ELSA-2023-7160

ELSA-2023-7160 - opensc security and bug fix update

Type:	SECURITY
Impact:	LOW
Release Date:	2023-11-17

Description

[0.20.0-6]
- Fix introduced issues tagged by coverity (RHEL-765)

[0.20.0-5]
- Avoid potential crash because of missing list terminator (#2196234)
- Fix CVE-2023-2977: potential buffer overrun in pkcs15 cardos_have_verifyrc_package (#2211093)
- Backport upstream changes regarding to reader removal (#2097048)

Related CVEs

CVE-2023-2977

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 8 (aarch64)	opensc-0.20.0-6.el8.src.rpm	6e0c19930e0be1dc7d40a97fe1a16313e749f343f5c6d4f03bc0cbd0560f6ca4	-	ol8_aarch64_baseos_latest
	opensc-0.20.0-6.el8.src.rpm	6e0c19930e0be1dc7d40a97fe1a16313e749f343f5c6d4f03bc0cbd0560f6ca4	-	ol8_aarch64_u9_baseos_base
	opensc-0.20.0-6.el8.aarch64.rpm	dc84c851bcbf83469fde98f568512716f097982ea3d35c2f066760e06e3b75a9	-	ol8_aarch64_baseos_latest
	opensc-0.20.0-6.el8.aarch64.rpm	dc84c851bcbf83469fde98f568512716f097982ea3d35c2f066760e06e3b75a9	-	ol8_aarch64_u9_baseos_base
Oracle Linux 8 (x86_64)	opensc-0.20.0-6.el8.src.rpm	6e0c19930e0be1dc7d40a97fe1a16313e749f343f5c6d4f03bc0cbd0560f6ca4	-	ol8_x86_64_baseos_latest
	opensc-0.20.0-6.el8.src.rpm	6e0c19930e0be1dc7d40a97fe1a16313e749f343f5c6d4f03bc0cbd0560f6ca4	-	ol8_x86_64_u9_baseos_base
	opensc-0.20.0-6.el8.i686.rpm	00fa825bf0db4f499523a971bb3f75c1d07e7ff7e9957da80f6e5b1a59e1dc35	-	ol8_x86_64_baseos_latest
	opensc-0.20.0-6.el8.i686.rpm	00fa825bf0db4f499523a971bb3f75c1d07e7ff7e9957da80f6e5b1a59e1dc35	-	ol8_x86_64_u9_baseos_base
	opensc-0.20.0-6.el8.x86_64.rpm	5dd4acccdff56a96074d918f923e50ce67f4c2205a38eed3bdcda32607dc9e24	-	ol8_x86_64_baseos_latest
	opensc-0.20.0-6.el8.x86_64.rpm	5dd4acccdff56a96074d918f923e50ce67f4c2205a38eed3bdcda32607dc9e24	-	ol8_x86_64_u9_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team