Security update for opensc
Announcement ID: | SUSE-SU-2022:1041-1 |
---|---|
Rating: | important |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves 13 vulnerabilities and has one security fix can now be installed.
Description:
This update for opensc fixes the following issues:
Security issues fixed:
- CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005).
- CVE-2021-42779: Fixed use after free in sc_file_valid() (bsc#1191992).
- CVE-2021-42781: Fixed multiple heap buffer overflows in pkcs15-oberthur.c (bsc#1192000).
- CVE-2021-42782: Stack buffer overflow issues in various places (bsc#1191957).
- CVE-2019-6502: Fixed a memory leak in sc_context_create() (bsc#1122756).
- CVE-2020-26570: Fixed a heap based buffer overflow in sc_oberthur_read_file (bsc#1177364).
- CVE-2020-26572: Prevent out of bounds write (bsc#1177378)
- CVE-2020-26571: gemsafe GPK smart card software driver stack-based buffer overflow (bsc#1177380)
- CVE-2019-15946: out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry (bsc#1149747)
- CVE-2019-19479: incorrect read operation during parsing of a SETCOS file attribute (bsc#1158256)
- CVE-2019-15945: Fixed an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string (bsc#1149746).
- CVE-2019-19481: Fixed an improper handling of buffer limits for CAC certificates (bsc#1158305).
- CVE-2019-20792: Fixed a double free in coolkey_free_private_data (bsc#1170809).
Non-security issues fixed:
- Fixes segmentation fault in 'pkcs11-tool.c'. (bsc#1114649)
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Server ESPOS 15
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1041=1
-
SUSE Linux Enterprise High Performance Computing 15 LTSS 15
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1041=1
-
SUSE Linux Enterprise Server 15 LTSS 15
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1041=1
-
SUSE Linux Enterprise Server for SAP Applications 15
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1041=1
Package List:
-
SUSE Linux Enterprise Server ESPOS 15 (aarch64 x86_64)
- opensc-0.18.0-150000.3.23.1
- opensc-debuginfo-0.18.0-150000.3.23.1
- opensc-debugsource-0.18.0-150000.3.23.1
-
SUSE Linux Enterprise High Performance Computing 15 LTSS 15 (aarch64 x86_64)
- opensc-0.18.0-150000.3.23.1
- opensc-debuginfo-0.18.0-150000.3.23.1
- opensc-debugsource-0.18.0-150000.3.23.1
-
SUSE Linux Enterprise Server 15 LTSS 15 (aarch64 ppc64le s390x x86_64)
- opensc-0.18.0-150000.3.23.1
- opensc-debuginfo-0.18.0-150000.3.23.1
- opensc-debugsource-0.18.0-150000.3.23.1
-
SUSE Linux Enterprise Server for SAP Applications 15 (ppc64le x86_64)
- opensc-0.18.0-150000.3.23.1
- opensc-debuginfo-0.18.0-150000.3.23.1
- opensc-debugsource-0.18.0-150000.3.23.1
References:
- https://www.suse.com/security/cve/CVE-2019-15945.html
- https://www.suse.com/security/cve/CVE-2019-15946.html
- https://www.suse.com/security/cve/CVE-2019-19479.html
- https://www.suse.com/security/cve/CVE-2019-19481.html
- https://www.suse.com/security/cve/CVE-2019-20792.html
- https://www.suse.com/security/cve/CVE-2019-6502.html
- https://www.suse.com/security/cve/CVE-2020-26570.html
- https://www.suse.com/security/cve/CVE-2020-26571.html
- https://www.suse.com/security/cve/CVE-2020-26572.html
- https://www.suse.com/security/cve/CVE-2021-42779.html
- https://www.suse.com/security/cve/CVE-2021-42780.html
- https://www.suse.com/security/cve/CVE-2021-42781.html
- https://www.suse.com/security/cve/CVE-2021-42782.html
- https://bugzilla.suse.com/show_bug.cgi?id=1114649
- https://bugzilla.suse.com/show_bug.cgi?id=1122756
- https://bugzilla.suse.com/show_bug.cgi?id=1149746
- https://bugzilla.suse.com/show_bug.cgi?id=1149747
- https://bugzilla.suse.com/show_bug.cgi?id=1158256
- https://bugzilla.suse.com/show_bug.cgi?id=1158305
- https://bugzilla.suse.com/show_bug.cgi?id=1170809
- https://bugzilla.suse.com/show_bug.cgi?id=1177364
- https://bugzilla.suse.com/show_bug.cgi?id=1177378
- https://bugzilla.suse.com/show_bug.cgi?id=1177380
- https://bugzilla.suse.com/show_bug.cgi?id=1191957
- https://bugzilla.suse.com/show_bug.cgi?id=1191992
- https://bugzilla.suse.com/show_bug.cgi?id=1192000
- https://bugzilla.suse.com/show_bug.cgi?id=1192005