Sender: |
|
Date: |
Mon, 4 Mar 2013 13:10:11 -0600 |
Reply-To: |
|
Subject: |
|
MIME-Version: |
1.0 |
Content-Transfer-Encoding: |
7bit |
Content-Type: |
text/plain; charset="UTF-8"; format=flowed |
Organization: |
Fermilab |
From: |
|
Parts/Attachments: |
|
|
Synopsis: Low: ccid security and bug fix update
Issue Date: 2013-02-21
CVE Numbers: CVE-2010-4530
--
An integer overflow, leading to an array index error, was found in the
way the
CCID driver processed a smart card's serial number. A local attacker
could use
this flaw to execute arbitrary code with the privileges of the user
running the
PC/SC Lite pcscd daemon (root, by default), by inserting a specially-crafted
smart card. (CVE-2010-4530)
This update also fixes the following bug:
* Previously, CCID only recognized smart cards with 5V power supply.
With this
update, CCID also supports smart cards with different power supply.
--
SL6
x86_64
ccid-1.3.9-6.el6.x86_64.rpm
ccid-debuginfo-1.3.9-6.el6.x86_64.rpm
i386
ccid-1.3.9-6.el6.i686.rpm
ccid-debuginfo-1.3.9-6.el6.i686.rpm
- Scientific Linux Development Team
|
|
|