The upstream change at $URL corrects a potential buffer overflow.
libopensc: protect for possible buffer overflows from rogue cards.
Reported by Rafael Dominguez Vega
One public message indicates that this change is also required for the fix:
New ebuild ready, it should work with older pcsc-lite as well so it should be okay to stable already until pcsc-lite is sorted out.
(In reply to comment #1)
> New ebuild ready, it should work with older pcsc-lite as well so it should be
> okay to stable already until pcsc-lite is sorted out.
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Builds fine on x86, rdeps build fine. No hardware to test functionality.
Please mark stable for x86.
Stable for HPPA PPC.
x86 done. Thanks Myckel!
Thanks, everyone. GLSA request filed.
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13
and earlier allow physically proximate attackers to execute arbitrary
code via a long serial-number field on a smart card, related to (1)
card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.
This issue was resolved and addressed in
GLSA 201401-18 at http://security.gentoo.org/glsa/glsa-201401-18.xml
by GLSA coordinator Sean Amoss (ackle).