Updated opensc packages fix security vulnerability
Publication date: 18 Nov 2021Modification date: 18 Nov 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-42779 , CVE-2021-42780 , CVE-2021-42781 , CVE-2021-42782
Description
CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005).
CVE-2021-42779: Fixed use after free in sc_file_valid() (bsc#1191992).
CVE-2021-42781: Fixed multiple heap buffer overflows in pkcs15-oberthur.c
(bsc#1192000).
CVE-2021-42782: Stack buffer overflow issues in various places
(bsc#1191957).
References
- https://bugs.mageia.org/show_bug.cgi?id=29607
- https://lists.suse.com/pipermail/sle-security-updates/2021-October/009683.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42779
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42780
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42781
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42782
SRPMS
8/core
- opensc-0.22.0-1.mga8