-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 22 Dec 2024 19:35:04 +0100 Source: opensc Binary: opensc opensc-dbgsym opensc-pkcs11 opensc-pkcs11-dbgsym Architecture: i386 Version: 0.23.0-0.3+deb12u2 Distribution: bookworm Urgency: medium Maintainer: i386 Build Daemon (x86-grnet-01) Changed-By: Guilhem Moulin Description: opensc - Smart card utilities with support for PKCS#15 compatible cards opensc-pkcs11 - Smart card utilities with support for PKCS#15 compatible cards Closes: 1064189 1082853 1082859 1082860 1082861 1082862 1082863 1082864 Changes: opensc (0.23.0-0.3+deb12u2) bookworm; urgency=medium . * Non-maintainer upload. * Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding in OpenSC. (Closes: #1064189) * Fix CVE-2024-1454: Memory use after free in AuthentIC driver when updating token info. * Fix CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (Closes: #1082853) * Fix CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (Closes: #1082859) * Fix CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (Closes: #1082860) * Fix CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (Closes: #1082861) * Fix CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (Closes: #1082862) * Fix CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (Closes: #1082863) * Fix CVE-2024-45620: Incorrect handling length of buffers or files in pkcs15init. (Closes: #1082864) * Add d/salsa-ci.yml for Salsa CI. Checksums-Sha1: 69f14080aae97d8f56a1a01c80fa60bf56ca6f4f 906360 opensc-dbgsym_0.23.0-0.3+deb12u2_i386.deb 277a9f8430f3a5a68fdbf1fd5a4a9cdbf0bbccb1 2130672 opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_i386.deb 3e77fdd73fb58d31bf66f88ac7a5d9d09b40bede 897984 opensc-pkcs11_0.23.0-0.3+deb12u2_i386.deb dd706d2c50a75b4c83504954ba53cb7410ffc57f 8320 opensc_0.23.0-0.3+deb12u2_i386-buildd.buildinfo 32632a8a4539b821e9f31c4b5196162be5abf8f3 376156 opensc_0.23.0-0.3+deb12u2_i386.deb Checksums-Sha256: bfbb7ac632af1063b6f3880125f3b7b46d72e3124a42c8ba25b4a63c2ab2fecb 906360 opensc-dbgsym_0.23.0-0.3+deb12u2_i386.deb 02c74cfa23b0ce063fd29328f711863b4c78bf4e5d4447f8dcaee526b95e31aa 2130672 opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_i386.deb bd9f769a1678870f8772960d004fa190b3ae8113db7bedfd0166203fc8f1ae8e 897984 opensc-pkcs11_0.23.0-0.3+deb12u2_i386.deb 07372f2952c093d320d5b67cdec42f903690e9e496b1c40f3fd435055e398f1b 8320 opensc_0.23.0-0.3+deb12u2_i386-buildd.buildinfo c9caf9d1513f07257cda1c0f37339c4c9ce1823521e2d4fb8a8d350f953be795 376156 opensc_0.23.0-0.3+deb12u2_i386.deb Files: f792760bc48eebcaf2b34c37df58f24b 906360 debug optional opensc-dbgsym_0.23.0-0.3+deb12u2_i386.deb 3f3a13d742ad468bb373ec650e48eb9f 2130672 debug optional opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_i386.deb 219c9a32aaa34d82919a282c6986ec81 897984 utils optional opensc-pkcs11_0.23.0-0.3+deb12u2_i386.deb eca696ca0db35fcab9d68bc03fe63e20 8320 utils optional opensc_0.23.0-0.3+deb12u2_i386-buildd.buildinfo 9ea4bad33c05d28931e85cb5b4787e1a 376156 utils optional opensc_0.23.0-0.3+deb12u2_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEyTfXx8sBpQ0Lh3cUU9a0/LcaTpMFAmd5St0ACgkQU9a0/Lca TpPRFA//Wi6+aLbKs6c2o0SfL//ymMBKFAvCthDOjlRSbZ7XSOEMt8HMaAFx6QX6 usnNN1+wxnhQrlr0S/Nhyg1e9t9T7zlJNAMaAu0iB5HqcB8G0JqOKsCyc5RLrGRO kyvgNSRU35/H9oRfZsutk5Gjf5Fsy5QaJJOgpKO2VJXiVGDAv2AHygf83VftCfqV JWTaXelGokbjQp8ScL2xSi3sicMYr/MgS615SUF2zPSJNV6bDtn4uoLnSMzl71ft Eli97nUTuQtp5/L9rXvsuk/3VV+5bK94OknctIni125f3BX4UnoojN5v+yokqCdl 2J7cs6pkyecvy58X01MCtVxjEZJBgO85Ume9rZYqnjLc7OnwQIR/LY9aViaSWY4U SKJQrc6JZUTLP/fvlhFZB00w+WL8cWttGK0zuAUfcStxEuhBPoDMa0WmEw3BGb05 xzXJF8QcQ0mj4XcF7xqLTSmb45xwF9sM+39XTfzS5W8I3HMswNqsINwxwYfUNuM7 foKt1/fvGtTR6a+NK9bLi/MXz4fQhorJ9tlvcNC8q6PVI0/Uni9DVTXC7oBTOg2d Wdp6+LaOfRJSnSVAvBp30R5yWnRVP4vVW7keJ8IvOaJIPCYVrK/h+VddUsf210Fp aM7dH+OjbL8zXPXAmDLNBEFubez/4IcygnCWUS4Ivk59Igfta3c= =V57X -----END PGP SIGNATURE-----