SUSE-SU-2018:3629-1

See a problem?
Please try reporting it to the source first.

Source

Import Source

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2018:3629-1

Related

Published

2018-11-05T16:57:43Z

Modified

2018-11-05T16:57:43Z

Summary

Security update for opensc

Details

This update for opensc fixes the following security issues:

CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card (bsc#1106998)
CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card (bsc#1106999)
CVE-2018-16393: Fixed buffer overflows when handling responses from Gemsafe V1 Smartcards (bsc#1108318)
CVE-2018-16418: Fixed buffer overflow when handling string concatenation in utilaclto_str (bsc#1107039)
CVE-2018-16419: Fixed several buffer overflows when handling responses from a Cryptoflex card (bsc#1107107)
CVE-2018-16420: Fixed buffer overflows when handling responses from an ePass 2003 Card (bsc#1107097)
CVE-2018-16421: Fixed buffer overflows when handling responses from a CAC Card (bsc#1107049)
CVE-2018-16422: Fixed single byte buffer overflow when handling responses from an esteid Card (bsc#1107038)
CVE-2018-16423: Fixed double free when handling responses from a smartcard (bsc#1107037)
CVE-2018-16424: Fixed double free when handling responses in read_file (bsc#1107036)
CVE-2018-16425: Fixed double free when handling responses from an HSM Card (bsc#1107035)
CVE-2018-16426: Fixed endless recursion when handling responses from an IAS-ECC card (bsc#1107034)
CVE-2018-16427: Fixed out of bounds reads when handling responses in OpenSC (bsc#1107033)

References

Affected packages

Name: opensc
Purl: pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.18.0-3.8.1

{
    "binaries": [
        {
            "opensc": "0.18.0-3.8.1"
        }
    ]
}