1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted opensc 0.23.0-0.3+deb12u2 (source) into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Sat Jan 4 15:40:02 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Sun, 22 Dec 2024 19:35:04 +0100
    Source: opensc
    Architecture: source
    Version: 0.23.0-0.3+deb12u2
    Distribution: bookworm
    Urgency: medium
    Maintainer: Debian OpenSC Maintainers <pkg-opensc-maint@lists.alioth.debian.org>
    Changed-By: Guilhem Moulin <guilhem@debian.org>
    Closes: 1064189 1082853 1082859 1082860 1082861 1082862 1082863 1082864 Changes:
    opensc (0.23.0-0.3+deb12u2) bookworm; urgency=medium
    .
    * Non-maintainer upload.
    * Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5
    padding in OpenSC. (Closes: #1064189)
    * Fix CVE-2024-1454: Memory use after free in AuthentIC driver when updating
    token info.
    * Fix CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating
    key. (Closes: #1082853)
    * Fix CVE-2024-45615: Usage of uninitialized values in libopensc and
    pkcs15init. (Closes: #1082859)
    * Fix CVE-2024-45616: Uninitialized values after incorrect check or usage of
    APDU response values in libopensc. (Closes: #1082860)
    * Fix CVE-2024-45617: Uninitialized values after incorrect or missing
    checking return values of functions in libopensc. (Closes: #1082861)
    * Fix CVE-2024-45618: Uninitialized values after incorrect or missing
    checking return values of functions in pkcs15init. (Closes: #1082862)
    * Fix CVE-2024-45619: Incorrect handling length of buffers or files in
    libopensc. (Closes: #1082863)
    * Fix CVE-2024-45620: Incorrect handling length of buffers or files in
    pkcs15init. (Closes: #1082864)
    * Add d/salsa-ci.yml for Salsa CI.
    Checksums-Sha1:
    728a15416be491275950f61ff415178099d65e14 2190 opensc_0.23.0-0.3+deb12u2.dsc
    c46e55656db5cbb9ea2b955e5713781845435f2d 40288 opensc_0.23.0-0.3+deb12u2.debian.tar.xz
    fe998c7877d7b74a8554832014fe42aa5a9b4920 8789 opensc_0.23.0-0.3+deb12u2_amd64.buildinfo
    Checksums-Sha256:
    76f2ac02b702ef0ab7b520ff199e4cc3709d56022e6d436bc1c55f3d1e36102a 2190 opensc_0.23.0-0.3+deb12u2.dsc
    ac259b36979e9d8cb5677c79865116a759f473fd7cbd97548d7828b358a95a5a 40288 opensc_0.23.0-0.3+deb12u2.debian.tar.xz
    4370e1643d91a1c23a08b402ca0408700724d107426c7fc55c03fae86e718cb5 8789 opensc_0.23.0-0.3+deb12u2_amd64.buildinfo
    Files:
    f2952761940fea8df8148d506f2c66e9 2190 utils optional opensc_0.23.0-0.3+deb12u2.dsc
    7190564263bd944445aa46539f31a16a 40288 utils optional opensc_0.23.0-0.3+deb12u2.debian.tar.xz
    82c9207e59481688c41d5f6fd886f084 8789 utils optional opensc_0.23.0-0.3+deb12u2_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmdoXlYACgkQ05pJnDwh pVLL9A/+MuWrsIvrNQGML4o9P7TsSsi84mC6LHEubuqzYw8zB3D0HR5VTY1ojqY6 bh9RaMR1kot1K50RF9PlzJqoGL8MPWn3D784SwJydCWHPoJaNnCZVnCyt1nnkhfC WiNbzEAhqV/wJL0V0Bzw+UZPakZxTzzRilD40RIB5y1i4CtWWIy3iV9qDS2c+fOU Uc/1Rmm85Gg+7bybVvY8BfrUqWWudILY9uC9IiaooKrBepWleKaeMlU6VRuFBCcQ lHrunZw41BQFncj4rABlWbXqXK9QfseXazeTtvgIqxMm4J+N1H5fNOLP/z/PhKyl Vevs1J6SESUdargCLMGw6lIdCBuoBtYPa5+PefnJqrAZ6E40kIibTXlnSa9wKUsk nDacS25u/ij0qZByubfpqtF+y2BLroKeKTvSXZO9cDOhzzNZQbq6IknJiYsfq2WA H+f5k9E3ZBT9HtoQ7roBmhUigdpDTOz0e2x41Qo4HZ5hZtUH68nVyFLenXZjZaaz mT1fB4JSWa58GrTQs8rwsTJIcA19HtnNHThZxKApVudf1yRTsaVZ6pxFYJlEGj1z kq3HX/Ru2AeqXZAxc3ZUN8D6Go7uruKJSujMRz/6qv0XrVsZ/i8kqqRXsT4j5oQ1 np8R3YMc5uKCOOgfriztoJJg3rZ+B6pfAjiXYpXMtUiuMakhE2E=
    =UoSw
    -----END PGP SIGNATURE-----


    --==============ä77410701306747908=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZ3lGaQAKCRCb9qggYcy5 IWRfAQD5gn4Xu3Imal0w+/ZoxM7f7+EG5Av4YBDJjvOrKp1LWgD+Ib/lkiEZuLWo swsN08Ts+6KOl3vLvsOPlLkSiCk21go=NYpX
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)