Описание
Security update for p11-kit
This update for p11-kit fixes the following issues:
- CVE-2020-29361: Fixed multiple integer overflows in rpc code (bsc#1180064)
- Add support for CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER (bsc#1187993).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.2
libp11-kit0-0.23.2-lp152.7.3.1
libp11-kit0-32bit-0.23.2-lp152.7.3.1
p11-kit-0.23.2-lp152.7.3.1
p11-kit-32bit-0.23.2-lp152.7.3.1
p11-kit-devel-0.23.2-lp152.7.3.1
p11-kit-nss-trust-0.23.2-lp152.7.3.1
p11-kit-nss-trust-32bit-0.23.2-lp152.7.3.1
p11-kit-tools-0.23.2-lp152.7.3.1
Ссылки
- E-Mail link for openSUSE-SU-2021:1611-1
- SUSE Security Ratings
- SUSE Bug 1180064
- SUSE Bug 1187993
- SUSE CVE CVE-2020-29361 page
Описание
An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.
Затронутые продукты
openSUSE Leap 15.2:libp11-kit0-0.23.2-lp152.7.3.1
openSUSE Leap 15.2:libp11-kit0-32bit-0.23.2-lp152.7.3.1
openSUSE Leap 15.2:p11-kit-0.23.2-lp152.7.3.1
openSUSE Leap 15.2:p11-kit-32bit-0.23.2-lp152.7.3.1
Ссылки
- CVE-2020-29361
- SUSE Bug 1180064