Publishing details
Changelog
p11-kit (0.23.20-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: multiple integer overflows
- debian/patches/CVE-2020-29361-1.patch: check for arithmetic overflows
before allocating in p11-kit/iter.c, p11-kit/lists.c,
p11-kit/proxy.c, p11-kit/rpc-message.c, p11-kit/rpc-message.h,
p11-kit/rpc-server.c, trust/index.c.
- debian/patches/CVE-2020-29361-2.patch: follow-up to arithmetic
overflow fix in common/compat.c, p11-kit/rpc-message.c.
- CVE-2020-29361
* SECURITY UPDATE: heap over-read in the RPC protocol
- debian/patches/CVE-2020-29362.patch: fix bounds check in
p11-kit/rpc-message.c.
- CVE-2020-29362
* SECURITY UPDATE: heap overflow in RPC protocol
- debian/patches/CVE-2020-29363.patch: check attribute length against
buffer size in p11-kit/rpc-message.c.
- CVE-2020-29363
-- Marc Deslauriers <email address hidden> Mon, 04 Jan 2021 14:04:11 -0500
Builds
Built packages
-
libp11-kit-dev
library for loading and coordinating access to PKCS#11 modules - development
-
libp11-kit0
library for loading and coordinating access to PKCS#11 modules - runtime
-
libp11-kit0-dbgsym
debug symbols for libp11-kit0
-
p11-kit
p11-glue utilities
-
p11-kit-dbgsym
debug symbols for p11-kit
-
p11-kit-modules
p11-glue proxy and trust modules
-
p11-kit-modules-dbgsym
debug symbols for p11-kit-modules
Package files