import CS opensc-0.20.0-6.el8

2023-09-27 13:48:34 +00:00 · 2023-09-27 13:48:34 +00:00 · cb047d6a6a
commit cb047d6a6a
parent 12da73634a
4 changed files with 2282 additions and 1 deletions
--- a/SOURCES/opensc-0.20.0-CVE-2023-2977.patch
+++ b/SOURCES/opensc-0.20.0-CVE-2023-2977.patch
@ -0,0 +1,50 @@
+From 81944d1529202bd28359bede57c0a15deb65ba8a Mon Sep 17 00:00:00 2001
+From: fullwaywang <fullwaywang@tencent.com>
+Date: Mon, 29 May 2023 10:38:48 +0800
+Subject: [PATCH] pkcs15init: correct left length calculation to fix buffer
+ overrun bug. Fixes #2785
+
+---
+ src/pkcs15init/pkcs15-cardos.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/pkcs15init/pkcs15-cardos.c b/src/pkcs15init/pkcs15-cardos.c
+index 9715cf390f..f41f73c349 100644
+--- a/src/pkcs15init/pkcs15-cardos.c
+++ b/src/pkcs15init/pkcs15-cardos.c
+@@ -872,7 +872,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
+ 	sc_apdu_t apdu;
+         u8        rbuf[SC_MAX_APDU_BUFFER_SIZE];
+         int       r;
+-	const u8  *p = rbuf, *q;
+	const u8  *p = rbuf, *q, *pp;
+ 	size_t    len, tlen = 0, ilen = 0;
+ 
+ 	sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0xca, 0x01, 0x88);
+@@ -888,13 +888,13 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
+ 		return 0;
+ 
+ 	while (len != 0) {
+-		p = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
+-		if (p == NULL)
+		pp = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
+		if (pp == NULL)
+ 			return 0;
+ 		if (card->type == SC_CARD_TYPE_CARDOS_M4_3)	{
+ 			/* the verifyRC package on CardOS 4.3B use Manufacturer ID 0x01	*/
+ 			/* and Package Number 0x07					*/
+-			q = sc_asn1_find_tag(card->ctx, p, tlen, 0x01, &ilen);
+			q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x01, &ilen);
+ 			if (q == NULL || ilen != 4)
+ 				return 0;
+ 			if (q[0] == 0x07)
+@@ -902,7 +902,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
+ 		} else if (card->type == SC_CARD_TYPE_CARDOS_M4_4)	{
+ 			/* the verifyRC package on CardOS 4.4 use Manufacturer ID 0x03	*/
+ 			/* and Package Number 0x02					*/
+-			q = sc_asn1_find_tag(card->ctx, p, tlen, 0x03, &ilen);
+			q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x03, &ilen);
+ 			if (q == NULL || ilen != 4)
+ 				return 0;
+ 			if (q[0] == 0x02)
+
--- a/SOURCES/opensc-0.20.0-idprime.patch
+++ b/SOURCES/opensc-0.20.0-idprime.patch
@ -0,0 +1,25 @@
+From 34dad7f543f006ad269ce1f935a9e8d3e3a83db7 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Mon, 3 Feb 2020 16:40:51 +0100
+Subject: [PATCH] idprime: Add missing terminator in ATR list
+
+Thanks oss-fuzz
+
+https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20510
+---
+ src/libopensc/card-idprime.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/libopensc/card-idprime.c b/src/libopensc/card-idprime.c
+index 744d5189b9..9f5adde9d2 100644
+--- a/src/libopensc/card-idprime.c
+++ b/src/libopensc/card-idprime.c
+@@ -52,6 +52,7 @@ static const struct sc_atr_table idprime_atrs[] = {
+ 	  "ff:ff:00:ff:ff:ff:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff",
+ 	  "Gemalto IDPrime MD 8840, 3840, 3810, 840 and 830 Cards",
+ 	  SC_CARD_TYPE_IDPRIME_GENERIC, 0, NULL },
+	{ NULL, NULL, NULL, 0, 0, NULL }
+ };
+ 
+ static const sc_path_t idprime_path = {
+
--- a/SOURCES/opensc-0.20.0-reader-removal.patch
+++ b/SOURCES/opensc-0.20.0-reader-removal.patch
--- a/SPECS/opensc.spec
+++ b/SPECS/opensc.spec
@ -3,7 +3,7 @@

 Name:           opensc
 Version:        0.20.0
-Release:        4%{?dist}
+Release:        6%{?dist}
 Summary:        Smart card library and applications

 Group:          System Environment/Libraries
@ -32,6 +32,28 @@ Patch15:        opensc-0.20.0-calloc0.patch
 # https://github.com/OpenSC/OpenSC/pull/2148
 # + configuration change by default
 Patch16:        opensc-0.20.0-file-cache.patch
+# https://github.com/OpenSC/OpenSC/pull/1929
+Patch17:        opensc-0.20.0-idprime.patch
+# https://github.com/OpenSC/OpenSC/pull/2787
+Patch18:        opensc-0.20.0-CVE-2023-2977.patch
+# 31d8c2dfd14ed01b430def2f46cc718ef4b595fc
+# 8f4a6c703b5ae7d4f44cf33c85330171afa917bf
+# https://github.com/OpenSC/OpenSC/pull/1970 without the first and last commits
+# https://github.com/OpenSC/OpenSC/pull/1923
+# https://github.com/OpenSC/OpenSC/pull/2051
+# https://github.com/OpenSC/OpenSC/pull/2077
+# https://github.com/OpenSC/OpenSC/pull/2418
+# https://github.com/OpenSC/OpenSC/pull/2600
+# c2e00e9071952b30ed6d58d9b7670eb3d93ea6fb
+# https://github.com/OpenSC/OpenSC/pull/2740
+## OpenSC notify build issues
+# 5e79a2a4abdd523cfff19824718bbb0d8ced7320
+# 843779fe6e0f345f483f9ce9c9739913502391eb
+# 7936bdef15c71139a6a6159cabaf9e6101565add
+# 1202eceeefd5ffab45648d41ed0a3076cac10920
+# 295f399304644e6b0acde267ac410d0aae4a1aee
+# ca01aa7a8edc8280a5ceadebb472c2e3c198d8c2
+Patch19:        opensc-0.20.0-reader-removal.patch


 BuildRequires:  pcsc-lite-devel
@ -71,6 +93,9 @@ every software/card that does so, too.
 %patch14 -p1 -b .padding
 %patch15 -p1 -b .calloc0
 %patch16 -p1 -b .file-cache
+%patch17 -p1 -b .idprime
+%patch18 -p1 -b .CVE-2023-2977
+%patch19 -p1 -b .reader-removal

 cp -p src/pkcs15init/README ./README.pkcs15init
 cp -p src/scconf/README.scconf .
@ -229,6 +254,14 @@ fi


 %changelog
+* Tue Jul 11 2023 Jakub Jelen <jjelen@redhat.com> - 0.20.0-6
+- Fix introduced issues tagged by coverity (RHEL-765)
+
+* Thu Jun 15 2023 Jakub Jelen <jjelen@redhat.com> - 0.20.0-5
+- Avoid potential crash because of missing list terminator (#2196234)
+- Fix CVE-2023-2977: potential buffer overrun in pkcs15 cardos_have_verifyrc_package (#2211093)
+- Backport upstream changes regarding to reader removal (#2097048)
+
 * Fri Nov 20 2020 Jakub Jelen <jjelen@redhat.com> - 0.20.0-4
 - Use file cache by default (#1892810)
 - Avoid calloc with 0 argument (#1895401)