Adding patchinfo patchinfo.20241015063320674583.269002615871826

2024-12-10 12:36:15 +01:00 · 2024-12-10 12:36:15 +01:00 · aed490494b
commit aed490494b
parent 026c15f04c
1 changed files with 33 additions and 0 deletions
--- a/patchinfo.20241015063320674583.269002615871826/_patchinfo
+++ b/patchinfo.20241015063320674583.269002615871826/_patchinfo
@ -0,0 +1,33 @@
+<patchinfo>
+  <!-- generated from request(s) 347546 -->
+  <issue tracker="bnc" id="1230071">VUL-0: CVE-2024-45615: opensc: pkcs15init: Usage of uninitialized values in libopensc and pkcs15init</issue>
+  <issue tracker="bnc" id="1230072">VUL-0: CVE-2024-45616: opensc: Uninitialized values after incorrect check or usage of APDU response values in libopensc</issue>
+  <issue tracker="bnc" id="1230073">VUL-0: CVE-2024-45617: opensc: Uninitialized values after incorrect or missing checking return values of functions in libopensc</issue>
+  <issue tracker="bnc" id="1230074">VUL-0: CVE-2024-45618: opensc: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init</issue>
+  <issue tracker="bnc" id="1230075">VUL-0: CVE-2024-45619: opensc: Incorrect handling length of buffers or files in libopensc</issue>
+  <issue tracker="bnc" id="1230076">VUL-0: CVE-2024-45620: opensc: Incorrect handling of the length of buffers or files in pkcs15init</issue>
+  <issue tracker="bnc" id="1230364">VUL-0: CVE-2024-8443: opensc: heap buffer overflow in OpenPGP driver when generating key</issue>
+  <issue tracker="cve" id="2024-8443"/>
+  <issue tracker="cve" id="2024-45615"/>
+  <issue tracker="cve" id="2024-45616"/>
+  <issue tracker="cve" id="2024-45617"/>
+  <issue tracker="cve" id="2024-45618"/>
+  <issue tracker="cve" id="2024-45619"/>
+  <issue tracker="cve" id="2024-45620"/>
+  <packager>ayankov</packager>
+  <rating>moderate</rating>
+  <category>security</category>
+  <summary>Security update for opensc</summary>
+  <description>This update for opensc fixes the following issues:
+
+- CVE-2024-8443: Fixed heap buffer overflow in OpenPGP driver when generating key (bsc#1230364)
+- CVE-2024-45620: Fixed incorrect handling of the length of buffers or files in pkcs15init (bsc#1230076)
+- CVE-2024-45619: Fixed incorrect handling length of buffers or files in libopensc (bsc#1230075)
+- CVE-2024-45618: Fixed uninitialized values after incorrect or missing checking return values of functions in pkcs15init (bsc#1230074)
+- CVE-2024-45617: Fixed uninitialized values after incorrect or missing checking return values of functions in libopensc (bsc#1230073)
+- CVE-2024-45616: Fixed uninitialized values after incorrect check or usage of APDU response values in libopensc (bsc#1230072)
+- CVE-2024-45615: Fixed uninitialized values in libopensc and pkcs15init (bsc#1230071)
+</description>
+  <package>opensc</package>
+  <seperate_build_arch/>
+</patchinfo>