Guilhem Moulin pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
38392e82 by Guilhem Moulin at 2023-06-21T00:14:28+02:00
Mark CVE-2021-42778/opensc as not-affected for buster and stretch.
- - - - -
d9265de8 by Guilhem Moulin at 2023-06-21T00:14:30+02:00
CVE-2021-42781/opensc: Reorder upstream commits.
- - - - -
193986c4 by Guilhem Moulin at 2023-06-21T00:14:31+02:00
CVE-2021-42782/opensc: Reorder upstream commits.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -125228,20 +125228,20 @@ CVE-2021-42782 (Stack buffer overflow issues were
found in Opensc before version
[buster] - opensc <no-dsa> (Minor issue)
[stretch] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016448
- NOTE:
https://github.com/OpenSC/OpenSC/commit/1252aca9f10771ef5ba8405e73cf2da50827958f
(0.22.0-rc1)
- NOTE:
https://github.com/OpenSC/OpenSC/commit/456ac566938a1da774db06126a2fa6c0cba514b3
(0.22.0)
- NOTE:
https://github.com/OpenSC/OpenSC/commit/7114fb71b54ddfe06ce5dfdab013f4c38f129d14
(0.22.0-rc1)
NOTE:
https://github.com/OpenSC/OpenSC/commit/78cdab949f098ad7e593d853229fccf57d749d0c
(0.22.0-rc1)
+ NOTE:
https://github.com/OpenSC/OpenSC/commit/1252aca9f10771ef5ba8405e73cf2da50827958f
(0.22.0-rc1)
NOTE:
https://github.com/OpenSC/OpenSC/commit/ae1cf0be90396fb6c0be95829bf0d3eecbd2fd1c
(0.22.0-rc1)
+ NOTE:
https://github.com/OpenSC/OpenSC/commit/7114fb71b54ddfe06ce5dfdab013f4c38f129d14
(0.22.0-rc1)
+ NOTE:
https://github.com/OpenSC/OpenSC/commit/456ac566938a1da774db06126a2fa6c0cba514b3
(0.22.0)
CVE-2021-42781 (Heap buffer overflow issues were found in Opensc before
version 0.22.0 ...)
- opensc 0.22.0-1
[bullseye] - opensc <no-dsa> (Minor issue)
[buster] - opensc <no-dsa> (Minor issue)
[stretch] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016439
- NOTE:
https://github.com/OpenSC/OpenSC/commit/05648b0604bf3e498e8d42dff3c6e7c56a5bf749
(0.22.0-rc1)
NOTE:
https://github.com/OpenSC/OpenSC/commit/17d8980cde7be597afc366b7e311d0d7cadcb1f4
(0.22.0-rc1)
NOTE:
https://github.com/OpenSC/OpenSC/commit/40c50a3a4219308aae90f6efd7b10213794a8d86
(0.22.0-rc1)
+ NOTE:
https://github.com/OpenSC/OpenSC/commit/05648b0604bf3e498e8d42dff3c6e7c56a5bf749
(0.22.0-rc1)
NOTE:
https://github.com/OpenSC/OpenSC/commit/5d4daf6c92e4668f5458f380f3cacea3e879d91a
(0.22.0-rc1)
NOTE:
https://github.com/OpenSC/OpenSC/commit/cae5c71f90cc5b364efe14040923fd5aa3b5dd90
(0.22.0-rc1)
CVE-2021-42780 (A use after return issue was found in Opensc before version
0.22.0 in ...)
@@ -125263,8 +125263,8 @@ CVE-2021-42779 (A heap use after free issue was found
in Opensc before version 0
CVE-2021-42778 (A heap double free issue was found in Opensc before version
0.22.0 in ...)
- opensc 0.22.0-1
[bullseye] - opensc <no-dsa> (Minor issue)
- [buster] - opensc <no-dsa> (Minor issue)
- [stretch] - opensc <no-dsa> (Minor issue)
+ [buster] - opensc <not-affected> (Vulnerable code introduced later)
+ [stretch] - opensc <not-affected> (Vulnerable code introduced later)
NOTE:
https://github.com/OpenSC/OpenSC/commit/f015746d22d249642c19674298a18ad824db0ed7
(0.22.0-rc1)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016083
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0c3b15a855ab5aa17e52474c4df239b81ea82c4b...193986c419c54eeae4571b391b89a48fef9c7823
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0c3b15a855ab5aa17e52474c4df239b81ea82c4b...193986c419c54eeae4571b391b89a48fef9c7823
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
