FEDORA-2018-fe4b72fa7d created by jjelen 2 years ago for Fedora 29
stable

Security fix for CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, CVE-2018-16426, CVE-2018-16427 + support for RSA-PSS signatures.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-fe4b72fa7d

This update has been submitted for testing by jjelen.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon cserpentis commented & provided feedback 2 years ago
karma

works for me

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for batched by jjelen.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#1627998 CVE-2018-16391 opensc: Buffer overflows handling responses from Muscle Cards in card-muscle.c:muscle_list_files()
0
0
BZ#1628000 CVE-2018-16391 opensc: Buffer overflows handling responses from Muscle Cards in card-muscle.c:muscle_list_files() [fedora-all]
0
0
BZ#1628002 CVE-2018-16392 opensc: Buffer overflows handling responses from TCOS Cards in card-tcos.c:tcos_select_file()
0
0
BZ#1628003 CVE-2018-16392 opensc: Buffer overflows handling responses from TCOS Cards in card-tcos.c:tcos_select_file() [fedora-all]
0
0
BZ#1628006 CVE-2018-16393 opensc: Buffer overflows handling responses from Gemsafe V1 Smartcards in pkcs15-gemsafeV1.c:gemsafe_get_cert_len()
0
0
BZ#1628007 CVE-2018-16393 opensc: Buffer overflows handling responses from Gemsafe V1 Smartcards in pkcs15-gemsafeV1.c:gemsafe_get_cert_len() [fedora-all]
0
0
BZ#1628010 CVE-2018-16418 opensc: Buffer overflow handling string concatention in tools/util.c:util_acl_to_str()
0
0
BZ#1628011 CVE-2018-16418 opensc: Buffer overflow handling string concatention in tools/util.c:util_acl_to_str() [fedora-all]
0
0
BZ#1628013 CVE-2018-16419 opensc: Buffer overflow handling responses from Cryptoflex cards in in cryptoflex-tool.c:read_public_key()
0
0
BZ#1628014 CVE-2018-16419 opensc: Buffer overflow handling responses from Cryptoflex cards in in cryptoflex-tool.c:read_public_key() [fedora-all]
0
0
BZ#1628016 CVE-2018-16422 opensc: Buffer overflow handling responses from esteid cards in pkcs15-esteid.c:sc_pkcs15emu_esteid_init()
0
0
BZ#1628017 CVE-2018-16422 opensc: Buffer overflow handling responses from esteid cards in pkcs15-esteid.c:sc_pkcs15emu_esteid_init() [fedora-all]
0
0
BZ#1628020 CVE-2018-16423 opensc: Double free handling responses from smartcards in libopensc/sc.c:sc_file_set_sec_attr()
0
0
BZ#1628021 CVE-2018-16423 opensc: Double free handling responses from smartcards in libopensc/sc.c:sc_file_set_sec_attr() [fedora-all]
0
0
BZ#1628023 CVE-2018-16425 opensc: Double free handling responses from HSM Cards in pkcs15-sc-hsm.c:sc_pkcs15emu_sc_hsm_init()
0
0
BZ#1628024 CVE-2018-16425 opensc: Double free handling responses from HSM Cards in pkcs15-sc-hsm.c:sc_pkcs15emu_sc_hsm_init() [fedora-all]
0
0
BZ#1628026 CVE-2018-16420 opensc: Buffer overflows handling responses from ePass 2003 Cards in card-epass2003.c:decrypt_response()
0
0
BZ#1628028 CVE-2018-16420 opensc: Buffer overflows handling responses from ePass 2003 Cards in card-epass2003.c:decrypt_response() [fedora-all]
0
0
BZ#1628034 CVE-2018-16421 opensc: Buffer overflows handling responses from CAC Cards in card-cac.c:cac_get_serial_nr_from_CUID()
0
0
BZ#1628035 CVE-2018-16421 opensc: Buffer overflows handling responses from CAC Cards in card-cac.c:cac_get_serial_nr_from_CUID() [fedora-all]
0
0
BZ#1628040 CVE-2018-16424 opensc: Double free handling responses from smartcards in tools/egk-tool.c:read_file()
0
0
BZ#1628041 CVE-2018-16424 opensc: Double free handling responses from smartcards in tools/egk-tool.c:read_file() [fedora-all]
0
0
BZ#1628044 CVE-2018-16426 opensc: Infinite recusrion handling responses from IAS-ECC cards in card-iasecc.c:iasecc_select_file()
0
0
BZ#1628048 CVE-2018-16426 opensc: Infinite recusrion handling responses from IAS-ECC cards in card-iasecc.c:iasecc_select_file() [fedora-all]
0
0
BZ#1628052 CVE-2018-16427 opensc: Out of bounds reads handling responses from smartcards
0
0
BZ#1628053 CVE-2018-16427 opensc: Out of bounds reads handling responses from smartcards [fedora-all]
0
0

Automated Test Results