[Git][security-tracker-team/security-tracker][master] Track fixes for opensc via unstable

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4db27c75 by Salvatore Bonaccorso at 2020-01-04T09:01:07+01:00
Track fixes for opensc via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9189,7 +9189,7 @@ CVE-2019-19480 (An issue was discovered in OpenSC through 0.19.0 and 0.20.x thro
 	NOTE: free operation in sc_pkcs15_decode_prkdf_entry.
 CVE-2019-19479 (An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...)
 	{DLA-2046-1}
-	- opensc <unfixed> (bug #947383)
+	- opensc 0.20.0-1 (bug #947383)
 	[buster] - opensc <no-dsa> (Minor issue)
 	[stretch] - opensc <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18693
@@ -21945,13 +21945,13 @@ CVE-2019-15947 (In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencr
 	- bitcoin <unfixed> (bug #939608)
 CVE-2019-15946 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet ...)
 	{DLA-1916-1}
-	- opensc <unfixed> (bug #939669)
+	- opensc 0.20.0-1 (bug #939669)
 	[buster] - opensc <no-dsa> (Minor issue)
 	[stretch] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/a3fc7693f3a035a8a7921cffb98432944bb42740
 CVE-2019-15945 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitst ...)
 	{DLA-1916-1}
-	- opensc <unfixed> (bug #939668)
+	- opensc 0.20.0-1 (bug #939668)
 	[buster] - opensc <no-dsa> (Minor issue)
 	[stretch] - opensc <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenSC/OpenSC/commit/412a6142c27a5973c61ba540e33cdc22d5608e68
@@ -50570,7 +50570,7 @@ CVE-2019-6504 (Insufficient output sanitization in the Automic Web Interface (AW
 CVE-2019-6503 (There is a deserialization vulnerability in Chatopera cosin v3.10.0. A ...)
 	NOT-FOR-US: Chatopera cosin
 CVE-2019-6502 (sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory  ...)
-	- opensc <unfixed> (unimportant)
+	- opensc 0.20.0-1 (unimportant)
 	NOTE: https://github.com/OpenSC/OpenSC/issues/1586
 	NOTE: Negligible security impact, assigning a CVE seems out of proportion...
 CVE-2019-1003004 (An improper authorization vulnerability exists in Jenkins 2.158 and ea ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4db27c758268b1aba803bc4b2bde1f2b3081fc7a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4db27c758268b1aba803bc4b2bde1f2b3081fc7a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200104/14508247/attachment.html>