Описание
Security update for opensc
This update for opensc fixes the following issues:
- CVE-2023-5992: Fixed a side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386)
Список пакетов
SUSE Linux Enterprise Server 12 SP5
opensc-0.13.0-3.28.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
opensc-0.13.0-3.28.1
Ссылки
- Link for SUSE-SU-2024:1625-1
- E-Mail link for SUSE-SU-2024:1625-1
- SUSE Security Ratings
- SUSE Bug 1219386
- SUSE CVE CVE-2023-5992 page
Описание
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:opensc-0.13.0-3.28.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:opensc-0.13.0-3.28.1
Ссылки
- CVE-2023-5992
- SUSE Bug 1219386