-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 22 Dec 2024 19:35:04 +0100 Source: opensc Binary: opensc opensc-dbgsym opensc-pkcs11 opensc-pkcs11-dbgsym Architecture: mips64el Version: 0.23.0-0.3+deb12u2 Distribution: bookworm Urgency: medium Maintainer: mipsel Build Daemon (mipsel-osuosl-03) Changed-By: Guilhem Moulin Description: opensc - Smart card utilities with support for PKCS#15 compatible cards opensc-pkcs11 - Smart card utilities with support for PKCS#15 compatible cards Closes: 1064189 1082853 1082859 1082860 1082861 1082862 1082863 1082864 Changes: opensc (0.23.0-0.3+deb12u2) bookworm; urgency=medium . * Non-maintainer upload. * Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding in OpenSC. (Closes: #1064189) * Fix CVE-2024-1454: Memory use after free in AuthentIC driver when updating token info. * Fix CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (Closes: #1082853) * Fix CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (Closes: #1082859) * Fix CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (Closes: #1082860) * Fix CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (Closes: #1082861) * Fix CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (Closes: #1082862) * Fix CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (Closes: #1082863) * Fix CVE-2024-45620: Incorrect handling length of buffers or files in pkcs15init. (Closes: #1082864) * Add d/salsa-ci.yml for Salsa CI. Checksums-Sha1: e9815a1b2fff187f1943a5b1541b1a5613017163 806980 opensc-dbgsym_0.23.0-0.3+deb12u2_mips64el.deb d370ec9eeb7af61b1927a0d8c627c70a7fbc8c29 2613788 opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_mips64el.deb 8e50424614e2284edbeda42b325fbff3290524fe 697608 opensc-pkcs11_0.23.0-0.3+deb12u2_mips64el.deb c9c3deed7a0d3864fdef42db73253304427753b2 8240 opensc_0.23.0-0.3+deb12u2_mips64el-buildd.buildinfo e581b02222e48e9c80f3d30d2c2c7d8eaf69fec0 355400 opensc_0.23.0-0.3+deb12u2_mips64el.deb Checksums-Sha256: e1e4f11b725941f797dc79e7af67c16ff1bb324abf0b828f73f730032cc250ed 806980 opensc-dbgsym_0.23.0-0.3+deb12u2_mips64el.deb 0665d44d091e6044e8d7ef21f824d6db5c9fa029b0d77c39c3a42f0358e4f7d3 2613788 opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_mips64el.deb 5b68ff47cad7f72bfbeb5a8438ab35833396650fbc2126fba4931f5cdec5d7c7 697608 opensc-pkcs11_0.23.0-0.3+deb12u2_mips64el.deb 3363576f431c8e3ab0f886278e5b73dfed8da0a45af7058959b22722cdd0a5b9 8240 opensc_0.23.0-0.3+deb12u2_mips64el-buildd.buildinfo fd68e7f89b11702a8558ee01a49b668b696b6771e25714c48219bdd73188a10e 355400 opensc_0.23.0-0.3+deb12u2_mips64el.deb Files: b73838ea7af5ff5a651b231ba177d98d 806980 debug optional opensc-dbgsym_0.23.0-0.3+deb12u2_mips64el.deb d36f897050b53e56c8116f1f8f8ece6c 2613788 debug optional opensc-pkcs11-dbgsym_0.23.0-0.3+deb12u2_mips64el.deb 2da4b16ef9446afa3b2d9e3b70d849a8 697608 utils optional opensc-pkcs11_0.23.0-0.3+deb12u2_mips64el.deb 1141c7e5f73c3490eb24420dce12ff17 8240 utils optional opensc_0.23.0-0.3+deb12u2_mips64el-buildd.buildinfo 397d05bfb2da9b41f1f0ce1b7d5ddf22 355400 utils optional opensc_0.23.0-0.3+deb12u2_mips64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEunmvxaaGKuI+hxxClmZGXOM83t8FAmd5hd8ACgkQlmZGXOM8 3t8/FA/+OSuArzA7I4ZqQbRCaEa3ZXcRrUuR4G2+ssl6VMB6r9wrwejfH2NX4vqx Q1Wub5IIlAfXntAPLy/y+ETEn9z6Ut/kHmX+vcNwVy90Xpb7xlxNytwEhOJQvTd+ BPpU9SHHNBj4aqe/Gjr4qb4w19AtWjXXfuTKQW0tCKsdx4zf3+y7X+mJIcEDbW0y WaSYsatLFxKC/R2op49ut5GqE5u6he3eggww18bIIjX/4RINLmboltImVsZtxkvg Fj4+d3AbzavpnR1BZmfQ2fy68vOUhLcUe3LyTIUE6Khdki4bAAWbgCrPbO0Tyk+J QMNQrj974E5X6cYhwcv8RcpooabqMcraDVGjWoBFYUGRcB5f+VvsJ91keI/JFe/B du8IQT67X8/3fa6fcvJtZ+CVsPVkP8DuRhq2pLpBzSOBScrHDz82TqQSTYLuBAW2 jefdzpxxX8q6VuuJxH5RZ+EjjSGHEdB126PrcIm2GjZ+FIbTR7AxU4IH1Ew3VnX4 wbu/psG9Dtrk88JKWxclNVkfkKNKcGj3j5fzDuwhUdxw5+QzeHIkvQNZmzXeKGKa qwKF26PcmHea6ej9d2hCOVLLoaK4uu0qqnB0syepSoGf6KWOcEUoiY8osQPRDOQD kUd5nyTN2QihrbPv3BuygyaOXccc7E1INU9zqvgmNXzrfW66u5c= =bfWQ -----END PGP SIGNATURE-----