SUSE-SU-2023:4089-1
- Source
- https://www.suse.com/support/update/announcement/2023/suse-su-20234089-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:4089-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2023:4089-1
- Related
- Published
- 2023-10-16T11:17:46Z
- Modified
- 2023-10-16T11:17:46Z
- Summary
- Security update for opensc
- Details
-
This update for opensc fixes the following issues:
- CVE-2023-40660: Fixed a PIN bypass that could be triggered when cards tracked their own login state (bsc#1215762).
- CVE-2023-40661: Fixed several memory safety issues that could happen during the card enrollment process using pkcs15-init (bsc#1215761).
- References
Affected packages
SUSE:Linux Enterprise Micro 5.3 / opensc
Package
- Name
- opensc
- Purl
- pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Micro%205.3
SUSE:Linux Enterprise Micro 5.4 / opensc
Package
- Name
- opensc
- Purl
- pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Micro%205.4
SUSE:Linux Enterprise Micro 5.5 / opensc
Package
- Name
- opensc
- Purl
- pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
SUSE:Linux Enterprise Module for Basesystem 15 SP4 / opensc
Package
- Name
- opensc
- Purl
- pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4