File _patchinfo of Package patchinfo.35665

<patchinfo incident="35665">
  <issue tracker="cve" id="2024-45615"/>
  <issue tracker="cve" id="2024-8443"/>
  <issue tracker="cve" id="2024-45620"/>
  <issue tracker="cve" id="2024-45617"/>
  <issue tracker="cve" id="2024-45616"/>
  <issue tracker="cve" id="2024-45618"/>
  <issue tracker="cve" id="2024-45619"/>
  <issue tracker="bnc" id="1230071">VUL-0: CVE-2024-45615: opensc: pkcs15init: Usage of uninitialized values in libopensc and pkcs15init</issue>
  <issue tracker="bnc" id="1230072">VUL-0: CVE-2024-45616: opensc: Uninitialized values after incorrect check or usage of APDU response values in libopensc</issue>
  <issue tracker="bnc" id="1230364">VUL-0: CVE-2024-8443: opensc: heap buffer overflow in OpenPGP driver when generating key</issue>
  <issue tracker="bnc" id="1230075">VUL-0: CVE-2024-45619: opensc: Incorrect handling length of buffers or files in libopensc</issue>
  <issue tracker="bnc" id="1217722">[TRACKERBUG] OpenSSL 3.2.0 upgrade tracker bug</issue>
  <issue tracker="bnc" id="1230073">VUL-0: CVE-2024-45617: opensc: Uninitialized values after incorrect or missing checking return values of functions in libopensc</issue>
  <issue tracker="bnc" id="1230074">VUL-0: CVE-2024-45618: opensc: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init</issue>
  <issue tracker="bnc" id="1230076">VUL-0: CVE-2024-45620: opensc: Incorrect handling of the length of buffers or files in pkcs15init</issue>
  <packager>ayankov</packager>
  <rating>low</rating>
  <category>security</category>
  <summary>Security update for opensc</summary>
  <description>This update for opensc fixes the following issues:

- CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init. (bsc#1230076)
- CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (bsc#1230075)
- CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (bsc#1230074)
- CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (bsc#1230073)
- CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (bsc#1230072)
- CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (bsc#1230071)
- CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (bsc#1230364)
</description>
</patchinfo>