[Security] opensc OpenSC stores private data without proper access restrictions - CVE-2009-0368
Bug #603703 reported by
Brian Thomason
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
opensc (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Jaunty |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: opensc
Change the defaults of lock_login and soft_keygen_allowed to prevent untrusted applications from using the smartcard and preventing unexpected client side key generation.
Related branches
CVE References
Changed in opensc (Ubuntu): | |
status: | New → In Progress |
assignee: | nobody → Brian Thomason (brian-thomason) |
Changed in opensc (Ubuntu): | |
status: | In Progress → New |
visibility: | private → public |
Changed in opensc (Ubuntu): | |
status: | New → Fix Released |
To post a comment you must log in.
ACK to the debdiff. It is being uploaded and will be released soon.