oss-sec mailing list archives
Re: opensc 0.11.6 with fixed security update
From: Ludwig Nussel <ludwig.nussel () suse de>
Date: Fri, 5 Sep 2008 15:28:35 +0200
Andreas Jellinghaus wrote:
this is a copy of a new security announcement we had to make, already public. our last security update with OpenSC 0.11.5 had a small glitch, so this version fixes that glitch. Please everyone update the opensc packages in your distribution. [...] This is an update to our security advisory 31-Jul-2008. Chaskiel M Grundman found a security vulnerability in OpenSC. The vulnerability has been fixed in OpenSC 0.11.6. In Mitre's CVE dictionary this issue is filed under CVE-2008-2235. Users will need to run "pkcs15-tool -T -U" to test (-T) and update (-U) the security settings on their card.
I guess this need a new CVE number then? cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Current thread:
- opensc 0.11.6 with fixed security update Andreas Jellinghaus (Aug 27)
- Re: opensc 0.11.6 with fixed security update Ludwig Nussel (Sep 05)
- Re: opensc 0.11.6 with fixed security update Steven M. Christey (Sep 09)
- Re: opensc 0.11.6 with fixed security update Ludwig Nussel (Sep 05)