File _patchinfo of Package patchinfo.9120

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.9120

<patchinfo incident="9120">
  <issue tracker="bnc" id="1107039">VUL-1: CVE-2018-16418: opensc: buffer overflow when handling string concatenation in util_acl_to_str intools/util.c</issue>
  <issue tracker="bnc" id="1107038">VUL-1: CVE-2018-16422: opensc: single byte buffer overflow when handling responses from an esteid Card insc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c</issue>
  <issue tracker="bnc" id="1104812">VUL-0: opensc: Multiple Vulnerabilities in OpenSC</issue>
  <issue tracker="bnc" id="1107034">VUL-1: CVE-2018-16426: opensc: Endless recursion when handling responses from an IAS-ECC card iniasecc_select_file</issue>
  <issue tracker="bnc" id="1107037">VUL-1: CVE-2018-16423: opensc: double free when handling responses from a smartcard in sc_file_set_sec_attrin libopensc/sc.c</issue>
  <issue tracker="bnc" id="1107097">VUL-0: CVE-2018-16420: opensc: buffer overflows when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c</issue>
  <issue tracker="bnc" id="1108318">VUL-1: CVE-2018-16393: opensc: Buffer overflows handling responses from Gemsafe V1 Smartcards in pkcs15-gemsafeV1.c:gemsafe_get_cert_len()</issue>
  <issue tracker="bnc" id="1107033">VUL-1: CVE-2018-16427: opensc: out of bounds reads when handling responses in OpenSC</issue>
  <issue tracker="bnc" id="1106999">VUL-1: CVE-2018-16392: opensc: denial of service when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c</issue>
  <issue tracker="bnc" id="1106998">VUL-1: CVE-2018-16391: opensc: denial of service  when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c</issue>
  <issue tracker="bnc" id="1107107">VUL-0: CVE-2018-16419: opensc: Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c</issue>
  <issue tracker="cve" id="2018-16393"/>
  <issue tracker="cve" id="2018-16392"/>
  <issue tracker="cve" id="2018-16391"/>
  <issue tracker="cve" id="2018-16418"/>
  <issue tracker="cve" id="2018-16419"/>
  <issue tracker="cve" id="2018-16420"/>
  <issue tracker="cve" id="2018-16423"/>
  <issue tracker="cve" id="2018-16422"/>
  <issue tracker="cve" id="2018-16427"/>
  <issue tracker="cve" id="2018-16426"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>mcalabkova</packager>
  <description>This update for opensc fixes the following issues:

- CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card (bsc#1106998)
- CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card (bsc#1106999)
- CVE-2018-16393: Fixed buffer overflows when handling responses from Gemsafe V1 Smartcards (bsc#1108318)
- CVE-2018-16418: Fixed buffer overflow when handling string concatenation in util_acl_to_str (bsc#1107039)
- CVE-2018-16419: Fixed several buffer overflows when handling responses from a Cryptoflex card (bsc#1107107)
- CVE-2018-16420: Fixed buffer overflows when handling responses from an ePass 2003 Card (bsc#1107097)
- CVE-2018-16422: Fixed single byte buffer overflow when handling responses from an esteid Card (bsc#1107038)
- CVE-2018-16423: Fixed double free when handling responses from a smartcard (bsc#1107037)
- CVE-2018-16426: Fixed endless recursion when handling responses from an IAS-ECC card (bsc#1107034)
- CVE-2018-16427: Fixed out of bounds reads when handling responses in OpenSC (bsc#1107033)

This update was imported from the SUSE:SLE-12:Update update project.</description>
  <summary>Security update for opensc</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.9120

Places