{"schema_version":"1.7.2","id":"OESA-2021-1063","modified":"2021-03-05T11:02:40Z","published":"2021-03-05T11:02:40Z","upstream":["CVE-2020-26571","CVE-2020-26572"],"summary":"opensc security update","details":"OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the standard APIs to smart cards, e.g. PKCS#11 API, Windows’ Smart Card Minidriver and macOS Tokend.\r\n\r\nSecurity Fix(es):\r\n\r\nThe gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.(CVE-2020-26571)\r\n\r\nThe TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.(CVE-2020-26572)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS","name":"opensc","purl":"pkg:rpm/openEuler/opensc\u0026distro=openEuler-20.03-LTS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.20.0-6.oe1"}]}],"ecosystem_specific":{"aarch64":["opensc-0.20.0-6.oe1.aarch64.rpm","opensc-debuginfo-0.20.0-6.oe1.aarch64.rpm","opensc-debugsource-0.20.0-6.oe1.aarch64.rpm","opensc-0.20.0-6.oe1.aarch64.rpm","opensc-debuginfo-0.20.0-6.oe1.aarch64.rpm","opensc-debugsource-0.20.0-6.oe1.aarch64.rpm"],"noarch":["opensc-help-0.20.0-6.oe1.noarch.rpm","opensc-help-0.20.0-6.oe1.noarch.rpm"],"src":["opensc-0.20.0-6.oe1.src.rpm","opensc-0.20.0-6.oe1.src.rpm"],"x86_64":["opensc-0.20.0-6.oe1.x86_64.rpm","opensc-debugsource-0.20.0-6.oe1.x86_64.rpm","opensc-debuginfo-0.20.0-6.oe1.x86_64.rpm","opensc-0.20.0-6.oe1.x86_64.rpm","opensc-debugsource-0.20.0-6.oe1.x86_64.rpm","opensc-debuginfo-0.20.0-6.oe1.x86_64.rpm"]}},{"package":{"ecosystem":"openEuler:20.03-LTS-SP1","name":"opensc","purl":"pkg:rpm/openEuler/opensc\u0026distro=openEuler-20.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.20.0-6.oe1"}]}],"ecosystem_specific":{"aarch64":["opensc-0.20.0-6.oe1.aarch64.rpm","opensc-debuginfo-0.20.0-6.oe1.aarch64.rpm","opensc-debugsource-0.20.0-6.oe1.aarch64.rpm"],"noarch":["opensc-help-0.20.0-6.oe1.noarch.rpm"],"src":["opensc-0.20.0-6.oe1.src.rpm"],"x86_64":["opensc-0.20.0-6.oe1.x86_64.rpm","opensc-debugsource-0.20.0-6.oe1.x86_64.rpm","opensc-debuginfo-0.20.0-6.oe1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1063"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26571"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26572"}],"database_specific":{"severity":"Medium"}}