Описание
Security update for opensc
This update for opensc fixes the following issues:
- CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005).
- CVE-2021-42779: Fixed use after free in sc_file_valid() (bsc#1191992).
- CVE-2021-42781: Fixed multiple heap buffer overflows in pkcs15-oberthur.c (bsc#1192000).
- CVE-2021-42782: Stack buffer overflow issues in various places (bsc#1191957).
Список пакетов
HPE Helion OpenStack 8
opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP2-BCL
opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP3-BCL
opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP3-LTSS
opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP4-LTSS
opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP5
opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
opensc-0.13.0-3.19.1
SUSE OpenStack Cloud 8
opensc-0.13.0-3.19.1
SUSE OpenStack Cloud 9
opensc-0.13.0-3.19.1
SUSE OpenStack Cloud Crowbar 8
opensc-0.13.0-3.19.1
SUSE OpenStack Cloud Crowbar 9
opensc-0.13.0-3.19.1
Ссылки
- Link for SUSE-SU-2021:3582-1
- E-Mail link for SUSE-SU-2021:3582-1
- SUSE Security Ratings
- SUSE Bug 1191957
- SUSE Bug 1191992
- SUSE Bug 1192000
- SUSE Bug 1192005
- SUSE CVE CVE-2021-42779 page
- SUSE CVE CVE-2021-42780 page
- SUSE CVE CVE-2021-42781 page
- SUSE CVE CVE-2021-42782 page
Описание
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.
Затронутые продукты
HPE Helion OpenStack 8:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP2-BCL:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP3-BCL:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP3-LTSS:opensc-0.13.0-3.19.1
Ссылки
- CVE-2021-42779
- SUSE Bug 1191992
Описание
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.
Затронутые продукты
HPE Helion OpenStack 8:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP2-BCL:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP3-BCL:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP3-LTSS:opensc-0.13.0-3.19.1
Ссылки
- CVE-2021-42780
- SUSE Bug 1192005
- SUSE Bug 1196716
Описание
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.
Затронутые продукты
HPE Helion OpenStack 8:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP2-BCL:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP3-BCL:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP3-LTSS:opensc-0.13.0-3.19.1
Ссылки
- CVE-2021-42781
- SUSE Bug 1192000
- SUSE Bug 1192635
Описание
Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.
Затронутые продукты
HPE Helion OpenStack 8:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP2-BCL:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP3-BCL:opensc-0.13.0-3.19.1
SUSE Linux Enterprise Server 12 SP3-LTSS:opensc-0.13.0-3.19.1
Ссылки
- CVE-2021-42782
- SUSE Bug 1191957
- SUSE Bug 1192635
- SUSE Bug 1192643
- SUSE Bug 1192786
- SUSE Bug 1193388