-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 22 Dec 2024 19:35:04 +0100 Source: opensc Binary: opensc opensc-dbgsym opensc-pkcs11 opensc-pkcs11-dbgsym Architecture: s390x Version: 0.23.0-0.3+deb12u2 Distribution: bookworm Urgency: medium Maintainer: s390x Build Daemon (zandonai) Changed-By: Guilhem Moulin Description: opensc - Smart card utilities with support for PKCS#15 compatible cards opensc-pkcs11 - Smart card utilities with support for PKCS#15 compatible cards Closes: 1064189 1082853 1082859 1082860 1082861 1082862 1082863 1082864 Changes: opensc (0.23.0-0.3+deb12u2) bookworm; urgency=medium . * Non-maintainer upload. * Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding in OpenSC. (Closes: #1064189) * Fix CVE-2024-1454: Memory use after free in AuthentIC driver when updating token info. * Fix CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (Closes: #1082853) * Fix CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (Closes: #1082859) * Fix CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (Closes: #1082860) * Fix CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (Closes: #1082861) * Fix CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (Closes: #1082862) * Fix CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (Closes: #1082863) * Fix CVE-2024-45620: Incorrect handling length of buffers or files in pkcs15init. (Closes: #1082864) * Add d/salsa-ci.yml for Salsa CI. Checksums-Sha1: d52b68ca6ab57b66078273f1da6fc38fb1155ff6 747756 opensc-dbgsym_0.23.0-0.3+deb12u2_s390x.deb c3ea48af7efebde619fa18105312ef6fc1668d15 2543852 opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_s390x.deb 67a87a47f1647f477462c0c348d23df80c804c1e 775848 opensc-pkcs11_0.23.0-0.3+deb12u2_s390x.deb c6af416b8f66815e945626c3cb85e8f34e1e7c92 8265 opensc_0.23.0-0.3+deb12u2_s390x-buildd.buildinfo e16b435f322521762b8f85cfdef5f914e4f7a909 348024 opensc_0.23.0-0.3+deb12u2_s390x.deb Checksums-Sha256: b806ec7178216ef9f3cc7a84bb85656db20fcd93033cd3bdd4ab1fd8dd6e60e4 747756 opensc-dbgsym_0.23.0-0.3+deb12u2_s390x.deb d4cfecc6f8dbf940a001c7a1df113f104f2753e46e79f703a3b65c3ab08d0cd4 2543852 opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_s390x.deb 219dbacc69af16e18c07b135b8c641453ea8d938905d80589a14079778a85de0 775848 opensc-pkcs11_0.23.0-0.3+deb12u2_s390x.deb e63b5f8299a02b8f7f49a9c42a996b07424b39f9d5b1a0e0b38929029f69b976 8265 opensc_0.23.0-0.3+deb12u2_s390x-buildd.buildinfo 6bc8adf0c9345fa727cf99b50cf632b161bff1c824e6963c09b64730c1f38142 348024 opensc_0.23.0-0.3+deb12u2_s390x.deb Files: d28e283d2dfc7c946b45efa379d16dba 747756 debug optional opensc-dbgsym_0.23.0-0.3+deb12u2_s390x.deb 0266ce75a9e4cf440335507d38e58c40 2543852 debug optional opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_s390x.deb ba9686341a4fcd38adffb22b9936990c 775848 utils optional opensc-pkcs11_0.23.0-0.3+deb12u2_s390x.deb b8c78ad610c46638940bf81929f49c77 8265 utils optional opensc_0.23.0-0.3+deb12u2_s390x-buildd.buildinfo e39cfd83b94edf7849491a2d0d1e8739 348024 utils optional opensc_0.23.0-0.3+deb12u2_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEu0D/YpnnSxv8epH9AKOyQzsWVasFAmd5SvkACgkQAKOyQzsW VavoQBAAhhgomDabvkKZ0Sb8BlMV5rOie2kZdEvOWpXYmreevdDmEjugeSDj2u3Q gUK/sjkWCyaVkHjqvZbX7EYUgQ46R5ZPh9Row8RNjkGi24qYy16OMMABkUQfadHf KBykzB4KZhRDT26QYEsC923sJc/bHDn8kVBzdEsYwfx/Pa6sNhKcO+K2JKXr5dpq 0xmNBPqkL6Qcm1T3VBakMl+CnYgiVyWO+ngszPBYABkGjIr2aQ6JstYmMCJVpufX pSuIIwXT0qMc3SRi+k+UqNtksg1Mf3/MLk9rP3GrmFnM1LC2x50qhFNF5wUYEprr 9CF1whSGceAGSRMyt7ChfyuBgdxf/y8Of1kXU6KQhNIsHPDE7qSL8yJ1pqns+AXe yWm1SixRkfJpA2jGuAuAgNg9Fvc2gBVC4uaxapf2Sz2M0JlTk/Jx6AmmMiLMU0MI Wtot8LgQy/CdfZC6pPXF4Ezi7XsRXOSivKYU9hB6JmZH//yJp+sOtOgdtGFnVC/E UxhbRom5QYilIQkVTh01pgph/G53fm+h9AQekLTy9Mwc4fVl1fPI40gHEF7EEH9c j9u97cZsx37wzuQ/cqR6zcusAr//P3I+p8PJE3zLt1OPMCqDpF55YFea/AxmlAjC kO9KWhmQdcsHw9pMtCDy8p0EXSU9dZRvHgws6y1+8NCe488kmos= =W2z2 -----END PGP SIGNATURE-----