p11-kit-0.23.22-1.el8
エラータID: AXSA:2021-1862:01
The p11-kit packages provide a mechanism to manage PKCS#11 modules. The p11-kit-trust subpackage includes a PKCS#11 trust module that provides certificate anchors and black lists based on configuration files.
The following packages have been upgraded to a later upstream version: p11-kit (0.23.22).
Security Fix(es):
* p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers (CVE-2020-29361)
* p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c (CVE-2020-29362)
* p11-kit: out-of-bounds write in p11_rpc_buffer_get_byte_array_value function in rpc-message.c (CVE-2020-29363)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2020-29361
An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.
CVE-2020-29362
An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.
CVE-2020-29363
An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.
Update packages.
An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.
An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.
An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.
N/A
SRPMS
- p11-kit-0.23.22-1.el8.src.rpm
MD5: 4726d51517093889cd7398bcdf15a770
SHA-256: b1401600480380757c19423e9c47db7292f75399919fb7437ae6ab5bf31a5b43
Size: 879.34 kB
Asianux Server 8 for x86_64
- p11-kit-0.23.22-1.el8.x86_64.rpm
MD5: d88edab81068a44fb7878826d93bff62
SHA-256: fb3cd420f0ae658c8ba450b23d3469792cc092e28e23a132ada187a32e883e25
Size: 323.14 kB - p11-kit-devel-0.23.22-1.el8.x86_64.rpm
MD5: 899351933b1e731e219cafacadc42746
SHA-256: 7e89d53c87d21b0c8f08d585555f667b8ce81ab0c44100eeed87473a111e0148
Size: 85.84 kB - p11-kit-server-0.23.22-1.el8.x86_64.rpm
MD5: 1aa11d53f5c1fe34173a5da9f37ef9fa
SHA-256: b9baa3a26f3a075fae7de512bfab33097556e91b0f75cd039e716797cca1cd87
Size: 178.19 kB - p11-kit-trust-0.23.22-1.el8.x86_64.rpm
MD5: c7a6f1d19a46f6d72af12392e7cca12a
SHA-256: 641eebda217bd3e2945e679bcca098758113ad87884b9ce5252e08671e5a5258
Size: 135.84 kB - p11-kit-0.23.22-1.el8.i686.rpm
MD5: 7efa049f3c5a2fa565238db1a4565871
SHA-256: add2ae4a62d8aa6de1c39cba84d662765acef846f6c6417ddafd284e1c6babc7
Size: 322.05 kB - p11-kit-devel-0.23.22-1.el8.i686.rpm
MD5: c0cf167ba2893a31112b2ddd4d0ba19c
SHA-256: 179ff2b6b4c8a08d2d63b38ac83d0bba351a46c266c67945b9e8f55cc2797552
Size: 85.86 kB - p11-kit-trust-0.23.22-1.el8.i686.rpm
MD5: 8491bd9276fc926d5a07ffff8f2a2b68
SHA-256: 04bfefbb1c603b1b6b4ecce3193f62899145d3cdc1028c1ed5aa5bf989c6ca38
Size: 140.23 kB