Overview
Request 631969 superseded
- Added CVE-2018-14779.patch: Fixed an buffer overflow and an out of bounds
memory read in ykpiv_transfer_data(), which could be triggered by a malicious
token. (CVE-2018-14779, bsc#1104809, YSA-2018-03)
- Added CVE-2018-14780.patch: Fixed an buffer overflow and an out of bounds
memory read in _ykpiv_fetch_object(), which could be triggered by a malicious
token. (CVE-2018-14780, bsc#1104811, YSA-2018-03)
- Created by kbabioch
- In state superseded
- Superseded by 631973
- Open review for maintbot
Request History
kbabioch created request
- Added CVE-2018-14779.patch: Fixed an buffer overflow and an out of bounds
memory read in ykpiv_transfer_data(), which could be triggered by a malicious
token. (CVE-2018-14779, bsc#1104809, YSA-2018-03)
- Added CVE-2018-14780.patch: Fixed an buffer overflow and an out of bounds
memory read in _ykpiv_fetch_object(), which could be triggered by a malicious
token. (CVE-2018-14780, bsc#1104811, YSA-2018-03)
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
- Added CVE-2018-14779.patch: Fixed an buffer overflow and an out of bounds
memory read in ykpiv_transfer_data(), which could be triggered by a malicious
token. (CVE-2018-14779, bsc#1104809, YSA-2018-03)
- Added CVE-2018-14780.patch: Fixed an buffer overflow and an out of bounds
memory read in _ykpiv_fetch_object(), which could be triggered by a malicious
token. (CVE-2018-14780, bsc#1104811, YSA-2018-03)
home:kbabioch:branches:openSUSE:Leap:42.3:Update/yubico-piv-tool@df07739824407a73444cc1889b7ebdba -> openSUSE:Leap:42.3:Update/yubico-piv-tool
expected origin is 'openSUSE:Leap:42.2' (changed)