Debian Package Tracker

general

source: opensc (main)
version: 0.21.0-1
maintainer: Debian OpenSC Maintainers (archive) (DMD)
uploaders: Eric Dorland [DMD]
arch: any
std-ver: 4.5.0.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.14.0-2
o-o-sec: 0.16.0-3+deb8u2
oldstable: 0.16.0-3+deb9u1
stable: 0.19.0-1
testing: 0.21.0-1
unstable: 0.21.0-1

versioned links

0.14.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.16.0-3+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.16.0-3+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.19.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.21.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

opensc (18 bugs: 0, 15, 3, 0)
opensc-pkcs11 (5 bugs: 0, 5, 0, 0)

action needed

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2020-10-19 Last update: 2021-01-17 04:02

Depends on packages which need a new maintainer normal

The packages that opensc depends on which need a new maintainer are:

docbook-xsl (#802370)
- Build-Depends: docbook-xsl

Created: 2019-11-22 Last update: 2021-01-17 03:06

lintian reports 5 warnings normal

Lintian reports 5 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2020-09-21 06:03

7 ignored security issues in stretch low

There are 7 open security issues in stretch.

7 issues skipped by the security teams:

CVE-2019-15945: OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c.
CVE-2019-15946: OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.
CVE-2019-19479: An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute.
CVE-2019-20792: OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
CVE-2020-26570: The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.
CVE-2020-26571: The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.
CVE-2020-26572: The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.

Please fix them.

Created: 2019-09-06 Last update: 2020-12-12 03:53

7 ignored security issues in buster low

There are 7 open security issues in buster.

7 issues skipped by the security teams:

CVE-2019-15945: OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c.
CVE-2019-15946: OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.
CVE-2019-19479: An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute.
CVE-2019-20792: OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
CVE-2020-26570: The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.
CVE-2020-26571: The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.
CVE-2020-26572: The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.

Please fix them.

Created: 2019-09-06 Last update: 2020-12-12 03:53

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0.0).

Created: 2020-11-17 Last update: 2020-12-06 17:34

testing migrations

This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2020-12-12] opensc 0.21.0-1 MIGRATED to testing (Debian testing watch)
[2020-12-06] Accepted opensc 0.21.0-1 (source) into unstable (Eric Dorland)
[2020-09-05] opensc 0.20.0-4 MIGRATED to testing (Debian testing watch)
[2020-08-30] Accepted opensc 0.20.0-4 (source) into unstable (Eric Dorland)
[2020-02-02] opensc 0.20.0-3 MIGRATED to testing (Debian testing watch)
[2020-01-28] Accepted opensc 0.20.0-3 (source) into unstable (Eric Dorland)
[2020-01-26] Accepted opensc 0.20.0-2 (source) into unstable (Eric Dorland)
[2020-01-09] opensc 0.20.0-1 MIGRATED to testing (Debian testing watch)
[2020-01-04] Accepted opensc 0.20.0-1 (source) into unstable (Eric Dorland)
[2019-12-26] Accepted opensc 0.16.0-3+deb8u2 (source amd64) into oldoldstable (Utkarsh Gupta) (signed by: Roberto C. Sanchez)
[2019-09-11] Accepted opensc 0.16.0-3+deb8u1 (source amd64) into oldoldstable (Markus Koschany)
[2019-07-09] opensc 0.19.0-2 MIGRATED to testing (Debian testing watch)
[2019-03-04] Accepted opensc 0.19.0-2 (source) into unstable (Eric Dorland)
[2018-10-06] opensc 0.19.0-1 MIGRATED to testing (Debian testing watch)
[2018-10-04] Accepted opensc 0.16.0-3+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Eric Dorland)
[2018-09-30] Accepted opensc 0.19.0-1 (source) into unstable (Eric Dorland)
[2018-09-09] Accepted opensc 0.19.0~rc1-1 (source) into unstable (Eric Dorland)
[2018-06-08] opensc 0.18.0-3 MIGRATED to testing (Debian testing watch)
[2018-06-03] Accepted opensc 0.18.0-3 (source) into unstable (Eric Dorland)
[2018-05-28] opensc 0.18.0-2 MIGRATED to testing (Debian testing watch)
[2018-05-22] Accepted opensc 0.18.0-2 (source) into unstable (Eric Dorland)
[2018-05-21] Accepted opensc 0.18.0-1 (source) into unstable (Eric Dorland)
[2018-03-02] opensc 0.17.0-3 MIGRATED to testing (Debian testing watch)
[2018-02-25] Accepted opensc 0.17.0-3 (source) into unstable (Eric Dorland)
[2017-12-03] opensc 0.17.0-2 MIGRATED to testing (Debian testing watch)
[2017-11-27] Accepted opensc 0.17.0-2 (source) into unstable (Eric Dorland)
[2017-07-29] opensc 0.17.0-1 MIGRATED to testing (Debian testing watch)
[2017-07-23] Accepted opensc 0.17.0-1 (source) into unstable (Eric Dorland)
[2017-06-30] opensc 0.17.0~rc1-1 MIGRATED to testing (Debian testing watch)
[2017-06-24] Accepted opensc 0.17.0~rc1-1 (source amd64) into unstable (Eric Dorland)

bugs [bug history graph]

all: 25 26
RC: 0
I&N: 22 23
M&W: 3
F&P: 0
patch: 1

links

homepage
lintian (0, 5)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.21.0-1
13 bugs (2 patches)