SciLinux: SLSA-2019-2154-1 Moderate: opensc on SL7.x x86_64
Summary
Moderate: opensc security, bug fix, and enhancement update
Security Fixes
* opensc: Buffer overflows handling responses from Muscle Cards in card-
muscle.c:muscle_list_files() (CVE-2018-16391)
* opensc: Buffer overflows handling responses from TCOS Cards in card-
tcos.c:tcos_select_file() (CVE-2018-16392)
* opensc: Buffer overflows handling responses from Gemsafe V1 Smartcards
in pkcs15-gemsafeV1.c:gemsafe_get_cert_len() (CVE-2018-16393)
* opensc: Buffer overflow handling string concatention in
tools/util.c:util_acl_to_str() (CVE-2018-16418)
* opensc: Buffer overflow handling responses from Cryptoflex cards in
cryptoflex-tool.c:read_public_key() (CVE-2018-16419)
* opensc: Buffer overflows handling responses from ePass 2003 Cards in
card-epass2003.c:decrypt_response() (CVE-2018-16420)
* opensc: Buffer overflows handling responses from CAC Cards in card-
cac.c:cac_get_serial_nr_from_CUID() (CVE-2018-16421)
* opensc: Buffer overflow handling responses from esteid cards in
pkcs15-esteid.c:sc_pkcs15emu_esteid_init() (CVE-2018-16422)
* opensc: Double free handling responses from smartcards in
libopensc/sc.c:sc_file_set_sec_attr() (CVE-2018-16423)
* opensc: Out of bounds reads handling responses from smartcards
(CVE-2018-16427)
* opensc: Infinite recusrion handling responses from IAS-ECC cards in
card-iasecc.c:iasecc_select_file() (CVE-2018-16426)
SL7
x86_64
opensc-0.19.0-3.el7.x86_64.rpm
opensc-0.19.0-3.el7.i686.rpm
opensc-debuginfo-0.19.0-3.el7.i686.rpm
opensc-debuginfo-0.19.0-3.el7.x86_64.rpm
- Scientific Linux Development Team
