Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c0550009 by security tracker role at 2024-12-28T20:12:09+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,128 +1,134 @@
-CVE-2024-56708 [EDAC/igen6: Avoid segmentation fault on module unload]
+CVE-2024-56512 (Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained
authorizatio ...)
+ TODO: check
+CVE-2024-12995 (A vulnerability classified as problematic has been found in
ruifang-te ...)
+ TODO: check
+CVE-2024-12994 (A vulnerability was found in running-elephant Datart
1.0.0-rc3. It has ...)
+ TODO: check
+CVE-2024-56708 (In the Linux kernel, the following vulnerability has been
resolved: E ...)
- linux 6.12.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/fefaae90398d38a1100ccd73b46ab55ff4610fba (6.13-rc1)
-CVE-2024-56707 [octeontx2-pf: handle otx2_mbox_get_rsp errors in
otx2_dmac_flt.c]
+CVE-2024-56707 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 6.12.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f5b942e6c54b13246ee49d42dcfb71b7f29e3c64 (6.13-rc1)
-CVE-2024-56706 [s390/cpum_sf: Fix and protect memory allocation of SDBs with
mutex]
+CVE-2024-56706 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f55bd479d8663a4a4e403b3d308d3d1aa33d92df (6.13-rc1)
-CVE-2024-56705 [media: atomisp: Add check for rgby_data memory allocation
failure]
+CVE-2024-56705 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/ed61c59139509f76d3592683c90dc3fdc6e23cd6 (6.13-rc1)
-CVE-2024-56704 [9p/xen: fix release of IRQ]
+CVE-2024-56704 (In the Linux kernel, the following vulnerability has been
resolved: 9 ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/e43c608f40c065b30964f0a806348062991b802d (6.13-rc1)
-CVE-2024-56703 [ipv6: Fix soft lockups in fib6_select_path under high next hop
churn]
+CVE-2024-56703 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/d9ccb18f83ea2bb654289b6ecf014fd267cc988b (6.13-rc1)
-CVE-2024-56702 [bpf: Mark raw_tp arguments with PTR_MAYBE_NULL]
+CVE-2024-56702 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.12.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/cb4158ce8ec8a5bb528cc1693356a5eb8058094d (6.13-rc1)
-CVE-2024-56701 [powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore]
+CVE-2024-56701 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.12.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/cadae3a45d23aa4f6485938a67cbc47aaaa25e38 (6.13-rc1)
-CVE-2024-56700 [media: wl128x: Fix atomicity violation in fmc_send_cmd()]
+CVE-2024-56700 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/ca59f9956d4519ab18ab2270be47c6b8c6ced091 (6.13-rc1)
-CVE-2024-56699 [s390/pci: Fix potential double remove of hotplug slot]
+CVE-2024-56699 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.12.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c4a585e952ca403a370586d3f16e8331a7564901 (6.13-rc1)
-CVE-2024-56698 [usb: dwc3: gadget: Fix looping of queued SG entries]
+CVE-2024-56698 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/b7fc65f5141c24785dc8c19249ca4efcf71b3524 (6.13-rc1)
-CVE-2024-56697 [drm/amdgpu: Fix the memory allocation issue in
amdgpu_discovery_get_nps_info()]
+CVE-2024-56697 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.12.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/a1144da794adedb9447437c57d69add56494309d (6.13-rc1)
-CVE-2024-56696 [ALSA: core: Fix possible NULL dereference caused by
kunit_kzalloc()]
+CVE-2024-56696 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 6.12.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9ad467a2b2716d4ed12f003b041aa6c776a13ff5 (6.13-rc1)
-CVE-2024-56695 [drm/amdkfd: Use dynamic allocation for CU occupancy array in
'kfd_get_cu_occupancy()']
+CVE-2024-56695 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/922f0e00017b09d9d47e3efac008c8b20ed546a0 (6.13-rc1)
-CVE-2024-56694 [bpf: fix recursive lock when verdict program return SK_PASS]
+CVE-2024-56694 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/8ca2a1eeadf09862190b2810697702d803ceef2d (6.13-rc1)
-CVE-2024-56693 [brd: defer automatic disk creation until module initialization
succeeds]
+CVE-2024-56693 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.12.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/826cc42adf44930a633d11a5993676d85ddb0842 (6.13-rc1)
-CVE-2024-56692 [f2fs: fix to do sanity check on node blkaddr in
truncate_node()]
+CVE-2024-56692 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/6babe00ccd34fc65b78ef8b99754e32b4385f23d (6.13-rc1)
-CVE-2024-56691 [mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C
device]
+CVE-2024-56691 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/686fb77712a4bc94b76a0c5ae74c60118b7a0d79 (6.13-rc1)
-CVE-2024-56690 [crypto: pcrypt - Call crypto layer directly when
padata_do_parallel() return -EBUSY]
+CVE-2024-56690 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/662f2f13e66d3883b9238b0b96b17886179e60e2 (6.13-rc1)
-CVE-2024-56689 [PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks
'mmio']
+CVE-2024-56689 (In the Linux kernel, the following vulnerability has been
resolved: P ...)
- linux 6.12.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/5089b3d874e9933d9842e90410d3af1520494757 (6.13-rc1)
-CVE-2024-56688 [sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport]
+CVE-2024-56688 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/4db9ad82a6c823094da27de4825af693a3475d51 (6.13-rc1)
-CVE-2024-56687 [usb: musb: Fix hardware lockup on first Rx endpoint request]
+CVE-2024-56687 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 6.12.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3fc137386c4620305bbc2a216868c53f9245670a (6.13-rc1)
-CVE-2024-56686 [ext4: fix race in buffer_head read fault injection]
+CVE-2024-56686 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/2f3d93e210b9c2866c8b3662adae427d5bf511ec (6.13-rc1)
-CVE-2024-56685 [ASoC: mediatek: Check num_codecs is not zero to avoid panic
during probe]
+CVE-2024-56685 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 6.12.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/2f2020327cc8561d7c520d2f2d9acea84fa7b3a3 (6.13-rc1)
-CVE-2024-56684 [mailbox: mtk-cmdq: fix wrong use of sizeof in
cmdq_get_clocks()]
+CVE-2024-56684 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.12.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/271ee263cc8771982809185007181ca10346fe73 (6.13-rc1)
-CVE-2024-56683 [drm/vc4: hdmi: Avoid hang with debug registers when suspended]
+CVE-2024-56683 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 6.12.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/223ee2567a55e4f80315c768d2969e6a3b9fb23d (6.13-rc1)
-CVE-2024-56682 [irqchip/riscv-aplic: Prevent crash when MSI domain is missing]
+CVE-2024-56682 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 6.12.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1f181d1cda56c2fbe379c5ace1aa1fac6306669e (6.13-rc1)
-CVE-2024-56681 [crypto: bcm - add error check in the ahash_hmac_init function]
+CVE-2024-56681 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 6.12.3-1
NOTE:
https://git.kernel.org/linus/19630cf57233e845b6ac57c9c969a4888925467b (6.13-rc1)
-CVE-2024-56680 [media: intel/ipu6: do not handle interrupts when device is
disabled]
+CVE-2024-56680 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 6.12.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1429826883bb18847092b2e04c6598ef34bae1d4 (6.13-rc1)
-CVE-2024-56679 [octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c]
+CVE-2024-56679 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 6.12.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/0fbc7a5027c6f7f2c785adae3dcec22b2f2b69b3 (6.13-rc1)
-CVE-2024-56678 [powerpc/mm/fault: Fix kfence page fault reporting]
+CVE-2024-56678 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.12.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/06dbbb4d5f7126b6307ab807cbf04ecfc459b933 (6.13-rc1)
-CVE-2024-56677 [powerpc/fadump: Move fadump_cma_init to setup_arch() after
initmem_init()]
+CVE-2024-56677 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 6.12.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/05b94cae1c47f94588c3e7096963c1007c4d9c1d (6.13-rc1)
-CVE-2024-56676 [thermal: testing: Initialize some variables annoteded with
_free()]
+CVE-2024-56676 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/0104dcdaad3a7afd141e79a5fb817a92ada910ac (6.13-rc1)
CVE-2024-54775 (Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site
Scripting ...)
@@ -29847,6 +29853,7 @@ CVE-2024-44839 (RapidCMS v1.3.1 was discovered to
contain a SQL injection vulner
CVE-2024-44838 (RapidCMS v1.3.1 was discovered to contain a SQL injection
vulnerabilit ...)
NOT-FOR-US: RapidCMS
CVE-2024-8443 (A heap-based buffer overflow vulnerability was found in the
libopensc ...)
+ {DLA-4004-1}
- opensc 0.25.1-2.1 (bug #1082853)
[bookworm] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2310494
@@ -30942,32 +30949,38 @@ CVE-2024-42057 (A command injection vulnerability in
the IPSec VPN feature of Zy
CVE-2024-37136 (Dell Path to PowerProtect, versions 1.1, 1.2, contains an
Exposure of ...)
NOT-FOR-US: Dell
CVE-2024-45620 (A vulnerability was found in the pkcs15-init tool in OpenSC.
An attack ...)
+ {DLA-4004-1}
- opensc 0.25.1-2.1 (bug #1082864)
[bookworm] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309289
NOTE: https://github.com/OpenSC/OpenSC/wiki/CVE-2024-45620
CVE-2024-45619 (A vulnerability was found in OpenSC, OpenSC tools, PKCS#11
module, min ...)
+ {DLA-4004-1}
- opensc 0.25.1-2.1 (bug #1082863)
[bookworm] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309288
NOTE: https://github.com/OpenSC/OpenSC/wiki/CVE-2024-45619
CVE-2024-45618 (A vulnerability was found in pkcs15-init in OpenSC. An
attacker could ...)
+ {DLA-4004-1}
- opensc 0.25.1-2.1 (bug #1082862)
[bookworm] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309287
NOTE: https://github.com/OpenSC/OpenSC/wiki/CVE-2024-45618
CVE-2024-45617 (A vulnerability was found in OpenSC, OpenSC tools, PKCS#11
module, min ...)
+ {DLA-4004-1}
- opensc 0.25.1-2.1 (bug #1082861)
[bookworm] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309286
NOTE: https://github.com/OpenSC/OpenSC/wiki/CVE-2024-45617
CVE-2024-45616 (A vulnerability was found in OpenSC, OpenSC tools, PKCS#11
module, min ...)
+ {DLA-4004-1}
- opensc 0.25.1-2.1 (bug #1082860)
[bookworm] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309290
NOTE: https://github.com/OpenSC/OpenSC/wiki/CVE-2024-45616
NOTE:
https://github.com/OpenSC/OpenSC/security/advisories/GHSA-h5f7-rjr5-vx54
CVE-2024-45615 (A vulnerability was found in OpenSC, OpenSC tools, PKCS#11
module, min ...)
+ {DLA-4004-1}
- opensc 0.25.1-2.1 (bug #1082859)
[bookworm] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309285
@@ -90866,6 +90879,7 @@ CVE-2024-1459 (A path traversal vulnerability was found
in Undertow. This issue
- undertow <unfixed> (bug #1068816)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2259475
CVE-2024-1454 (The use-after-free vulnerability was found in the AuthentIC
driver in ...)
+ {DLA-4004-1}
- opensc 0.25.0~rc1-1
[bookworm] - opensc <no-dsa> (Minor issue)
[buster] - opensc <no-dsa> (Minor issue)
@@ -93200,6 +93214,7 @@ CVE-2024-1062 (A heap overflow flaw was found in
389-ds-base. This issue leads t
NOTE: Fixed by:
https://github.com/389ds/389-ds-base/commit/db7be9fbea1603202fe5829f7ae46bfb83d951c0
(389-ds-base-2.3.3)
NOTE: Fixed by:
https://github.com/389ds/389-ds-base/commit/fd6b417fc53d1c97675638c5489b122e1cf4f1d6
(389-ds-base-2.3.3)
CVE-2023-5992 (A vulnerability was found in OpenSC where PKCS#1 encryption
padding re ...)
+ {DLA-4004-1}
- opensc 0.25.0~rc1-1 (bug #1064189)
[bookworm] - opensc <no-dsa> (Minor issue)
[buster] - opensc <no-dsa> (Minor issue)
@@ -109200,14 +109215,14 @@ CVE-2023-41685 (Improper Neutralization of Special
Elements used in an SQL Comma
CVE-2023-41378 (In certain conditions for Calico Typha (v3.26.2, v3.25.1 and
below), a ...)
NOT-FOR-US: Calico Typha
CVE-2023-40661 (Several memory vulnerabilities were identified within the
OpenSC packa ...)
- {DLA-3668-1}
+ {DLA-4004-1 DLA-3668-1}
- opensc 0.23.0-2 (bug #1055522)
[bookworm] - opensc 0.23.0-0.3+deb12u1
NOTE:
https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651
NOTE: https://github.com/OpenSC/OpenSC/wiki/CVE-2023-40661
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2240913#c1
CVE-2023-40660 (A flaw was found in OpenSC packages that allow a potential PIN
bypass. ...)
- {DLA-3668-1}
+ {DLA-4004-1 DLA-3668-1}
- opensc 0.23.0-2 (bug #1055521)
[bookworm] - opensc 0.23.0-0.3+deb12u1
NOTE:
https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651
@@ -132106,7 +132121,7 @@ CVE-2023-2979 (A vulnerability classified as critical
has been found in Abstrium
CVE-2023-2978 (A vulnerability was found in Abstrium Pydio Cells 4.2.0. It has
been r ...)
NOT-FOR-US: Abstrium Pydio Cells
CVE-2023-2977 (A vulnerbility was found in OpenSC. This security flaw cause a
buffer ...)
- {DLA-3463-1}
+ {DLA-4004-1 DLA-3463-1}
- opensc 0.23.0-0.3 (bug #1037021)
NOTE: https://github.com/OpenSC/OpenSC/issues/2785
NOTE: https://github.com/OpenSC/OpenSC/pull/2787
@@ -256500,7 +256515,7 @@ CVE-2021-42784 (OS Command Injection vulnerability in
debug_fcgi of D-Link DWR-9
CVE-2021-42783 (Missing Authentication for Critical Function vulnerability in
debug_po ...)
NOT-FOR-US: D-Link
CVE-2021-42782 (Stack buffer overflow issues were found in Opensc before
version 0.22. ...)
- {DLA-3463-1}
+ {DLA-4004-1 DLA-3463-1}
- opensc 0.22.0-1
[stretch] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016448
@@ -256510,7 +256525,7 @@ CVE-2021-42782 (Stack buffer overflow issues were
found in Opensc before version
NOTE:
https://github.com/OpenSC/OpenSC/commit/7114fb71b54ddfe06ce5dfdab013f4c38f129d14
(0.22.0-rc1)
NOTE:
https://github.com/OpenSC/OpenSC/commit/456ac566938a1da774db06126a2fa6c0cba514b3
(0.22.0)
CVE-2021-42781 (Heap buffer overflow issues were found in Opensc before
version 0.22.0 ...)
- {DLA-3463-1}
+ {DLA-4004-1 DLA-3463-1}
- opensc 0.22.0-1
[stretch] - opensc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016439
@@ -256520,20 +256535,21 @@ CVE-2021-42781 (Heap buffer overflow issues were
found in Opensc before version
NOTE:
https://github.com/OpenSC/OpenSC/commit/5d4daf6c92e4668f5458f380f3cacea3e879d91a
(0.22.0-rc1)
NOTE:
https://github.com/OpenSC/OpenSC/commit/cae5c71f90cc5b364efe14040923fd5aa3b5dd90
(0.22.0-rc1)
CVE-2021-42780 (A use after return issue was found in Opensc before version
0.22.0 in ...)
- {DLA-3463-1}
+ {DLA-4004-1 DLA-3463-1}
- opensc 0.22.0-1
[stretch] - opensc <no-dsa> (Minor issue)
NOTE:
https://github.com/OpenSC/OpenSC/commit/5df913b7f57ad89b9832555d24c08d23a534311e
(0.22.0-rc1)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016139
CVE-2021-42779 (A heap use after free issue was found in Opensc before version
0.22.0 ...)
- {DLA-3463-1}
+ {DLA-4004-1 DLA-3463-1}
- opensc 0.22.0-1
[stretch] - opensc <no-dsa> (Minor issue)
NOTE:
https://github.com/OpenSC/OpenSC/commit/1db88374bb7706a115d5c3617c6f16115c33bf27
(0.22.0-rc1)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2016086
CVE-2021-42778 (A heap double free issue was found in Opensc before version
0.22.0 in ...)
+ {DLA-4004-1}
- opensc 0.22.0-1
[buster] - opensc <not-affected> (Vulnerable code introduced later)
[stretch] - opensc <not-affected> (Vulnerable code introduced later)
@@ -279460,6 +279476,7 @@ CVE-2021-34195
CVE-2021-34194
RESERVED
CVE-2021-34193 (Stack overflow vulnerability in OpenSC smart card middleware
before 0. ...)
+ {DLA-4004-1}
- opensc 0.22.0-1
[buster] - opensc <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c055000929328f1de991ce0d61e2b27bf134b629
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c055000929328f1de991ce0d61e2b27bf134b629
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
