[ALSA-2021:1600] Moderate: opensc security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2023-03-13
Description:
The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fix(es): * opensc: heap-based buffer overflow in sc_oberthur_read_file (CVE-2020-26570) * opensc: stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init (CVE-2020-26571) * opensc: stack-based buffer overflow in tcos_decipher (CVE-2020-26572) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 opensc-0.20.0-4.el8.aarch64.rpm 371c3d97ad8b4eae255975a8439ab35d2d94bde0fd9639078378506fac08a678
i686 opensc-0.20.0-4.el8.i686.rpm 78eae7d668e4b42c5ee8c424971d0fc7f6e9950788dcc0411cf0224f56552c2d
ppc64le opensc-0.20.0-4.el8.ppc64le.rpm 137a64756abbd93d8ce08a2213734d3d7b24f1eb264b450e44b30cc50a50f87e
x86_64 opensc-0.20.0-4.el8.x86_64.rpm f18d6f74086e4fe262d320004c6912e0d872eee0dfb92e206561cb468c6ef257
x86_64 opensc-0.20.0-4.el8.x86_64.rpm f18d6f74086e4fe262d320004c6912e0d872eee0dfb92e206561cb468c6ef257
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.