Security update for p11-kit SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2021:4154-1 Final 1 1 2021-12-22T10:03:01Z current 2021-12-22T10:03:01Z 2021-12-22T10:03:01Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for p11-kit This update for p11-kit fixes the following issues: - CVE-2020-29361: Fixed multiple integer overflows in rpc code (bsc#1180064) - Add support for CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER (bsc#1187993). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-SLE-15.3-2021-4154 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BWY3OJFF4O6KAVNTWISEXMD7X5Y2XL6I/ E-Mail link for openSUSE-SU-2021:4154-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1180064 SUSE Bug 1180064 https://bugzilla.suse.com/1187993 SUSE Bug 1187993 https://www.suse.com/security/cve/CVE-2020-29361/ SUSE CVE CVE-2020-29361 page openSUSE Leap 15.3 libp11-kit0-0.23.2-4.13.1 libp11-kit0-32bit-0.23.2-4.13.1 p11-kit-0.23.2-4.13.1 p11-kit-32bit-0.23.2-4.13.1 p11-kit-devel-0.23.2-4.13.1 p11-kit-nss-trust-0.23.2-4.13.1 p11-kit-nss-trust-32bit-0.23.2-4.13.1 p11-kit-tools-0.23.2-4.13.1 libp11-kit0-0.23.2-4.13.1 as a component of openSUSE Leap 15.3 libp11-kit0-32bit-0.23.2-4.13.1 as a component of openSUSE Leap 15.3 p11-kit-0.23.2-4.13.1 as a component of openSUSE Leap 15.3 p11-kit-32bit-0.23.2-4.13.1 as a component of openSUSE Leap 15.3 p11-kit-devel-0.23.2-4.13.1 as a component of openSUSE Leap 15.3 p11-kit-nss-trust-0.23.2-4.13.1 as a component of openSUSE Leap 15.3 p11-kit-nss-trust-32bit-0.23.2-4.13.1 as a component of openSUSE Leap 15.3 p11-kit-tools-0.23.2-4.13.1 as a component of openSUSE Leap 15.3 An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc. CVE-2020-29361 openSUSE Leap 15.3:libp11-kit0-0.23.2-4.13.1 openSUSE Leap 15.3:libp11-kit0-32bit-0.23.2-4.13.1 openSUSE Leap 15.3:p11-kit-0.23.2-4.13.1 openSUSE Leap 15.3:p11-kit-32bit-0.23.2-4.13.1 openSUSE Leap 15.3:p11-kit-devel-0.23.2-4.13.1 openSUSE Leap 15.3:p11-kit-nss-trust-0.23.2-4.13.1 openSUSE Leap 15.3:p11-kit-nss-trust-32bit-0.23.2-4.13.1 openSUSE Leap 15.3:p11-kit-tools-0.23.2-4.13.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BWY3OJFF4O6KAVNTWISEXMD7X5Y2XL6I/ https://www.suse.com/security/cve/CVE-2020-29361.html CVE-2020-29361 https://bugzilla.suse.com/1180064 SUSE Bug 1180064