[Git][security-tracker-team/security-tracker][master] Reserve DLA-3463-1 for opensc
Guilhem Moulin (@guilhem)
guilhem at debian.org
Wed Jun 21 00:47:01 BST 2023
Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d8f84bf1 by Guilhem Moulin at 2023-06-21T01:46:36+02:00
Reserve DLA-3463-1 for opensc
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -125225,7 +125225,6 @@ CVE-2021-42783 (Missing Authentication for Critical Function vulnerability in de
CVE-2021-42782 (Stack buffer overflow issues were found in Opensc before version 0.22. ...)
- opensc 0.22.0-1
[bullseye] - opensc <no-dsa> (Minor issue)
- [buster] - opensc <no-dsa> (Minor issue)
[stretch] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016448
NOTE: https://github.com/OpenSC/OpenSC/commit/78cdab949f098ad7e593d853229fccf57d749d0c (0.22.0-rc1)
@@ -125236,7 +125235,6 @@ CVE-2021-42782 (Stack buffer overflow issues were found in Opensc before version
CVE-2021-42781 (Heap buffer overflow issues were found in Opensc before version 0.22.0 ...)
- opensc 0.22.0-1
[bullseye] - opensc <no-dsa> (Minor issue)
- [buster] - opensc <no-dsa> (Minor issue)
[stretch] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016439
NOTE: https://github.com/OpenSC/OpenSC/commit/17d8980cde7be597afc366b7e311d0d7cadcb1f4 (0.22.0-rc1)
@@ -125247,7 +125245,6 @@ CVE-2021-42781 (Heap buffer overflow issues were found in Opensc before version
CVE-2021-42780 (A use after return issue was found in Opensc before version 0.22.0 in ...)
- opensc 0.22.0-1
[bullseye] - opensc <no-dsa> (Minor issue)
- [buster] - opensc <no-dsa> (Minor issue)
[stretch] - opensc <no-dsa> (Minor issue)
NOTE: https://github.com/OpenSC/OpenSC/commit/5df913b7f57ad89b9832555d24c08d23a534311e (0.22.0-rc1)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383
@@ -125255,7 +125252,6 @@ CVE-2021-42780 (A use after return issue was found in Opensc before version 0.22
CVE-2021-42779 (A heap use after free issue was found in Opensc before version 0.22.0 ...)
- opensc 0.22.0-1
[bullseye] - opensc <no-dsa> (Minor issue)
- [buster] - opensc <no-dsa> (Minor issue)
[stretch] - opensc <no-dsa> (Minor issue)
NOTE: https://github.com/OpenSC/OpenSC/commit/1db88374bb7706a115d5c3617c6f16115c33bf27 (0.22.0-rc1)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[21 Jun 2023] DLA-3463-1 opensc - security update
+ {CVE-2019-6502 CVE-2021-42779 CVE-2021-42780 CVE-2021-42781 CVE-2021-42782 CVE-2023-2977}
+ [buster] - opensc 0.19.0-1+deb10u2
[21 Jun 2023] DLA-3462-1 wordpress - security update
{CVE-2023-2745}
[buster] - wordpress 5.0.19+dfsg1-0+deb10u1
=====================================
data/dla-needed.txt
=====================================
@@ -152,9 +152,6 @@ openjdk-11 (Emilio)
NOTE: 20230522: waiting for sid update (pochu)
NOTE: 20230612: sid updated, preparing backport (pochu)
--
-opensc (guilhem)
- NOTE: 20230614: Added by Front-Desk (opal)
---
owslib (Adrian Bunk)
NOTE: 20230514: Added by Front-Desk (utkarsh)
NOTE: 20230514: also in dsa-needed. (utkarsh)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8f84bf1ca58244c9fda06ac697add2d1ee819b2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8f84bf1ca58244c9fda06ac697add2d1ee819b2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230620/a29c9ec1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list