Oval Definition:oval:org.opensuse.security:def:66736
Revision Date:2021-04-13Version:1
Title:Security update for opensc (Moderate)
Description:

This update for opensc fixes the following issues: - CVE-2019-15945: Fixed an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string (bsc#1149746). - CVE-2019-15946: Fixed an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry (bsc#1149747) - CVE-2019-19479: Fixed an incorrect read operation during parsing of a SETCOS file attribute (bsc#1158256) - CVE-2019-19480: Fixed an improper free operation in sc_pkcs15_decode_prkdf_entry (bsc#1158307). - CVE-2019-20792: Fixed a double free in coolkey_free_private_data (bsc#1170809). - CVE-2020-26570: Fixed a buffer overflow in sc_oberthur_read_file (bsc#1177364). - CVE-2020-26571: Fixed a stack-based buffer overflow in gemsafe GPK smart card software driver (bsc#1177380) - CVE-2020-26572: Fixed a stack-based buffer overflow in tcos_decipher (bsc#1177378).
Family:unixClass:patch
Status:Reference(s):1149746
1149747
1158256
1158307
1170809
1177364
1177378
1177380
CVE-2015-0778
CVE-2016-5104
CVE-2019-15945
CVE-2019-15946
CVE-2019-19479
CVE-2019-19480
CVE-2019-20792
CVE-2019-3685
CVE-2020-26570
CVE-2020-26571
CVE-2020-26572
Platform(s):SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Module for Development Tools 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND Package Information
  • libimobiledevice-devel-1.2.0+git20180427.26373b3-1 is installed
  • OR libimobiledevice6-1.2.0+git20180427.26373b3-1 is installed
  • OR libusbmuxd-devel-1.0.10-3 is installed
  • OR libusbmuxd4-1.0.10-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed
  • AND osc-0.168.2-3.15 is installed
    • BACK