In-Depth HOW TO Articles From The Expert

Learn from the Experts in LinuxSecurity, find the HOWTO or step-by-step guide that you need right here. 

Oracle Linux Security Advisory ELSA-2023-7879

https://linux.oracle.com/errata/ELSA-2023-7879.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
opensc-0.23.0-3.el9_3.i686.rpm
opensc-0.23.0-3.el9_3.x86_64.rpm

aarch64:
opensc-0.23.0-3.el9_3.aarch64.rpm


SRPMS:
https://oss.oracle.com:443/ol9/SRPMS-updates//opensc-0.23.0-3.el9_3.src.rpm

Related CVEs:

CVE-2023-4535
CVE-2023-40660
CVE-2023-40661




Description of changes:

[0.23.0-3]
- Fix file caching with different offsets (RHEL-4079)
- Fix CVE-2023-40660: Potential PIN bypass
- Fix CVE-2023-40661: Dynamic analyzers reports in pkcs15init
- Fix CVE-2023-4535: Out-of-bounds read in MyEID driver handling encryption using symmetric keys
- Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle9: ELSA-2023-7879: opensc security Moderate Security Update

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[0.23.0-3] - Fix file caching with different offsets (RHEL-4079) - Fix CVE-2023-40660: Potential PIN bypass - Fix CVE-2023-40661: Dynamic analyzers reports in pkcs15init - Fix CVE-2023-4535: Out-of-bounds read in MyEID driver handling encryption using symmetric keys - Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding

SRPMs

https://oss.oracle.com:443/ol9/SRPMS-updates//opensc-0.23.0-3.el9_3.src.rpm

x86_64

opensc-0.23.0-3.el9_3.i686.rpm opensc-0.23.0-3.el9_3.x86_64.rpm

aarch64

opensc-0.23.0-3.el9_3.aarch64.rpm

i386

Severity
Related CVEs: CVE-2023-4535 CVE-2023-40660 CVE-2023-40661

Related News