[ubuntu/oracular-updates] opensc 0.25.1-2ubuntu1.1 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Wed Mar 12 06:28:17 UTC 2025 

opensc (0.25.1-2ubuntu1.1) oracular-security; urgency=medium

  * SECURITY UPDATE: Missing variable initialization
    - debian/patches/CVE-2024-45615-1.patch: Fix uninitialized values
    - debian/patches/CVE-2024-45615-2.patch: Initialize variables for tag and
      CLA
    - debian/patches/CVE-2024-45615-3.patch: Initialize OID length
    - debian/patches/CVE-2024-45615-4.patch: Initialize variables for tag and
      CLA
    - debian/patches/CVE-2024-45615-5.patch: Avoid using uninitialized memory
    - debian/patches/CVE-2024-45617-1.patch: Check return value when selecting
      AID
    - debian/patches/CVE-2024-45617-2.patch: Return error when response length
      is 0
    - debian/patches/CVE-2024-45617-3.patch: Check number of read bytes
    - debian/patches/CVE-2024-45618-1.patch: Check return value of serial num
      conversion
    - debian/patches/CVE-2024-45618-2.patch: Report transport key error
    - CVE-2024-45615
    - CVE-2024-45617
    - CVE-2024-45618
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2024-45616-1.patch: Fix uninitialized values
    - debian/patches/CVE-2024-45616-2.patch: Check length of APDU response
    - debian/patches/CVE-2024-45616-3.patch: Correctly calculate certificate
      length based on the resplen
    - debian/patches/CVE-2024-45616-4.patch: Check length of serial number
    - debian/patches/CVE-2024-45616-5.patch: Use actual length of reponse
      buffer
    - debian/patches/CVE-2024-45616-6.patch: Check length of response buffer
      in select
    - debian/patches/CVE-2024-45616-7.patch: Check APDU response length and
      ASN1 lengths
    - debian/patches/CVE-2024-45616-8.patch: Report invalid SW when reading
      object
    - debian/patches/CVE-2024-45616-9.patch: Avoid using uninitialized memory
    - debian/patches/CVE-2024-45616-10.patch: Check length of serial number
    - debian/patches/CVE-2024-45619-1.patch: Check number of read bytes for cert
    - debian/patches/CVE-2024-45619-2.patch: Check certificate length before
      accessing
    - debian/patches/CVE-2024-45619-3.patch: Check length of buffer for object
    - debian/patches/CVE-2024-45619-4.patch: Check length of generated key
    - debian/patches/CVE-2024-45619-5.patch: Properly check length of file list
    - debian/patches/CVE-2024-45619-6.patch: Check length of buffer before
      conversion
    - debian/patches/CVE-2024-45620-1.patch: Check length of file to be non-zero
    - debian/patches/CVE-2024-45620-2.patch: Check length of data before
      dereferencing
    - debian/patches/CVE-2024-45620-3.patch: Check length of data when parsing
    - debian/patches/CVE-2024-8443-1.patch: Avoid buffer overflow when writing
      fingerprint
    - debian/patches/CVE-2024-8443-2.patch: Do not accept non-matching key
      responses
    - CVE-2024-45616
    - CVE-2024-45619
    - CVE-2024-45620
    - CVE-2024-8443

Date: 2025-03-06 11:24:22.698753+00:00
Changed-By: Bruce Cable <bruce.cable at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/opensc/0.25.1-2ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the oracular-changes mailing list