Описание
Security update for p11-kit
This update for p11-kit fixes the following issues:
- CVE-2020-29362: Fixed a 4 byte overread that could lead to crashes (bsc#1180065)
Список пакетов
Container suse/ltss/sle12.5/sles12sp5:latest
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Container suse/sles12sp5:latest
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-Azure-BYOS
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-Azure-Basic-On-Demand
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-Azure-HPC-BYOS
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-Azure-HPC-On-Demand
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-Azure-SAP-BYOS
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-Azure-SAP-On-Demand
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-Azure-Standard-On-Demand
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-EC2-BYOS
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-EC2-ECS-On-Demand
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-EC2-On-Demand
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-EC2-SAP-BYOS
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-EC2-SAP-On-Demand
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-GCE-BYOS
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-GCE-On-Demand
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-GCE-SAP-BYOS
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-GCE-SAP-On-Demand
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libp11-kit0-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
SUSE Linux Enterprise Server 12 SP5
libp11-kit0-0.23.2-8.10.1
libp11-kit0-32bit-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-32bit-0.23.2-8.10.1
p11-kit-nss-trust-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libp11-kit0-0.23.2-8.10.1
libp11-kit0-32bit-0.23.2-8.10.1
p11-kit-0.23.2-8.10.1
p11-kit-32bit-0.23.2-8.10.1
p11-kit-nss-trust-0.23.2-8.10.1
p11-kit-tools-0.23.2-8.10.1
SUSE Linux Enterprise Software Development Kit 12 SP5
p11-kit-devel-0.23.2-8.10.1
Ссылки
- Link for SUSE-SU-2022:2871-1
- E-Mail link for SUSE-SU-2022:2871-1
- SUSE Security Ratings
- SUSE Bug 1180065
- SUSE CVE CVE-2020-29362 page
Описание
An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.
Затронутые продукты
Container suse/ltss/sle12.5/sles12sp5:latest:libp11-kit0-0.23.2-8.10.1
Container suse/ltss/sle12.5/sles12sp5:latest:p11-kit-0.23.2-8.10.1
Container suse/ltss/sle12.5/sles12sp5:latest:p11-kit-tools-0.23.2-8.10.1
Container suse/sles12sp5:latest:libp11-kit0-0.23.2-8.10.1
Ссылки
- CVE-2020-29362
- SUSE Bug 1180065
- SUSE Bug 1201534