[ALSA-2023:7876] Moderate: opensc security update
Type:
security
Severity:
moderate
Release date:
2023-12-20
Description:
The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fix(es): * OpenSC: Potential PIN bypass when card tracks its own login state (CVE-2023-40660) * OpenSC: multiple memory issues with pkcs15-init (enrollment tool) (CVE-2023-40661) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 opensc-0.20.0-7.el8_9.aarch64.rpm aefc14a7dfa169ad78c4927ef6a9ade58485a64188e7b1dbc8647ebc345f1767
i686 opensc-0.20.0-7.el8_9.i686.rpm 8a30002915a7089552f8d65f3af19fbfb84896532452293c74a396ee8d23e92d
ppc64le opensc-0.20.0-7.el8_9.ppc64le.rpm bbf381e130679474815808f68ac043cd5b281776ea361a6626dfb86cd8c656c2
s390x opensc-0.20.0-7.el8_9.s390x.rpm d8673d96c9d737a5e36785db8b9e9bc23d4f398149c58d28f3c728c2a36d393e
x86_64 opensc-0.20.0-7.el8_9.x86_64.rpm e73e215cb893bcc747a51f68ae3ce5b1b87bd4e1b590f7c662429312dc32d468
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.