The commit at $URL corrects a stack overflow vulnerability that could be exploited by local users to execute arbitrary code with the privileges of user running pcscd. I believe this is fixed in sys-apps/pcsc-lite-1.6.6, which is already in the tree. Arches, please test and mark stable: =sys-apps/pcsc-lite-1.6.6 Target keywords : "amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Can you _please_ ask the maintainer before asking arches to mark stuff stable? This needs _at least_ to go stable *at the same time* of the latest ccid, and there are likely other revdeps that need to go stable at the same time. And at least one package that upstream (same author) didn't update to work with the new udev-based discovery.
(In reply to comment #1) > Can you _please_ ask the maintainer before asking arches to mark stuff stable? > My apologies. Please let us know when/if this can go stable and with which other dependencies.
List of packages to stable _at the same time_ for the arch teams: sys-apps/pcsc-lite-1.6.6-r1 app-crypt/ccid-1.4.1-r1 [older ccid won't work with new pcsc-lite, newer ccid won't work with old pcsc-lite] dev-libs/opensc-0.11.13-r2 [-r0 will not work; -r2 also fixes buffer overflows] net-misc/rdesktop-1.6.0-r4 [I didn't want to fix the previous versions, see the dependent bugs] (Tim can you please open the rdesktop stable bug as well? Thanks!)
Arches, please test and mark stable: =sys-apps/pcsc-lite-1.6.6 Target keywords : "amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" This must be stabilized at the same time with: app-crypt/ccid-1.4.1-r1 in bug 349559 dev-libs/opensc-0.11.13-r2 in bug 349567 net-misc/rdesktop-1.6.0-r4 in bug 349835
amd64 done
Stable for HPPA PPC.
x86 done.
arm stable
alpha/arm/ia64/m68k/s390/sh/sparc
ppc64 stable, last arch done
Thanks, everyone. GLSA request filed.
CVE-2010-4531 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4531): Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.
security: why does this still open (and its dependencies)?
(In reply to comment #13) > security: why does this still open (and its dependencies)? pending advisory
(In reply to comment #14) > (In reply to comment #13) > > security: why does this still open (and its dependencies)? > > pending advisory Thanks! From 2011-01-21?
This issue was resolved and addressed in GLSA 201401-17 at http://security.gentoo.org/glsa/glsa-201401-17.xml by GLSA coordinator Sean Amoss (ackle).