Please update to libp11-0.4.12

Thanks for taking the time to report this bug and trying to make Ubuntu better.

The libp11 package contains no Ubuntu specific delta, so the way to go would be to get it updated in Debian and then it will get synced into Ubuntu. Would you mind making this request there? If you decide to do so please add a link to the bug report here.

Thanks,
Where can I open a bug in Debian?

Hello,

Here is the bug page for libp11 in Debian:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?repeatmerged=no&src=libp11

And here is the info on how to report a bug in Debian:
https://www.debian.org/Bugs/Reporting

Thanks for your help!

See also https://bugs.launchpad.net/ubuntu/+source/libp11/+bug/1964141

This bug was fixed in the package libp11 - 0.4.12-0ubuntu1

---------------
libp11 (0.4.12-0ubuntu1) kinetic; urgency=medium

  * New upstream release: 0.4.12 (LP: #1982011)
    - Fixes wrong certificate returned if multiple certs have same label but
      different ID (LP: #1964141)
  * d/t/{control,engine-smoke}: add simple pcks11 openssl engine smoke
    test
  * d/t/{control,engine}: a more thorough pkcs11 engine test, using a
    software-based smart card implementation (softhsm2)

 -- Andreas Hasenack <email address hidden> Thu, 18 Aug 2022 19:44:51 +0000

Thanks!

Will it be available for Jammy (22.04)?

I'm unsure yet, as reproducing bug #1964141 can be a bit hard, and a version update is generally frowned upon in an SRU, specially when it has new features and not just fixes.

0.4.12 fix some important bugs in this library so it's important to release this version to 22.04.

New in 0.4.12; 2022-07-15; Michał Trojnara

Fixed using an explicitly provided PIN regardless of the secure login flag (Alon Bar-Lev)
Fixed RSA_PKCS1_PADDING handling (Michał Trojnara)
Fixed a crash on LLP64, including 64-bit Windows (Małgorzata Olszówka)
Fixed searching objects when both ID and label are specified (minfrin)
Fixed the OAEP "source" parameter (S-P Chan)
Fixed object searching by label (Michał Trojnara)
Fixed thread safety in slot enumeration (Michał Trojnara)
Fixed storing certificates on tokens (Mateusz Kwiatkowski)
Fixed several memory leaks (Michał Trojnara, Jakub Jelen, Timo Teräs)
Fixed OpenSSL 3.0 compatibility (Jakub Jelen)
Fixed LibreSSL compatibility (orbea, patchMonkey156)

Jammy (22.04) base on Openssl 3.0 so it's important to release 0.4.12 to 22.04

Thanks.

You skipped the other changes introduced in 0.4.12:

* Major concurrency improvements and refactoring (Timo Teräs)
* Added re-numeration of slots as an engine control command (Markus Koetter)
* Added the PKCS11_update_slots() API function (Timo Teräs)
* Added support for the SHA3 hash function (alegon01)
* Added a self-test for engine RSA operations (Uri Blumenthal)

"Major (...) and refactoring" rings some alarm bells, for example ;)

All these changes (and the bugfixes you mentioned, of course) would have to be analyzed and potentially get a bug each, which usually is unfeasable for an SRU. If there are concrete cases where something doesn't work, then we can investigate the impact and the effort to backport the fix.

Thanks, I know the the other changes introduced in 0.4.12 :-)
I'm working with this library and the 0.4.11 version doesn't work with Ubuntu 22.04 and HSMs (Hardware Security Module) via pkcs11 protocol (libp11 provides a higher-level interface to access PKCS#11) "[0.4.12: Fixed using an explicitly provided PIN regardless of the secure login flag - this is the bug"].
This is the main reason that 0.4.12 was released after two years (I asked from the developers to release new version after they fixed the bug).
Please help the Ubuntu 22.04 users that use this library to connect HSMs via pkcs11. It doesn't work with 0.4.11.
Thanks