Overview

File _patchinfo of Package patchinfo.31014

<patchinfo incident="31014">
  <issue tracker="cve" id="2023-40661"/>
  <issue tracker="cve" id="2023-40660"/>
  <issue tracker="bnc" id="1215762">VUL-0: CVE-2023-40660: opensc: PIN bypass when card tracks its own login state</issue>
  <issue tracker="bnc" id="1215761">VUL-0: CVE-2023-40661: opensc: multiple memory issues with pkcs15-init (enrollment tool)</issue>
  <packager>ohollmann</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for opensc</summary>
  <description>This update for opensc fixes the following issues:

- CVE-2023-40660: Fixed a PIN bypass that could be triggered when
  cards tracked their own login state (bsc#1215762).
- CVE-2023-40661: Fixed several memory safety issues that could happen
  during the card enrollment process using pkcs15-init (bsc#1215761).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places