[Opensc-commits] [OpenSC/OpenSC] 680d44: gids: fixed possible CWE-125 on non-null-terminate...

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 680d44478b997253e5c7d342a9b980d57768e939
      https://github.com/OpenSC/OpenSC/commit/680d44478b997253e5c7d342a9b980d57768e939
  Author: Frank Morgner <fra...@gm...>
  Date:   2026-05-04 (Mon, 04 May 2026)

  Changed paths:
    M src/libopensc/card-gids.c

  Log Message:
  -----------
  gids: fixed possible CWE-125 on non-null-terminated GIDS directory strings

thanks to Alex Kelchin (@Medoedus) for reporting

Fixes https://github.com/OpenSC/OpenSC/security/advisories/GHSA-324p-w2mr-xmrg


  Commit: 52ba3c81d1e7ec3c5e2416f3f1976b68bea34a11
      https://github.com/OpenSC/OpenSC/commit/52ba3c81d1e7ec3c5e2416f3f1976b68bea34a11
  Author: Frank Morgner <fra...@gm...>
  Date:   2026-05-04 (Mon, 04 May 2026)

  Changed paths:
    M src/libopensc/card-openpgp.c

  Log Message:
  -----------
  openpgp: fixed possible overflow

thanks to Alex Kelchin (@Medoedus) for reporting

fixes https://github.com/OpenSC/OpenSC/security/advisories/GHSA-4pf9-2w58-mgxm


  Commit: 11326df92b823095e2fdebdaadd4b5c110e4c6f3
      https://github.com/OpenSC/OpenSC/commit/11326df92b823095e2fdebdaadd4b5c110e4c6f3
  Author: Frank Morgner <fra...@gm...>
  Date:   2026-05-04 (Mon, 04 May 2026)

  Changed paths:
    M src/libopensc/reader-tr03119.c

  Log Message:
  -----------
  fixed  Off-by-One OOB Write in reader-tr03119.c

reported by @qp-x-qp

patch from Jakub Jelen (@Jakuje)

fixes https://github.com/OpenSC/OpenSC/security/advisories/GHSA-g7xr-h79f-h7pq


  Commit: 5ebb04ded3e8a54a9544a3745b3b5bd566d1e0b2
      https://github.com/OpenSC/OpenSC/commit/5ebb04ded3e8a54a9544a3745b3b5bd566d1e0b2
  Author: Frank Morgner <fra...@gm...>
  Date:   2026-05-04 (Mon, 04 May 2026)

  Changed paths:
    M src/libopensc/card-epass2003.c
    M src/libopensc/iasecc-sdo.c

  Log Message:
  -----------
  epass2003/iasecc: fixed possible heap over-reads

thanks to Alex Kelchin (@Medoedus) for reporting

patch partially from Jakub Jelen (@Jakuje)

fixes https://github.com/OpenSC/OpenSC/security/advisories/GHSA-7xf3-32f8-23h9


  Commit: 0254d273784b62fa48cba5e52af1ebcf8db7b7ee
      https://github.com/OpenSC/OpenSC/commit/0254d273784b62fa48cba5e52af1ebcf8db7b7ee
  Author: Frank Morgner <fra...@gm...>
  Date:   2026-05-04 (Mon, 04 May 2026)

  Changed paths:
    M src/libopensc/pkcs15-pubkey.c

  Log Message:
  -----------
  fixed possible Null-dereference READ

Fixes https://issues.oss-fuzz.com/issues/501179374


  Commit: 6852460211aab8a074af68d4e4e89ef1f5c554d3
      https://github.com/OpenSC/OpenSC/commit/6852460211aab8a074af68d4e4e89ef1f5c554d3
  Author: Frank Morgner <fra...@gm...>
  Date:   2026-05-04 (Mon, 04 May 2026)

  Changed paths:
    M src/libopensc/card-epass2003.c
    M src/libopensc/iasecc-sdo.c

  Log Message:
  -----------
  fixed formatting


  Commit: 3106355f560263ddf5bb69d25f6f1b90e30f4adb
      https://github.com/OpenSC/OpenSC/commit/3106355f560263ddf5bb69d25f6f1b90e30f4adb
  Author: Frank Morgner <fra...@gm...>
  Date:   2026-05-05 (Tue, 05 May 2026)

  Changed paths:
    M src/libopensc/card-epass2003.c
    M src/libopensc/card-gids.c
    M src/libopensc/card-openpgp.c
    M src/libopensc/iasecc-sdo.c
    M src/libopensc/pkcs15-pubkey.c
    M src/libopensc/reader-tr03119.c

  Log Message:
  -----------
  Merge pull request #3642 from frankmorgner/reports

Fix minor issues reported via security issues


Compare: https://github.com/OpenSC/OpenSC/compare/86c5005b2463...3106355f5602

To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications

[Opensc-commits] [OpenSC/OpenSC] 680d44: gids: fixed possible CWE-125 on non-null-terminate...

OpenSC - tools and libraries for smart cards

[Opensc-commits] [OpenSC/OpenSC] 680d44: gids: fixed possible CWE-125 on non-null-terminate...