Overview
Request 631973 accepted
- Added CVE-2018-14779.patch: Fixed an buffer overflow and an out of bounds
memory read in ykpiv_transfer_data(), which could be triggered by a malicious
token. (CVE-2018-14779, bsc#1104809, YSA-2018-03)
- Added CVE-2018-14780.patch: Fixed an buffer overflow and an out of bounds
memory read in _ykpiv_fetch_object(), which could be triggered by a malicious
token. (CVE-2018-14780, bsc#1104811, YSA-2018-03)
home:kbabioch:branches:openSUSE:Leap:42.3:Update/yubico-piv-tool@df07739824407a73444cc1889b7ebdba -> openSUSE:Leap:42.3:Update/yubico-piv-tool
expected origin is 'openSUSE:Leap:42.2' (changed)
Request History
kbabioch created request
- Added CVE-2018-14779.patch: Fixed an buffer overflow and an out of bounds
memory read in ykpiv_transfer_data(), which could be triggered by a malicious
token. (CVE-2018-14779, bsc#1104809, YSA-2018-03)
- Added CVE-2018-14780.patch: Fixed an buffer overflow and an out of bounds
memory read in _ykpiv_fetch_object(), which could be triggered by a malicious
token. (CVE-2018-14780, bsc#1104811, YSA-2018-03)
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
maintbot added yubico-piv-tool as a reviewer
Submission for yubico-piv-tool by someone who is not maintainer in the devel project (security). Please review
maintbot accepted review
ok
Simmphonie accepted review
ok
Simmphonie approved review
ok
kbabioch moved maintenance target to openSUSE:Maintenance:8675
kbabioch accepted request
accepted request 631973:Thanks!
For information about the update, see https://build.opensuse.org/project/maintenance_incidents/openSUSE:Maintenance
home:kbabioch:branches:openSUSE:Leap:42.3:Update/yubico-piv-tool@a62c5c510b0030c2bb3052f61b418282 -> openSUSE:Leap:42.3:Update/yubico-piv-tool
expected origin is 'openSUSE:Leap:42.2' (changed)