[Git][security-tracker-team/security-tracker][master] CVE-2021-42778-82/opensc 0.22.0-1

Neil Williams (@codehelp) codehelp at debian.org
Wed Apr 20 13:55:56 BST 2022



Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af342f84 by Neil Williams at 2022-04-20T13:55:23+01:00
CVE-2021-42778-82/opensc 0.22.0-1

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34443,15 +34443,36 @@ CVE-2021-42784 (OS Command Injection vulnerability in debug_fcgi of D-Link DWR-9
 CVE-2021-42783 (Missing Authentication for Critical Function vulnerability in debug_po ...)
 	NOT-FOR-US: D-Link
 CVE-2021-42782 (Stack buffer overflow issues were found in Opensc before version 0.22. ...)
-	TODO: check
+	- opensc 0.22.0-1
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016448
+	NOTE: https://github.com/OpenSC/OpenSC/commit/1252aca9 (0.22.0)
+	NOTE: https://github.com/OpenSC/OpenSC/commit/456ac566 (0.22.0)
+	NOTE: https://github.com/OpenSC/OpenSC/commit/7114fb71 (0.22.0)
+	NOTE: https://github.com/OpenSC/OpenSC/commit/78cdab94 (0.22.0)
+	NOTE: https://github.com/OpenSC/OpenSC/commit/ae1cf0be (0.22.0)
 CVE-2021-42781 (Heap buffer overflow issues were found in Opensc before version 0.22.0 ...)
-	TODO: check
+	- opensc 0.22.0-1
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016439
+	NOTE: https://github.com/OpenSC/OpenSC/commit/05648b06 (0.22.0)
+	NOTE: https://github.com/OpenSC/OpenSC/commit/17d8980c (0.22.0)
+	NOTE: https://github.com/OpenSC/OpenSC/commit/40c50a3a (0.22.0)
+	NOTE: https://github.com/OpenSC/OpenSC/commit/5d4daf6c (0.22.0)
+	NOTE: https://github.com/OpenSC/OpenSC/commit/cae5c71f (0.22.0)
 CVE-2021-42780 (A use after return issue was found in Opensc before version 0.22.0 in  ...)
-	TODO: check
+	- opensc 0.22.0-1
+	NOTE: https://github.com/OpenSC/OpenSC/commit/5df913b7 (0.22.0)
+	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016139
 CVE-2021-42779 (A heap use after free issue was found in Opensc before version 0.22.0  ...)
-	TODO: check
+	- opensc 0.22.0-1
+	NOTE: https://github.com/OpenSC/OpenSC/commit/1db88374 (0.22.0)
+	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016086
 CVE-2021-42778 (A heap double free issue was found in Opensc before version 0.22.0 in  ...)
-	TODO: check
+	- opensc 0.22.0-1
+	NOTE: https://github.com/OpenSC/OpenSC/commit/f015746d (0.22.0)
+	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016083
 CVE-2021-42777
 	RESERVED
 CVE-2021-42776 (CloverDX Server before 5.11.2 and and 5.12.x before 5.12.1 allows XXE  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af342f84c2047e609154cabc6723fa296e883f25

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af342f84c2047e609154cabc6723fa296e883f25
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220420/82f7f10b/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list