025-66038: Possible read beyond buffer bounds when parsing
> historical bytes in PIV driver
> * CVE-2025-66037: Possible buffer overrun while parsing SPKI
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
I suspect the CC on my address to be a mistake, as my name can be found
for the openscAP package.
LGTM though ;)
Thanks,
Alexis
--
Alexis Lothoré, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1
2026-04-22 7:00 ` [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Alexis Lothoré via buildroot
@ 2026-04-22 7:02 ` Alexis Lothoré via buildroot
0 siblings, 0 replies; 8+ messages in thread
From: Alexis Lothoré via buildroot @ 2026-04-22 7:02 UTC (permalink / raw)
To: Alexis Lothoré, Bernd Kuhls, buildroot
On Wed Apr 22, 2026 at 9:00 AM CEST, Alexis Lothoré wrote:
> On Tue Apr 21, 2026 at 8:48 PM CEST, Bernd Kuhls wrote:
>> https://github.com/OpenSC/OpenSC/blob/0.27.1/NEWS
>>
>> Switched to sha256 tarball hash provided by upstream.
>>
>> Removed patch which is included in this release.
>>
>> Fixes the following CVEs:
>> * CVE-2025-13763: Several uses of potentially uninitialized memory
>> detected by fuzzers
>> * CVE-2025-49010: Possible write beyond buffer bounds during processing
>> of GET RESPONSE APDU
>> * CVE-2025-66215: Possible write beyond buffer bounds in oberthur driver
>> * CVE-2025-66038: Possible read beyond buffer bounds when parsing
>> historical bytes in PIV driver
>> * CVE-2025-66037: Possible buffer overrun while parsing SPKI
>>
>> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
>
> I suspect the CC on my address to be a mistake, as my name can be found
> for the openscAP package.
Ah, nevermind, I missed the openscap related patch in the same series
>
> LGTM though ;)
>
> Thanks,
>
> Alexis
--
Alexis Lothoré, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1
2026-04-21 18:48 [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Bernd Kuhls
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
2026-04-22 7:00 ` [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Alexis Lothoré via buildroot
@ 2026-04-29 8:46 ` Marcus Hoffmann via buildroot
2026-05-15 13:34 ` Thomas Perale via buildroot
3 siblings, 0 replies; 8+ messages in thread
From: Marcus Hoffmann via buildroot @ 2026-04-29 8:46 UTC (permalink / raw)
To: Bernd Kuhls, buildroot; +Cc: Alexis Lothoré
On 4/21/26 20:48, Bernd Kuhls wrote:
> https://github.com/OpenSC/OpenSC/blob/0.27.1/NEWS
>
> Switched to sha256 tarball hash provided by upstream.
>
> Removed patch which is included in this release.
>
> Fixes the following CVEs:
> * CVE-2025-13763: Several uses of potentially uninitialized memory
> detected by fuzzers
> * CVE-2025-49010: Possible write beyond buffer bounds during processing
> of GET RESPONSE APDU
> * CVE-2025-66215: Possible write beyond buffer bounds in oberthur driver
> * CVE-2025-66038: Possible read beyond buffer bounds when parsing
> historical bytes in PIV driver
> * CVE-2025-66037: Possible buffer overrun while parsing SPKI
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
> ---
Applied to master, thanks!
Marcus
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1
2026-04-21 18:48 [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Bernd Kuhls
` (2 preceding siblings ...)
2026-04-29 8:46 ` Marcus Hoffmann via buildroot
@ 2026-05-15 13:34 ` Thomas Perale via buildroot
3 siblings, 0 replies; 8+ messages in thread
From: Thomas Perale via buildroot @ 2026-05-15 13:34 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: Thomas Perale, buildroot
In reply of:
> https://github.com/OpenSC/OpenSC/blob/0.27.1/NEWS
>
> Switched to sha256 tarball hash provided by upstream.
>
> Removed patch which is included in this release.
>
> Fixes the following CVEs:
> * CVE-2025-13763: Several uses of potentially uninitialized memory
> detected by fuzzers
> * CVE-2025-49010: Possible write beyond buffer bounds during processing
> of GET RESPONSE APDU
> * CVE-2025-66215: Possible write beyond buffer bounds in oberthur driver
> * CVE-2025-66038: Possible read beyond buffer bounds when parsing
> historical bytes in PIV driver
> * CVE-2025-66037: Possible buffer overrun while parsing SPKI
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Applied to 2025.02.x & 2026.02.x. Thanks
> ---
> ...ble-wrap-unwrap-test-until-OpenSC-17.patch | 41 -------------------
> package/opensc/opensc.hash | 4 +-
> package/opensc/opensc.mk | 2 +-
> 3 files changed, 3 insertions(+), 44 deletions(-)
> delete mode 100644 package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
>
> diff --git a/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch b/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
> deleted file mode 100644
> index 9bf601370a..0000000000
> --- a/package/opensc/0001-pkcs11-tool-disable-wrap-unwrap-test-until-OpenSC-17.patch
> +++ /dev/null
> @@ -1,41 +0,0 @@
> -From 768c9bfcd91206f0d85cd4757fde48e00850a014 Mon Sep 17 00:00:00 2001
> -From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
> -Date: Mon, 6 Jan 2025 22:36:10 +0100
> -Subject: [PATCH] pkcs11-tool: disable wrap/unwrap test until OpenSC#1796 is
> - resolved
> -
> -Similar to ab74fae4d71d1705b77b9459141987a95dcfc91e ("pkcs11-tool:
> -disable wrap/unwrap test until OpenSC#1796 is resolved"), but for
> -0.26, since OpenSC#1796 is still open.
> -
> -Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
> -Upstream: https://github.com/OpenSC/OpenSC/pull/3303
> ----
> - src/tools/pkcs11-tool.c | 4 ++--
> - 1 file changed, 2 insertions(+), 2 deletions(-)
> -
> -diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
> -index d701d76d6..871a39977 100644
> ---- a/src/tools/pkcs11-tool.c
> -+++ b/src/tools/pkcs11-tool.c
> -@@ -7681,7 +7681,7 @@ static int test_verify(CK_SESSION_HANDLE sess)
> - return errors;
> - }
> -
> --#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 25
> -+#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 26
> - #else
> - #ifdef ENABLE_OPENSSL
> - static int wrap_unwrap(CK_SESSION_HANDLE session,
> -@@ -7805,7 +7805,7 @@ static int wrap_unwrap(CK_SESSION_HANDLE session,
> - */
> - static int test_unwrap(CK_SESSION_HANDLE sess)
> - {
> --#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 25
> -+#if OPENSC_VERSION_MAJOR == 0 && OPENSC_VERSION_MINOR <= 26
> - /* temporarily disable test, see https://github.com/OpenSC/OpenSC/issues/1796 */
> - return 0;
> - #else
> ---
> -2.47.1
> -
> diff --git a/package/opensc/opensc.hash b/package/opensc/opensc.hash
> index e12d2d4bfa..b24a6bca98 100644
> --- a/package/opensc/opensc.hash
> +++ b/package/opensc/opensc.hash
> @@ -1,5 +1,5 @@
> -# Computed locally from https://https://github.com/OpenSC/OpenSC/releases/
> -sha256 837baead45e1505260d868871056150ede6e73d35460a470f2595a9e5e75f82b opensc-0.26.0.tar.gz
> +# From https://github.com/OpenSC/OpenSC/releases/tag/0.27.1
> +sha256 976f4a23eaf3397a1a2c3a7aac80bf971a8c3d829c9a79f06145bfaeeae5eca7 opensc-0.27.1.tar.gz
>
> # Computed locally
> sha256 376b54d4c5f4aa99421823fa4da93e3ab73096fce2400e89858632aa7da24a14 COPYING
> diff --git a/package/opensc/opensc.mk b/package/opensc/opensc.mk
> index 11d1507d45..dbc83c2b0e 100644
> --- a/package/opensc/opensc.mk
> +++ b/package/opensc/opensc.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -OPENSC_VERSION = 0.26.0
> +OPENSC_VERSION = 0.27.1
> OPENSC_SITE = https://github.com/OpenSC/OpenSC/releases/download/$(OPENSC_VERSION)
> OPENSC_LICENSE = LGPL-2.1+
> OPENSC_LICENSE_FILES = COPYING
> --
> 2.47.3
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2026-05-15 13:34 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-21 18:48 [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Bernd Kuhls
2026-04-21 18:48 ` [Buildroot] [PATCH 2/2] package/openscap: bump version to 1.4.4 Bernd Kuhls
2026-04-22 7:32 ` Alexis Lothoré via buildroot
2026-05-05 19:19 ` Marcus Hoffmann via buildroot
2026-04-22 7:00 ` [Buildroot] [PATCH 1/2] package/opensc: security bump version to 0.27.1 Alexis Lothoré via buildroot
2026-04-22 7:02 ` Alexis Lothoré via buildroot
2026-04-29 8:46 ` Marcus Hoffmann via buildroot
2026-05-15 13:34 ` Thomas Perale via buildroot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox