The upstream change at $URL corrects a potential buffer overflow. Message: libopensc: protect for possible buffer overflows from rogue cards. Reported by Rafael Dominguez Vega One public message indicates that this change is also required for the fix: https://www.opensc-project.org/opensc/changeset/4912
New ebuild ready, it should work with older pcsc-lite as well so it should be okay to stable already until pcsc-lite is sorted out.
(In reply to comment #1) > New ebuild ready, it should work with older pcsc-lite as well so it should be > okay to stable already until pcsc-lite is sorted out. > Thank you. Arches, please test and mark stable: =dev-libs/opensc-0.11.13-r2 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
ppc64 done
Builds fine on x86, rdeps build fine. No hardware to test functionality. Please mark stable for x86.
Stable for HPPA PPC.
x86 done. Thanks Myckel!
amd64 done
arm stable
alpha/arm/ia64/m68k/s390/sh/sparc stable
Thanks, everyone. GLSA request filed.
CVE-2010-4523 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4523): Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.
This issue was resolved and addressed in GLSA 201401-18 at http://security.gentoo.org/glsa/glsa-201401-18.xml by GLSA coordinator Sean Amoss (ackle).
