-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 29 Dec 2020 15:48:30 +0100 Source: p11-kit Binary: libp11-kit-dev libp11-kit0 libp11-kit0-dbgsym p11-kit p11-kit-dbgsym p11-kit-modules p11-kit-modules-dbgsym Architecture: amd64 Version: 0.23.15-2+deb10u1 Distribution: buster-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) Changed-By: Salvatore Bonaccorso Description: libp11-kit-dev - library for loading and coordinating access to PKCS#11 modules - libp11-kit0 - library for loading and coordinating access to PKCS#11 modules - p11-kit - p11-glue utilities p11-kit-modules - p11-glue proxy and trust modules Changes: p11-kit (0.23.15-2+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix bounds check in p11_rpc_buffer_get_byte_array (CVE-2020-29362) * Check attribute length against buffer size (CVE-2020-29363) * Check for arithmetic overflows before allocating (CVE-2020-29361) * Follow-up to arithmetic overflow fix (CVE-2020-29361) Checksums-Sha1: 2cf18c38817eb80dfa4d6a5039ed4a3baae1591e 195664 libp11-kit-dev_0.23.15-2+deb10u1_amd64.deb 757de8f1ecba2f3748aa2f88af98ecad67e1f450 1252600 libp11-kit0-dbgsym_0.23.15-2+deb10u1_amd64.deb a9813c67de67f694476b9f8a696cb26dc32d90d1 316440 libp11-kit0_0.23.15-2+deb10u1_amd64.deb 63cef7f758a8f23f1e50a3b239358f3dfb74eadf 307352 p11-kit-dbgsym_0.23.15-2+deb10u1_amd64.deb 6f20adc066ee6dfc3ebf848ad3405ccd663ee49d 1406692 p11-kit-modules-dbgsym_0.23.15-2+deb10u1_amd64.deb 85a884e431a93770c6409599aabfb376bcb1f44c 222228 p11-kit-modules_0.23.15-2+deb10u1_amd64.deb 3f31c04d5afc89fea1f0b5d828090cfba5491582 8258 p11-kit_0.23.15-2+deb10u1_amd64-buildd.buildinfo bb87edd7048f2ebca1c5be8c0fa1b5c52e305a99 268452 p11-kit_0.23.15-2+deb10u1_amd64.deb Checksums-Sha256: f60c7ca99b9f57b8cc36b6f3ed138491d04d4f23a250e7ab8cf499617c4a4a2e 195664 libp11-kit-dev_0.23.15-2+deb10u1_amd64.deb 1f644c584f938f6b9ccb5f96e13665be82a3a999a24d5690f0d6a4c36a968fdf 1252600 libp11-kit0-dbgsym_0.23.15-2+deb10u1_amd64.deb 02b2f15ad9cd2ead38dbeb85cdba65d8e4d44155495110231504cd0de1f16f83 316440 libp11-kit0_0.23.15-2+deb10u1_amd64.deb 30064fc8ece0d101a5e4e41077bc98c6c1dcd77722b6f982e97ae824c14d8a6b 307352 p11-kit-dbgsym_0.23.15-2+deb10u1_amd64.deb a708d7cdfa333ad202bbf44851e37c76c8971374281caa6d139a473880252082 1406692 p11-kit-modules-dbgsym_0.23.15-2+deb10u1_amd64.deb 40e5348d93df6bc387fac7e259c64e6ab3b5c714f677f1f98d8140d9eb887355 222228 p11-kit-modules_0.23.15-2+deb10u1_amd64.deb 94c7e4cf5ef02faae7b767c818149f0548326d2983a682dc779d9b6fe48551c1 8258 p11-kit_0.23.15-2+deb10u1_amd64-buildd.buildinfo cb4e3f7fdba6443fefe674de3ef38db523e241f7b212f21e5dcc75ab702a66ed 268452 p11-kit_0.23.15-2+deb10u1_amd64.deb Files: d8351169a5f6c871a39c841bd936cc58 195664 libdevel optional libp11-kit-dev_0.23.15-2+deb10u1_amd64.deb f949dc3f0ae1f8f6f0c73c9bd38745e9 1252600 debug optional libp11-kit0-dbgsym_0.23.15-2+deb10u1_amd64.deb fa5921f303dccb722744efb162276689 316440 libs optional libp11-kit0_0.23.15-2+deb10u1_amd64.deb e66bc80ffaa8b0f0d33c35892d28b957 307352 debug optional p11-kit-dbgsym_0.23.15-2+deb10u1_amd64.deb a70b375db6e6f196acc78e7ed8beb4dc 1406692 debug optional p11-kit-modules-dbgsym_0.23.15-2+deb10u1_amd64.deb 754358ca227a458c503d16ac593bc874 222228 misc optional p11-kit-modules_0.23.15-2+deb10u1_amd64.deb 917605d09c6ddeea37cbb97895162510 8258 libs optional p11-kit_0.23.15-2+deb10u1_amd64-buildd.buildinfo c6f9646b8bc4bc1123b4213fd4804c5f 268452 misc optional p11-kit_0.23.15-2+deb10u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEcU6S3GjxzS183/1jeHlhQ1ylJm8FAl/rRxkACgkQeHlhQ1yl Jm+yUg/9GnN4x+W0++K4SbjHOnEER5tYBJAMtWHMajPSTi+pxHRF/2C1N+X6X+AF i3VfpZ+LhRXUp+q0CicAlCAD+L7my0kT69ZsH5M0+J4mIOcFavK9tyZY+h10QCHA ruux4a8wF3SMVMKk7CVGXqysx71XM/++hMMbnGZ3GQXC6VBV6/80wC1N+du01GfE 82JO/fTd0fGFVNsGJMnIMJmKPOSePg6YoQu/B3184LTpZGPWBlbZQOjWU7W0izdy B5oPz+M6fUblNS9uwXHb5ml457yob70KKEoBJswB8rQqtoPW41gNn5X2YzI6our3 lVuTyRRQw0nROWc43vgjF8YDOkuJ0wrBxj+RD3NvrGXOtWeZCSotWwAxu0BmRZVy ukRLeZzvTtmXc8hHaMY9bmifxtFVl9RfQW8Caj0D+ZptCPGGhl0SwXQS55dvf7yg GccDlp8NTJyCa+6CbVZLK+pi+g166Y4tGqUyeNJeL/TyZqHwcMWs2fi3N8elmH1p hFsHt2qvbx076PPavKzVsCXEcRnml+TXa81/L1LvbFab6TwWWqRHeh8KtC0b3cLg FlgsJpjLuq4PIei4SiVs6zmmMo3dpoq6EUmNgkuKSgstSlm+CLcC5MfQIBrQJBGs JXvpf8zOvWF53KhSejZbCoCSXifuKowRQdhszhBWR0NQWe54xkY= =njdm -----END PGP SIGNATURE-----