| Revision Date: | 2021-04-13 | Version: | 1 |
| Title: | Security update for opensc (Moderate) |
| Description: |
This update for opensc fixes the following issues: - CVE-2019-15945: Fixed an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string (bsc#1149746). - CVE-2019-15946: Fixed an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry (bsc#1149747) - CVE-2019-19479: Fixed an incorrect read operation during parsing of a SETCOS file attribute (bsc#1158256) - CVE-2019-19480: Fixed an improper free operation in sc_pkcs15_decode_prkdf_entry (bsc#1158307). - CVE-2019-20792: Fixed a double free in coolkey_free_private_data (bsc#1170809). - CVE-2020-26570: Fixed a buffer overflow in sc_oberthur_read_file (bsc#1177364). - CVE-2020-26571: Fixed a stack-based buffer overflow in gemsafe GPK smart card software driver (bsc#1177380) - CVE-2020-26572: Fixed a stack-based buffer overflow in tcos_decipher (bsc#1177378).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1149746
1149747
1158256
1158307
1170809
1177364
1177378
1177380
CVE-2019-15945
CVE-2019-15946
CVE-2019-19479
CVE-2019-19480
CVE-2019-20792
CVE-2020-26570
CVE-2020-26571
CVE-2020-26572
|
| Platform(s): | SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
| Product(s): | |