Mageia 2021-0512: opensc security update
Summary
CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005).
CVE-2021-42779: Fixed use after free in sc_file_valid() (bsc#1191992).
CVE-2021-42781: Fixed multiple heap buffer overflows in pkcs15-oberthur.c
(bsc#1192000).
CVE-2021-42782: Stack buffer overflow issues in various places
(bsc#1191957).
References
- https://bugs.mageia.org/show_bug.cgi?id=29607
- https://lists.suse.com/pipermail/sle-security-updates/2021-October/009683.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42779
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42780
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42781
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42782
Resolution
MGASA-2021-0512 - Updated opensc packages fix security vulnerability
SRPMS
- 8/core/opensc-0.22.0-1.mga8