opensc

pool/opensc

SHA256

Fork 1

Commit Graph

Author	SHA256	Message	Date
Wolfgang Rosenauer	a9f61c5855	Accepting request 1224304 from home:mnhauke - Update to version 0.26.0 Security * CVE-2024-45615: Usage of uninitialized values in libopensc# and pkcs15init (#3225). * CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc (#3225) * CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc (#3225) * CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init (#3225) * CVE-2024-45619: Incorrect handling length of buffers or files in libopensc (#3225) * CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init (#3225) * CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key (#3219) General improvements * Fix reselection of DF after error in PKCS#15 layer (#3067) * Unify OpenSSL logging throughout code (#2922) * Extend the p11test to support kryoptic (#3141) * Fix for error in PCSC reconnection (#3150) * Fixed various issues reported by OSS-Fuzz and Coverity in drivers, PKCS#11 and PKCS#15 layer PKCS#15 * Documentation for PKCS#15 profile files (#3132) minidriver * Support PinCacheAlwaysPrompt usable for PIV cards (#3167) pkcs11-tool * Show URI when listing token information (#3125) and objects * Do not limit size of objects to 5000 bytes (#3174) OBS-URL: https://build.opensuse.org/request/show/1224304 OBS-URL: https://build.opensuse.org/package/show/security:chipcard/opensc?expand=0&rev=90	2024-11-18 11:30:20 +00:00

Author

SHA256

Message

Date

Wolfgang Rosenauer

a9f61c5855

Accepting request 1224304 from home:mnhauke

- Update to version 0.26.0
  Security
  * CVE-2024-45615: Usage of uninitialized values in libopensc#
    and pkcs15init (#3225).
  * CVE-2024-45616: Uninitialized values after incorrect check or 
    usage of APDU response values in libopensc (#3225)
  * CVE-2024-45617: Uninitialized values after incorrect or missing
    checking return values of functions in libopensc (#3225)
  * CVE-2024-45618: Uninitialized values after incorrect or missing
    checking return values of functions in pkcs15init (#3225)
  * CVE-2024-45619: Incorrect handling length of buffers or files
    in libopensc (#3225)
  * CVE-2024-45620: Incorrect handling of the length of buffers or
    files in pkcs15init (#3225)
  * CVE-2024-8443: Heap buffer overflow in OpenPGP driver when
    generating key (#3219)
  General improvements
  * Fix reselection of DF after error in PKCS#15 layer (#3067)
  * Unify OpenSSL logging throughout code (#2922)
  * Extend the p11test to support kryoptic (#3141)
  * Fix for error in PCSC reconnection (#3150)
  * Fixed various issues reported by OSS-Fuzz and Coverity in
    drivers, PKCS#11 and PKCS#15 layer
  PKCS#15
  * Documentation for PKCS#15 profile files (#3132)
  minidriver
  * Support PinCacheAlwaysPrompt usable for PIV cards (#3167)
  pkcs11-tool
  * Show URI when listing token information (#3125) and objects
  * Do not limit size of objects to 5000 bytes (#3174)

OBS-URL: https://build.opensuse.org/request/show/1224304
OBS-URL: https://build.opensuse.org/package/show/security:chipcard/opensc?expand=0&rev=90

2024-11-18 11:30:20 +00:00

1 Commits