Oval Definition:oval:com.redhat.rhsa:def:20100533
Revision Date:2010-07-14Version:639
Title:RHSA-2010:0533: pcsc-lite security update (Moderate)
Description:PC/SC Lite provides a Windows SCard compatible interface for communicating with smart cards, smart card readers, and other security tokens.

  • Multiple buffer overflow flaws were discovered in the way the pcscd daemon, a resource manager that coordinates communications with smart card readers and smart cards connected to the system, handled client requests. A local user could create a specially-crafted request that would cause the pcscd daemon to crash or, possibly, execute arbitrary code. (CVE-2010-0407, CVE-2009-4901)

    Users of pcsc-lite should upgrade to these updated packages, which contain a backported patch to correct these issues. After installing this update, the pcscd daemon will be restarted automatically.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2009-4901
    CVE-2010-0407
    RHSA-2010:0533
    RHSA-2010:0533-01
    RHSA-2010:0533-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • pcsc-lite is earlier than 0:1.4.4-4.el5_5
  • AND pcsc-lite is signed with Red Hat redhatrelease2 key
  • pcsc-lite-devel is earlier than 0:1.4.4-4.el5_5
  • AND pcsc-lite-devel is signed with Red Hat redhatrelease2 key
  • pcsc-lite-doc is earlier than 0:1.4.4-4.el5_5
  • AND pcsc-lite-doc is signed with Red Hat redhatrelease2 key
  • pcsc-lite-libs is earlier than 0:1.4.4-4.el5_5
  • AND pcsc-lite-libs is signed with Red Hat redhatrelease2 key
    • BACK