MGASA-2021-0512 - Updated opensc packages fix security vulnerability

Publication date: 18 Nov 2021
URL: https://advisories.mageia.org/MGASA-2021-0512.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-42779,
     CVE-2021-42780,
     CVE-2021-42781,
     CVE-2021-42782

CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005).
CVE-2021-42779: Fixed use after free in sc_file_valid() (bsc#1191992).
CVE-2021-42781: Fixed multiple heap buffer overflows in pkcs15-oberthur.c
 (bsc#1192000).
CVE-2021-42782: Stack buffer overflow issues in various places
 (bsc#1191957).

References:
- https://bugs.mageia.org/show_bug.cgi?id=29607
- https://lists.suse.com/pipermail/sle-security-updates/2021-October/009683.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42779
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42780
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42781
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42782

SRPMS:
- 8/core/opensc-0.22.0-1.mga8