There are 5 open security issues in bullseye.
5 issues left for the package maintainer to handle:
- CVE-2021-42778:
(needs triaging)
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
- CVE-2021-42779:
(needs triaging)
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.
- CVE-2021-42780:
(needs triaging)
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.
- CVE-2021-42781:
(needs triaging)
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.
- CVE-2021-42782:
(needs triaging)
Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.
You can find information about how to handle these issues in the security team's documentation.