* Fri Apr 13 2018 mpluskal@suse.com
- Run spe-cleaner
- Drop useless conditions
* Wed Apr 11 2018 ncutler@suse.com
- bring License line into closer accordance with actual licenses
mentioned in the tarball
- split off xml/pskc/ directory/files from liboath0 into a separate
"oath-toolkit-xml" subpackage to prevent conflicts if two versions of the
liboath library were ever installed at the same time
* Wed Apr 11 2018 ncutler@suse.com
- use %license instead of %doc to package license-related files
* Tue Jan 16 2018 dmarcoux@posteo.de
- Add patch (last commit which changed source, not released in 2.6.2):
- 0002-update_gnulibs_files.patch
* Mon Aug 29 2016 mardnh@gmx.de
- Update to Version 2.6.2
- no changes in upstream code
- Fix RPM groups for -devel packages
- build with libpskc on supported suse-versions
- Add patch:
- 0001-Fix-no-return-in-nonvoid-function-errors-reported-by.patch
* Wed Sep 09 2015 t.gruner@katodev.de
- Update to Version 2.6.1 (released 2015-07-31)
- liboath: Fix 'make check' on 32-bit systems.
- Version 2.6.0 (released 2015-05-19)
- liboath: Support TOTP with HMAC-SHA256 and HMAC-SHA512.
This adds new APIs oath_totp_generate2, oath_totp_validate4 and
oath_totp_validate4_callback.
- oathtool: The --totp parameter now take an optional argument to specify MAC.
For example use --totp=sha256 to use HMAC-SHA256. When --totp is used
the default HMAC-SHA1 is used, as before.
- pam_oath: Mention in README that you shouldn't use insecure keys.
- pam_oath: Check return value from strdup.
- The files 'gdoc' and 'expect.oath' are now included in the tarball.
* Sat Jan 24 2015 mardnh@gmx.de
- Update to version 2.4.1:
+ liboath: Fix usersfile bug that caused it to update the wrong line.
When an usersfile contain multiple lines for the same user but with an
unparseable token type (e.g., HOTP vs TOTP), the code would update the
wrong line of the file. Since the then updated line could be a
commented out line, this can lead to the same OTP being accepted
multiple times which is a security vulnerability. Reported by Bas van
Schaik <bas@sj-vs.net> and patch provided by Ilkka Virta
<itvirta@iki.fi>. CVE-2013-7322
* Fri Jul 11 2014 darin@darins.net
- Ran through spec-cleaner
* Wed Oct 23 2013 vuntz@opensuse.org
- Update to version 2.4.0:
+ liboath: Add new API methods for validating TOTP OTPs
- Changes from version 2.2.0:
+ libpskc: Add functions for setting PSKC data.
+ liboath: Permit different passwords for different tokens for
the same user.
+ liboath: Make header file usable from C++ (extern "C" guard).
+ build: Improve building from git with most recent automake and
gengetopt.
+ build: Valgrind is not enabled by default.
- Fix license: libraries are LGPL-2.1+ and everything else is
GPL-3.0+. Also properly package the COPYING files.
- Prepare build libpskc, hidden under a %{build_pskc} define:
+ Add libxml2-devel and pkgconfig(xmlsec1) BuildRequires.
+ Create libpskc0 and libpskc-devel subpackages.
+ Define %{build_pskc} to 0 since we don't have libxmlsec1 yet.
- Rework summaries and descriptions.
* Sat Jun 15 2013 bwiedemann@suse.com
- Update to version 2.0.2