SUSE_ALP_Standard/patchinfo.20241015063320674583.269002615871826/_patchinfo

<patchinfo>
  <!-- generated from request(s) 347546 -->
  <issue tracker="bnc" id="1230071">VUL-0: CVE-2024-45615: opensc: pkcs15init: Usage of uninitialized values in libopensc and pkcs15init</issue>
  <issue tracker="bnc" id="1230072">VUL-0: CVE-2024-45616: opensc: Uninitialized values after incorrect check or usage of APDU response values in libopensc</issue>
  <issue tracker="bnc" id="1230073">VUL-0: CVE-2024-45617: opensc: Uninitialized values after incorrect or missing checking return values of functions in libopensc</issue>
  <issue tracker="bnc" id="1230074">VUL-0: CVE-2024-45618: opensc: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init</issue>
  <issue tracker="bnc" id="1230075">VUL-0: CVE-2024-45619: opensc: Incorrect handling length of buffers or files in libopensc</issue>
  <issue tracker="bnc" id="1230076">VUL-0: CVE-2024-45620: opensc: Incorrect handling of the length of buffers or files in pkcs15init</issue>
  <issue tracker="bnc" id="1230364">VUL-0: CVE-2024-8443: opensc: heap buffer overflow in OpenPGP driver when generating key</issue>
  <issue tracker="cve" id="2024-8443"/>
  <issue tracker="cve" id="2024-45615"/>
  <issue tracker="cve" id="2024-45616"/>
  <issue tracker="cve" id="2024-45617"/>
  <issue tracker="cve" id="2024-45618"/>
  <issue tracker="cve" id="2024-45619"/>
  <issue tracker="cve" id="2024-45620"/>
  <packager>ayankov</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for opensc</summary>
  <description>This update for opensc fixes the following issues:

- CVE-2024-8443: Fixed heap buffer overflow in OpenPGP driver when generating key (bsc#1230364)
- CVE-2024-45620: Fixed incorrect handling of the length of buffers or files in pkcs15init (bsc#1230076)
- CVE-2024-45619: Fixed incorrect handling length of buffers or files in libopensc (bsc#1230075)
- CVE-2024-45618: Fixed uninitialized values after incorrect or missing checking return values of functions in pkcs15init (bsc#1230074)
- CVE-2024-45617: Fixed uninitialized values after incorrect or missing checking return values of functions in libopensc (bsc#1230073)
- CVE-2024-45616: Fixed uninitialized values after incorrect check or usage of APDU response values in libopensc (bsc#1230072)
- CVE-2024-45615: Fixed uninitialized values in libopensc and pkcs15init (bsc#1230071)
</description>
  <package>opensc</package>
  <seperate_build_arch/>
</patchinfo>