Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 704216 (CVE-2019-15945, CVE-2019-15946, CVE-2019-19479, CVE-2019-19479CVE-2019-15946, CVE-2019-19480, CVE-2019-19481)

Summary: <dev-libs/opensc-0.20.0 - multiple vulnerabilities
Product: Gentoo Security Reporter: Jeroen Roovers (RETIRED) <jer>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: crypto+disabled
Priority: Normal Keywords: PullRequest
Version: unspecifiedFlags: stable-bot: sanity-check+
Hardware: All   
OS: Linux   
URL: https://github.com/OpenSC/OpenSC/releases/tag/0.20.0
See Also: https://bugs.gentoo.org/show_bug.cgi?id=676678
https://github.com/gentoo/gentoo/pull/14304
Whiteboard: B3 [noglsa cve]
Package list:
dev-libs/opensc-0.20.0
 Runtime testing required: ---

Description Jeroen Roovers (RETIRED) gentoo-dev 2019-12-29 22:03:33 UTC 
https://github.com/OpenSC/OpenSC/releases/tag/0.20.0

* fixed security problems
** CVE-2019-6502 (#1586)
** CVE-2019-15946 (a3fc769)
** CVE-2019-15945 (412a614)
** CVE-2019-19480 (6ce6152)
** CVE-2019-19481 (b75c002)
** CVE-2019-19479 (c3f23b8)
Comment 1 Larry the Git Cow gentoo-dev 2020-01-13 12:03:18 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=338f86fa965dc8c8f559799ab993088e71925a94

commit 338f86fa965dc8c8f559799ab993088e71925a94
Author:     Mikk Margus Möll <mimoll@ttu.ee>
AuthorDate: 2020-01-12 23:27:13 +0000
Commit:     Mikle Kolyada <zlogene@gentoo.org>
CommitDate: 2020-01-13 12:02:53 +0000

    dev-libs/opensc: bump to 0.20.0
    
    Bug: https://bugs.gentoo.org/704216
    Package-Manager: Portage-2.3.84, Repoman-2.3.20
    Signed-off-by: Mikk Margus Möll <mimoll@ttu.ee>
    Signed-off-by: Mikle Kolyada <zlogene@gentoo.org>

 dev-libs/opensc/Manifest             |  1 +
 dev-libs/opensc/opensc-0.20.0.ebuild | 61 ++++++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+)
Comment 2 Agostino Sarubbo gentoo-dev 2020-01-17 09:30:08 UTC 
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2020-01-17 09:33:38 UTC 
ppc stable
Comment 4 Agostino Sarubbo gentoo-dev 2020-01-17 10:27:13 UTC 
ppc64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2020-01-17 10:28:58 UTC 
ia64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2020-01-17 10:30:44 UTC 
x86 stable
Comment 7 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2020-01-27 10:55:02 UTC 
arm stable
Comment 8 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2020-01-27 10:57:58 UTC 
GLSA vote: No.