[Git][security-tracker-team/security-tracker][master] CVE-2021-42778-82/opensc 0.22.0-1

Wed, 20 Apr 2022 05:56:07 -0700 


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
af342f84 by Neil Williams at 2022-04-20T13:55:23+01:00
CVE-2021-42778-82/opensc 0.22.0-1

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34443,15 +34443,36 @@ CVE-2021-42784 (OS Command Injection vulnerability in 
debug_fcgi of D-Link DWR-9
 CVE-2021-42783 (Missing Authentication for Critical Function vulnerability in 
debug_po ...)
        NOT-FOR-US: D-Link
 CVE-2021-42782 (Stack buffer overflow issues were found in Opensc before 
version 0.22. ...)
-       TODO: check
+       - opensc 0.22.0-1
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016448
+       NOTE: https://github.com/OpenSC/OpenSC/commit/1252aca9 (0.22.0)
+       NOTE: https://github.com/OpenSC/OpenSC/commit/456ac566 (0.22.0)
+       NOTE: https://github.com/OpenSC/OpenSC/commit/7114fb71 (0.22.0)
+       NOTE: https://github.com/OpenSC/OpenSC/commit/78cdab94 (0.22.0)
+       NOTE: https://github.com/OpenSC/OpenSC/commit/ae1cf0be (0.22.0)
 CVE-2021-42781 (Heap buffer overflow issues were found in Opensc before 
version 0.22.0 ...)
-       TODO: check
+       - opensc 0.22.0-1
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016439
+       NOTE: https://github.com/OpenSC/OpenSC/commit/05648b06 (0.22.0)
+       NOTE: https://github.com/OpenSC/OpenSC/commit/17d8980c (0.22.0)
+       NOTE: https://github.com/OpenSC/OpenSC/commit/40c50a3a (0.22.0)
+       NOTE: https://github.com/OpenSC/OpenSC/commit/5d4daf6c (0.22.0)
+       NOTE: https://github.com/OpenSC/OpenSC/commit/cae5c71f (0.22.0)
 CVE-2021-42780 (A use after return issue was found in Opensc before version 
0.22.0 in  ...)
-       TODO: check
+       - opensc 0.22.0-1
+       NOTE: https://github.com/OpenSC/OpenSC/commit/5df913b7 (0.22.0)
+       NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016139
 CVE-2021-42779 (A heap use after free issue was found in Opensc before version 
0.22.0  ...)
-       TODO: check
+       - opensc 0.22.0-1
+       NOTE: https://github.com/OpenSC/OpenSC/commit/1db88374 (0.22.0)
+       NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016086
 CVE-2021-42778 (A heap double free issue was found in Opensc before version 
0.22.0 in  ...)
-       TODO: check
+       - opensc 0.22.0-1
+       NOTE: https://github.com/OpenSC/OpenSC/commit/f015746d (0.22.0)
+       NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016083
 CVE-2021-42777
        RESERVED
 CVE-2021-42776 (CloverDX Server before 5.11.2 and and 5.12.x before 5.12.1 
allows XXE  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af342f84c2047e609154cabc6723fa296e883f25

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af342f84c2047e609154cabc6723fa296e883f25
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to