registry team mailing list archive

Thread
Date

[Bug 692483] Re: Buffer overflow

To: registry@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <692483@xxxxxxxxxxxxxxxxxx>
Date: Wed, 22 Dec 2010 00:04:34 -0000
Reply-to: Bug 692483 <692483@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package opensc - 0.11.4-2ubuntu2.1

---------------
opensc (0.11.4-2ubuntu2.1) hardy-security; urgency=low

  * SECURITY UPDATE: specially crafted cards may be able to execute code.
    - Move MIN and MAX macros from muscle.c to internal.h
    - https://www.opensc-project.org/opensc/changeset/4912
    - Fix potential buffer overflow by rogue cards. (LP: #692483)
    - update card-acos5.c, card-atrust-acos.c and card-starcos.c to use
      MIN macros to protect against buffer overflow
    - https://www.opensc-project.org/opensc/changeset/4913
 -- Torsten Spindler (Canonical) <torsten@xxxxxxxxxxxxx>   Tue, 21 Dec 2010 16:34:32 +0100

-- 
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Debian.
https://bugs.launchpad.net/bugs/692483

Title:
  Buffer overflow