AVG-1355 log
| Package | p11-kit |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 0.23.21-1 |
| Fixed | 0.23.22-1 |
| Current | 0.25.3-1 [core] |
| Ticket | None |
| Created | Sat Dec 12 15:27:12 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-29363 | Medium | Yes | Arbitrary code execution | A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library in versions 0.23.6 up to... |
| CVE-2020-29362 | Medium | Yes | Information disclosure | A heap-based buffer over-read has been discovered in the RPC protocol used by the p11-kit server/remote commands and the client library in versions 0.21.1... |
| CVE-2020-29361 | Medium | No | Arbitrary code execution | Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command in versions 0.21.1 up to... |
| References |
|---|
https://github.com/p11-glue/p11-kit/releases/tag/0.23.22 |