[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1916-1] opensc security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : opensc
Version        : 0.16.0-3+deb8u1
CVE ID         : CVE-2018-16391 CVE-2018-16392 CVE-2018-16393
                 CVE-2018-16418 CVE-2018-16419 CVE-2018-16420
                 CVE-2018-16421 CVE-2018-16422 CVE-2018-16423
                 CVE-2018-16424 CVE-2018-16425 CVE-2018-16426
                 CVE-2018-16427 CVE-2019-15945 CVE-2019-15946
Debian Bug     : 909444 939668 939669

Several security vulnerabilities were fixed in opensc, a set of
libraries and utilities to access smart cards that support
cryptographic operations.

Out-of-bounds reads, buffer overflows and double frees could be used
by attackers able to supply crafted smart cards to cause a denial of
service (application crash) or possibly have unspecified other impact.

For Debian 8 "Jessie", these problems have been fixed in version
0.16.0-3+deb8u1.

We recommend that you upgrade your opensc packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl15UM1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeSrKw/9HDDHcAtjYzhDqj9qW3LMKCdoepAq0uoqJ60EfOMNxQO1ucuU34rZFHpo
+0VetKujhU2Zhxb8nr6QfU5JJ8OSS+iT8TgCjGNvTq8irf8QeVDxcxveAo8u33ZC
3a9raxYYtbaglP2JwiVphpbIPo6OZFeUeJLUw0YdWuNThMKUwUkh8jrxN2KwXrna
0wqpJ9+/2YXLel1NzBsh9cKrXCLyLv3rczCstd67ey+JaRYsL4e6KhXuxT0JKmCp
NwKWHCSbPgR5gN7ZDUIOQ/cSVPrV9rcsXOi31DN9LnCH0VJQjB9wDcecW9CpS5MZ
Y9ST7Mx1IEGYdmt9bG/3UXgI0NGAXRtv2J0hCaNR9rB59RAz9FiEZFlhdL7AXa+l
G1RR7cBe1OgGEDRKUeY9QKmjulVPeQK6U7BxDk2ovY2YqKJCZsgJ81QSStIUNJDC
4s61chLOZjegdO/Zj3Cj2tpOQaTTXuLOtCYZlb3A3ZHWGS6VsFr43Pq+B7yt+P7J
HvnFIQuGZzE1ZvDp8frqSsQpmmY8EYDha7ZI61zIIR5nOt7RVX/FudkaO87R6d/H
u+8Mcwh6lGsElORMO2scGB/FnQHimy5b97Kuy9x6L8OEwsVPk+RdhES0h4XLt5xB
GmW0T+yn4VBZxIU2Zf7Ps2ghe5dK/cRI/osPXMP0mo/ksv+TAgE=
=TEKv
-----END PGP SIGNATURE-----


Reply to: