Oval Definition:oval:org.opensuse.security:def:96842
Revision Date:2021-04-13Version:1
Title:Security update for opensc (Moderate)
Description:

This update for opensc fixes the following issues: - CVE-2019-15945: Fixed an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string (bsc#1149746). - CVE-2019-15946: Fixed an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry (bsc#1149747) - CVE-2019-19479: Fixed an incorrect read operation during parsing of a SETCOS file attribute (bsc#1158256) - CVE-2019-19480: Fixed an improper free operation in sc_pkcs15_decode_prkdf_entry (bsc#1158307). - CVE-2019-20792: Fixed a double free in coolkey_free_private_data (bsc#1170809). - CVE-2020-26570: Fixed a buffer overflow in sc_oberthur_read_file (bsc#1177364). - CVE-2020-26571: Fixed a stack-based buffer overflow in gemsafe GPK smart card software driver (bsc#1177380) - CVE-2020-26572: Fixed a stack-based buffer overflow in tcos_decipher (bsc#1177378).
Family:unixClass:patch
Status:Reference(s):1149746
1149747
1158256
1158307
1170809
1177364
1177378
1177380
CVE-2019-15945
CVE-2019-15946
CVE-2019-19479
CVE-2019-19480
CVE-2019-20792
CVE-2020-26570
CVE-2020-26571
CVE-2020-26572
SUSE-SU-2021:1168-1
Platform(s):openSUSE Leap 15.3 SLE Imports
Product(s):
Definition Synopsis
  • openSUSE Leap 15.3 SLE Imports is installed
  • AND Package Information
  • opensc-0.19.0-3.7.1 is installed
  • OR opensc-32bit-0.19.0-3.7.1 is installed
  • OR opensc-64bit-0.19.0-3.7.1 is installed
  • BACK