-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 22 Dec 2024 19:35:04 +0100 Source: opensc Binary: opensc opensc-dbgsym opensc-pkcs11 opensc-pkcs11-dbgsym Architecture: ppc64el Version: 0.23.0-0.3+deb12u2 Distribution: bookworm Urgency: medium Maintainer: ppc64el Build Daemon (ppc64el-conova-02) Changed-By: Guilhem Moulin Description: opensc - Smart card utilities with support for PKCS#15 compatible cards opensc-pkcs11 - Smart card utilities with support for PKCS#15 compatible cards Closes: 1064189 1082853 1082859 1082860 1082861 1082862 1082863 1082864 Changes: opensc (0.23.0-0.3+deb12u2) bookworm; urgency=medium . * Non-maintainer upload. * Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding in OpenSC. (Closes: #1064189) * Fix CVE-2024-1454: Memory use after free in AuthentIC driver when updating token info. * Fix CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (Closes: #1082853) * Fix CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (Closes: #1082859) * Fix CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (Closes: #1082860) * Fix CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (Closes: #1082861) * Fix CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (Closes: #1082862) * Fix CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (Closes: #1082863) * Fix CVE-2024-45620: Incorrect handling length of buffers or files in pkcs15init. (Closes: #1082864) * Add d/salsa-ci.yml for Salsa CI. Checksums-Sha1: b000a2b0d7b56b3ff2882682253dc96d29e51a43 783612 opensc-dbgsym_0.23.0-0.3+deb12u2_ppc64el.deb ee8d5045042fedfcde990b91fa2f92c11bb8647a 2666608 opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_ppc64el.deb 9e2df3d22067611a3b49073478747f6586ba90e9 886632 opensc-pkcs11_0.23.0-0.3+deb12u2_ppc64el.deb 34ebd623ee5fc7a6ab6582282c828f110446920c 8378 opensc_0.23.0-0.3+deb12u2_ppc64el-buildd.buildinfo 6bb83b7703a8657afc4365352f68f2bf8bb1838c 380540 opensc_0.23.0-0.3+deb12u2_ppc64el.deb Checksums-Sha256: 11f6346a93dc55e3b80dc74c53beeb706fd9fde66c580f3a686e951edf8d58b2 783612 opensc-dbgsym_0.23.0-0.3+deb12u2_ppc64el.deb 7b26883e563abb50ba3e691e85fb9b0f72207aeb89953cee28fcb9ab65fae32e 2666608 opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_ppc64el.deb cf423f99466b3b8fe67867063494e45fcf72368fc88671f1eec5bf11e89f4451 886632 opensc-pkcs11_0.23.0-0.3+deb12u2_ppc64el.deb d4dcc23aef8943e4d236223ae401b056a76e2f061e12df672c785206b6f382bc 8378 opensc_0.23.0-0.3+deb12u2_ppc64el-buildd.buildinfo d771b3cf72a70fb8129f9078665350e92993eea1fe6162777d6298e06141e9d7 380540 opensc_0.23.0-0.3+deb12u2_ppc64el.deb Files: d8af6f60cd943576938e0f2ffccde23a 783612 debug optional opensc-dbgsym_0.23.0-0.3+deb12u2_ppc64el.deb 973fdd63315b7fde5b064fdd87eb92f4 2666608 debug optional opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_ppc64el.deb 2b2c3c08ce191c123d0423ea285a0d1f 886632 utils optional opensc-pkcs11_0.23.0-0.3+deb12u2_ppc64el.deb 454b0678fd0824104832e88d33a31be4 8378 utils optional opensc_0.23.0-0.3+deb12u2_ppc64el-buildd.buildinfo 06bc3cc9c6a0937d34735aa90f69395c 380540 utils optional opensc_0.23.0-0.3+deb12u2_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZAv/jpGRqS40qyb11oy1TpxF0ZAFAmd5SsMACgkQ1oy1TpxF 0ZCiTw//e+ICjv4OcAOB/ZD6CUsmVaoa9bs37fkG/qvbqkEVRuoECZDxE4L3xMsn IRB+iHeSmW/6zmFPolGdXWB87nmb7pofXn3uHAYj7XO/9XMdDd18pWy5cKR+hK9A u/VKmh1BnXzRPMUEcjAV9ZFZpAqQLUr1AJWuiC8YYNFvwRQExJ2Ss0BpANv8au90 iwj8VAn5nY6Zpe6Ng5CCx23m9BVHXbcj8zIR34/kis7ZQ2NG9aJ7k/kLu+PPqmU2 tu6stUEuCr71Lref9ejSDDWsS0RCNk/QL2ollRkix5Y1T6OZr9Bbn5LHKPEiE8pN TKeVgBFtzPoFb467OlSq7OpHoE4pPOj6Rdcdj8PJLWobtkwB0JV1xG+MddnZDScV AQLEUhEKsqhMxIp9L4ZxTDQfCH0KvGmIb9sRRXfCXr3MEJB0FNAWHZelE5hzKqtz sLku//bQTlNohrThDDi2pZeREgWSmRi6hEnAcDkLF7cPkqAnpJz2tav9wu5STaP2 xdwVR5kMCVZf+OQ5+ck8yZAvozKxyMUHYfogVeCtp2WPqAdJ7W+ITjBkBcJE5Hn6 oJZQwFVgDomFCsyKxwwgDRfzBlZedA6G0wQ/w3L2dpmxSBhgZ3lKxqUIHsP6Fb5n W7ObeJ7CHSZvswHPm2kY99HrmJR4aAMtXOWLilOU0TpJ7baDbWQ= =XlOA -----END PGP SIGNATURE-----