Lucene search

K
suseSuseOPENSUSE-SU-2018:2623-1
HistorySep 05, 2018 - 3:12 p.m.

Security update for yubico-piv-tool (low)

2018-09-0515:12:05
lists.opensuse.org
24

EPSS

0.002

Percentile

52.1%

This update for yubico-piv-tool fixes the following issues:

Security issues fixed:

  • CVE-2018-14779: Fixed an buffer overflow and an out of bounds memory
    read in ykpiv_transfer_data(), which could be triggered by a malicious
    token. (boo#1104809, YSA-2018-03)
  • CVE-2018-14780: Fixed an buffer overflow and an out of bounds memory
    read in _ykpiv_fetch_object(), which could be triggered by a malicious
    token. (boo#1104811, YSA-2018-03)

EPSS

0.002

Percentile

52.1%