sdkp2-openscSecurity update for openscSecurity update for openscThis update fixes a security issues with opensc that
occured when initializing blank smart cards with Siemens
CardOS M4. After the initialization anyone could set the
PIN of the smart card without authorization (CVE-2008-2235).
NOTE: Already initialized cards are still vulnerable after
this update. Please use the command-line tool pkcs15-tool
with option
--test-update and --update when necessary.
Don't forget to reinitialize your smart cards if you are
using cards with Siemens CardOS M4 operating system that
were initialized using opensc!
Please find more information at
http://www.opensc-project.org/security.html
This is the second attempt to fix this problem. The
previous update was unforunately incomplete.
This update fixes a security issues with opensc that
occured when initializing blank smart cards with Siemens
CardOS M4. After the initialization anyone could set the
PIN of the smart card without authorization (CVE-2008-2235).
NOTE: Already initialized cards are still vulnerable after
this update. Please use the command-line tool pkcs15-tool
with option
--test-update and --update when necessary.
Don't forget to reinitialize your smart cards if you are
using cards with Siemens CardOS M4 operating system that
were initialized using opensc!
Please find more information at
http://www.opensc-project.org/security.html
This is the second attempt to fix this problem. The
previous update was unforunately incomplete.
securityopensc-32bitx86_64bcc499b76dc7cfb1ab697139ada1b3016f7fd95copensc-develx86_64b39dd78c634a56c3795a62d2246657ff6acaf193