[ubuntu/zesty-proposed] pcsc-lite 1.8.14-1ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Jan 23 18:50:15 UTC 2017
pcsc-lite (1.8.14-1ubuntu2) zesty; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution via
cardsList use-after-free
- debian/patches/CVE-2016-10109-1.patch: prevent use-after-free of
cardsList in src/winscard_svc.c.
- debian/patches/CVE-2016-10109-2.patch: check for a valid hContext
handles in src/winscard_svc.c.
- CVE-2016-10109
Date: Mon, 23 Jan 2017 13:43:41 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/pcsc-lite/1.8.14-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 23 Jan 2017 13:43:41 -0500
Source: pcsc-lite
Binary: pcscd libpcsclite-dev libpcsclite1-dbg libpcsclite1
Architecture: source
Version: 1.8.14-1ubuntu2
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libpcsclite-dev - Middleware to access a smart card using PC/SC (development files)
libpcsclite1 - Middleware to access a smart card using PC/SC (library)
libpcsclite1-dbg - Middleware to access a smart card using PC/SC (debugging symbols)
pcscd - Middleware to access a smart card using PC/SC (daemon side)
Changes:
pcsc-lite (1.8.14-1ubuntu2) zesty; urgency=medium
.
* SECURITY UPDATE: denial of service and possible code execution via
cardsList use-after-free
- debian/patches/CVE-2016-10109-1.patch: prevent use-after-free of
cardsList in src/winscard_svc.c.
- debian/patches/CVE-2016-10109-2.patch: check for a valid hContext
handles in src/winscard_svc.c.
- CVE-2016-10109
Checksums-Sha1:
2192d41c0624635a06e766dd84af9a49c04104dc 2288 pcsc-lite_1.8.14-1ubuntu2.dsc
f4f728b36472bd3cba896dca452cce0635bee2e2 16120 pcsc-lite_1.8.14-1ubuntu2.debian.tar.xz
Checksums-Sha256:
f48faa64e56cb31977936a3fea1a65b9b36f4d435e43c8e25b3bf04aea17f54b 2288 pcsc-lite_1.8.14-1ubuntu2.dsc
ca9a04b447c4bd187aa0b277a0596692f5ca7cb97462637448b416325a1ea5de 16120 pcsc-lite_1.8.14-1ubuntu2.debian.tar.xz
Files:
76f9c285a7f56071a8339f49a568be0b 2288 misc optional pcsc-lite_1.8.14-1ubuntu2.dsc
9b3a06fbb17f50b7582270737811f795 16120 misc optional pcsc-lite_1.8.14-1ubuntu2.debian.tar.xz
Original-Maintainer: Ludovic Rousseau <rousseau at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJYhlAEAAoJEGVp2FWnRL6TfwUQAIQpLStgu+qPoNE+7JWqTyja
WOLG+v0EWuZ3meh8ZzHuWIlnIqawQ2mnb0bfctP313WgpT+p/OGmRdrejMKg4xjc
hskBGdJYezyNx1tuEpoYWzMQMPZYcDnpjiFOSQK5QYvpKZ9Eiax2r6Za53EqBf1U
8BdWIPpB2kcjCByAEmUapjG3aPfHM5Uq0Sja54VMEHl+/Zfr7jgmdnSs6tGE1CEk
fcsvblJnvWNX0Sdjo6bj+suOPTZNdZfMvYX9Q2NytlmCAcBTIJesrlbTI+CvKgW1
GgO5CBKWMR7UCiTqf7Ougsk/ITDFcZk9AeVtBYdVKBzbg1IUN4QjIf/T285d7xcc
uKLdJWbwlNmlloytsdSeDkl5lvPLLRJqDIyCpHM9ZMNiAF0hO2Vno7IvwVSEZfNA
CU8Sp8wGXnxvpV+Q4mVQaZwgoIFbr/1cqr67ipuPkocM2QW3C2WO46r2VLPozbWB
x3AbIWSTirpifqCAi+e9aGebEZpLZaZITu64nOEP55I6hASDCFOV2piqV6Svngvk
gBq7bbIMq2bUEFXOsYolaPn3RyNxi2TgPtSB8dW72FKAUq5+RRe8Px3aR4vdQrZ5
lWMrIvKxu9iliSBio0uy/idYVlxyynluUQkNDPlgb+PVUq3uZI7dv3fsKlY2TExq
wxXJZmc1CU8IaBmOE561
=6/Tm
-----END PGP SIGNATURE-----
More information about the Zesty-changes
mailing list