{"id":"MGASA-2021-0037","summary":"Updated opensc packages fix security vulnerabilities","details":"The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a\nheap-based buffer overflow in sc_oberthur_read_file (CVE-2020-26570).\n\nThe gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a\nstack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init (CVE-2020-26571).\n\nThe TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a\nstack-based buffer overflow in tcos_decipher (CVE-2020-26572).\n","modified":"2026-04-16T04:42:20.560114799Z","published":"2021-01-17T16:07:01Z","upstream":["CVE-2020-26570","CVE-2020-26571","CVE-2020-26572"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0037.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=27663"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EXOHFDMNMO6IDECAGUTB3SJGAGXVRT6S/"}],"affected":[{"package":{"name":"opensc","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/opensc?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.21.0-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0037.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}