Package: libcacard / 1:2.5.0-3

Metadata

Package Version Patches format
libcacard 1:2.5.0-3 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
remove requires.private.patch | (download)

libcacard.pc.in | 1 0 + 1 - 0 !
1 file changed, 1 deletion(-)

 remove reqires.private from libcacard.pc
smartcard fix memory leak in vcard_apdu_new CVE 2017 6414.patch | (download)

src/card_7816.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 smartcard: fix memory leak in vcard_apdu_new
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Commit-Id: 9113dc6a303604a2d9812ac70c17d076ef11886c
Bug-Debian: http://bugs.debian.org/856501

In the error path, 'new_apdu->a_data' is not freed.
This can be triggered by the guest continuely.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
dont fail if caller didn t pick previous response.patch | (download)

src/card_7816.c | 4 1 + 3 - 0 !
1 file changed, 1 insertion(+), 3 deletions(-)

 do not fail, if the caller didn't pick up response from previous call
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Commit-Id: ad591057c301d3120c3f7e5a5826342c8bf523bc

During our testing of a new CAC driver in OpenSC, with this library, we
encountered a problem with |libcacard| failing and the driver returning
only a fraction of the requested objects.

The problem is that the Emulator wants to return the data (properly
signalized by 61 (RESPONSE BYTES) in SW1), but this is ignored for some
reason in some of our calls from OpenSC. The Emulator should not fail
hard for the next independent request, rather silently drop the buffer
and serve the ongoing APDU request (I would left for consideration to
somehow log such problem).

Patch was successfully tested on Fedora 24 host and solves our problem
(though we worked around the problem already in the driver too).