[ALSA-2023:7879] Moderate: opensc security update
Type:
security
Severity:
moderate
Release date:
2023-12-22
Description:
The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fix(es): * OpenSC: Potential PIN bypass when card tracks its own login state (CVE-2023-40660) * OpenSC: multiple memory issues with pkcs15-init (enrollment tool) (CVE-2023-40661) * OpenSC: out-of-bounds read in MyEID driver handling encryption using symmetric keys (CVE-2023-4535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 opensc-0.23.0-3.el9_3.aarch64.rpm 3840099eb15ce484a1dacbef069301ff485efc3bd312d2f6096334576a21458d
i686 opensc-0.23.0-3.el9_3.i686.rpm 77b97cacf5d620b43bd95de1db9debf377115a6c736fadebb1e9b8387c388e19
ppc64le opensc-0.23.0-3.el9_3.ppc64le.rpm b989ef5f2444cd7c087959c785c581e1a2129ad3f23a088ee6a7bcd3586e8b8f
s390x opensc-0.23.0-3.el9_3.s390x.rpm 427038cb7840585ffc0fa3571ebbf7ef1f81efe841ca50ca9dda0986a5719e9e
x86_64 opensc-0.23.0-3.el9_3.x86_64.rpm 2a17984ebf7e5b270ef9081f24426b643d3de6c2e8d6b3b6e379d91fb886e771
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.