Red Hat Product Errata RHSA-2013:0525 - Security Advisory

Issued:: 2013-02-21
Updated:: 2013-02-21

RHSA-2013:0525 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: pcsc-lite security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

Updated pcsc-lite packages that fix one security issue and three bugs are
now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

PC/SC Lite provides a Windows SCard compatible interface for communicating
with smart cards, smart card readers, and other security tokens.

A stack-based buffer overflow flaw was found in the way pcsc-lite decoded
certain attribute values of Answer-to-Reset (ATR) messages. A local
attacker could use this flaw to execute arbitrary code with the privileges
of the user running the pcscd daemon (root, by default), by inserting a
specially-crafted smart card. (CVE-2010-4531)

This update also fixes the following bugs:

Due to an error in the init script, the chkconfig utility did not
automatically place the pcscd init script after the start of the HAL
daemon. Consequently, the pcscd service did not start automatically at boot
time. With this update, the pcscd init script has been changed to
explicitly start only after HAL is up, thus fixing this bug. (BZ#788474,
BZ#814549)
Because the chkconfig settings and the startup files in the /etc/rc.d/
directory were not changed during the update described in the
RHBA-2012:0990 advisory, the user had to update the chkconfig settings
manually to fix the problem. Now, the chkconfig settings and the startup
files in the /etc/rc.d/ directory are automatically updated as expected.
(BZ#834803)
Previously, the SCardGetAttrib() function did not work properly and
always returned the "SCARD_E_INSUFFICIENT_BUFFER" error regardless of the
actual buffer size. This update applies a patch to fix this bug and the
SCardGetAttrib() function now works as expected. (BZ#891852)

All users of pcsc-lite are advised to upgrade to these updated packages,
which fix these issues. After installing this update, the pcscd daemon will
be restarted automatically.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Enterprise Linux Server 6 i386
Red Hat Enterprise Linux Workstation 6 x86_64
Red Hat Enterprise Linux Workstation 6 i386
Red Hat Enterprise Linux Desktop 6 x86_64
Red Hat Enterprise Linux Desktop 6 i386
Red Hat Enterprise Linux for IBM z Systems 6 s390x
Red Hat Enterprise Linux for Power, big endian 6 ppc64
Red Hat Enterprise Linux for Scientific Computing 6 x86_64
Red Hat Enterprise Linux Server from RHUI 6 x86_64
Red Hat Enterprise Linux Server from RHUI 6 i386

Fixes

BZ - 664999 - CVE-2010-4531 pcsc-lite: Stack-based buffer overflow in Answer-to-Reset (ATR) decoder
BZ - 834803 - Update of pcsc-lite does not fix problems addressed in BUG 812469
BZ - 891852 - pcsc-lite: incorrect check in SCardGetAttrib and SCardSetAttrib handling

CVEs

CVE-2010-4531

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
pcsc-lite-1.5.2-11.el6.src.rpm	SHA-256: e6108d00beb2afcc4c66cbb9543395c4026c15fd49f6a2c50149aed8af3ef3b1
x86_64
pcsc-lite-1.5.2-11.el6.x86_64.rpm	SHA-256: ff78f9ba74b945cb07bc7d8d786566ee96be1de67b59b33539419de049b5826b
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.x86_64.rpm	SHA-256: ca6ba1dbf7bcad4baf2bf1340885f60036b29353f47664b53a3c6e112c911a5a
pcsc-lite-debuginfo-1.5.2-11.el6.x86_64.rpm	SHA-256: ca6ba1dbf7bcad4baf2bf1340885f60036b29353f47664b53a3c6e112c911a5a
pcsc-lite-devel-1.5.2-11.el6.i686.rpm	SHA-256: 0d41a1c46282ef2f406f1264e5051c04866cc0f0c328c3962eb82bbc64c0b9f7
pcsc-lite-devel-1.5.2-11.el6.x86_64.rpm	SHA-256: 6cd284a2a1f7df0d7c4782c02cf7a5710c38ba99b32cc02d4937b9da484592a5
pcsc-lite-doc-1.5.2-11.el6.x86_64.rpm	SHA-256: 90bf7384cfbaf20a333cccbbb28fdf3ac764aac263ba98f3ddd6d8776782c066
pcsc-lite-libs-1.5.2-11.el6.i686.rpm	SHA-256: 0b6047ad4aad8b00b823e142cdbabbf0f06af886648ca1cb945773cd6ac8e781
pcsc-lite-libs-1.5.2-11.el6.x86_64.rpm	SHA-256: e35b702eba52cbe8e09725620a6f032dbc446be3eaf3db5faf2dd5a5a9575741
i386
pcsc-lite-1.5.2-11.el6.i686.rpm	SHA-256: c0920421b7961d7024cc82c4f6f233068933eee8ac32cf72fcdb033627739683
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-devel-1.5.2-11.el6.i686.rpm	SHA-256: 0d41a1c46282ef2f406f1264e5051c04866cc0f0c328c3962eb82bbc64c0b9f7
pcsc-lite-doc-1.5.2-11.el6.i686.rpm	SHA-256: c34338321753b97acb2d43bf71fdb5f4f168a86367af6188f1174f91c9114d8f
pcsc-lite-libs-1.5.2-11.el6.i686.rpm	SHA-256: 0b6047ad4aad8b00b823e142cdbabbf0f06af886648ca1cb945773cd6ac8e781

Red Hat Enterprise Linux Workstation 6

SRPM
pcsc-lite-1.5.2-11.el6.src.rpm	SHA-256: e6108d00beb2afcc4c66cbb9543395c4026c15fd49f6a2c50149aed8af3ef3b1
x86_64
pcsc-lite-1.5.2-11.el6.x86_64.rpm	SHA-256: ff78f9ba74b945cb07bc7d8d786566ee96be1de67b59b33539419de049b5826b
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.x86_64.rpm	SHA-256: ca6ba1dbf7bcad4baf2bf1340885f60036b29353f47664b53a3c6e112c911a5a
pcsc-lite-debuginfo-1.5.2-11.el6.x86_64.rpm	SHA-256: ca6ba1dbf7bcad4baf2bf1340885f60036b29353f47664b53a3c6e112c911a5a
pcsc-lite-devel-1.5.2-11.el6.i686.rpm	SHA-256: 0d41a1c46282ef2f406f1264e5051c04866cc0f0c328c3962eb82bbc64c0b9f7
pcsc-lite-devel-1.5.2-11.el6.x86_64.rpm	SHA-256: 6cd284a2a1f7df0d7c4782c02cf7a5710c38ba99b32cc02d4937b9da484592a5
pcsc-lite-doc-1.5.2-11.el6.x86_64.rpm	SHA-256: 90bf7384cfbaf20a333cccbbb28fdf3ac764aac263ba98f3ddd6d8776782c066
pcsc-lite-libs-1.5.2-11.el6.i686.rpm	SHA-256: 0b6047ad4aad8b00b823e142cdbabbf0f06af886648ca1cb945773cd6ac8e781
pcsc-lite-libs-1.5.2-11.el6.x86_64.rpm	SHA-256: e35b702eba52cbe8e09725620a6f032dbc446be3eaf3db5faf2dd5a5a9575741
i386
pcsc-lite-1.5.2-11.el6.i686.rpm	SHA-256: c0920421b7961d7024cc82c4f6f233068933eee8ac32cf72fcdb033627739683
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-devel-1.5.2-11.el6.i686.rpm	SHA-256: 0d41a1c46282ef2f406f1264e5051c04866cc0f0c328c3962eb82bbc64c0b9f7
pcsc-lite-doc-1.5.2-11.el6.i686.rpm	SHA-256: c34338321753b97acb2d43bf71fdb5f4f168a86367af6188f1174f91c9114d8f
pcsc-lite-libs-1.5.2-11.el6.i686.rpm	SHA-256: 0b6047ad4aad8b00b823e142cdbabbf0f06af886648ca1cb945773cd6ac8e781

Red Hat Enterprise Linux Desktop 6

SRPM
pcsc-lite-1.5.2-11.el6.src.rpm	SHA-256: e6108d00beb2afcc4c66cbb9543395c4026c15fd49f6a2c50149aed8af3ef3b1
x86_64
pcsc-lite-1.5.2-11.el6.x86_64.rpm	SHA-256: ff78f9ba74b945cb07bc7d8d786566ee96be1de67b59b33539419de049b5826b
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.x86_64.rpm	SHA-256: ca6ba1dbf7bcad4baf2bf1340885f60036b29353f47664b53a3c6e112c911a5a
pcsc-lite-debuginfo-1.5.2-11.el6.x86_64.rpm	SHA-256: ca6ba1dbf7bcad4baf2bf1340885f60036b29353f47664b53a3c6e112c911a5a
pcsc-lite-devel-1.5.2-11.el6.i686.rpm	SHA-256: 0d41a1c46282ef2f406f1264e5051c04866cc0f0c328c3962eb82bbc64c0b9f7
pcsc-lite-devel-1.5.2-11.el6.x86_64.rpm	SHA-256: 6cd284a2a1f7df0d7c4782c02cf7a5710c38ba99b32cc02d4937b9da484592a5
pcsc-lite-doc-1.5.2-11.el6.x86_64.rpm	SHA-256: 90bf7384cfbaf20a333cccbbb28fdf3ac764aac263ba98f3ddd6d8776782c066
pcsc-lite-libs-1.5.2-11.el6.i686.rpm	SHA-256: 0b6047ad4aad8b00b823e142cdbabbf0f06af886648ca1cb945773cd6ac8e781
pcsc-lite-libs-1.5.2-11.el6.x86_64.rpm	SHA-256: e35b702eba52cbe8e09725620a6f032dbc446be3eaf3db5faf2dd5a5a9575741
i386
pcsc-lite-1.5.2-11.el6.i686.rpm	SHA-256: c0920421b7961d7024cc82c4f6f233068933eee8ac32cf72fcdb033627739683
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-devel-1.5.2-11.el6.i686.rpm	SHA-256: 0d41a1c46282ef2f406f1264e5051c04866cc0f0c328c3962eb82bbc64c0b9f7
pcsc-lite-doc-1.5.2-11.el6.i686.rpm	SHA-256: c34338321753b97acb2d43bf71fdb5f4f168a86367af6188f1174f91c9114d8f
pcsc-lite-libs-1.5.2-11.el6.i686.rpm	SHA-256: 0b6047ad4aad8b00b823e142cdbabbf0f06af886648ca1cb945773cd6ac8e781

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
pcsc-lite-1.5.2-11.el6.src.rpm	SHA-256: e6108d00beb2afcc4c66cbb9543395c4026c15fd49f6a2c50149aed8af3ef3b1
s390x
pcsc-lite-1.5.2-11.el6.s390x.rpm	SHA-256: 4590f3f7f42d67f1f2392ea9102d6733edc6918ecdae02dfdfea7d33512e53fa
pcsc-lite-debuginfo-1.5.2-11.el6.s390.rpm	SHA-256: 26aa0d3ec37f35c427673230358abec2f2bca408b864de706179d4e209d41618
pcsc-lite-debuginfo-1.5.2-11.el6.s390.rpm	SHA-256: 26aa0d3ec37f35c427673230358abec2f2bca408b864de706179d4e209d41618
pcsc-lite-debuginfo-1.5.2-11.el6.s390x.rpm	SHA-256: 2cd4ed37a40517723510ed34280a0ed135696350b62e625aa17aef8f910649cd
pcsc-lite-debuginfo-1.5.2-11.el6.s390x.rpm	SHA-256: 2cd4ed37a40517723510ed34280a0ed135696350b62e625aa17aef8f910649cd
pcsc-lite-devel-1.5.2-11.el6.s390.rpm	SHA-256: 6de7ed628c347c37b7347c2b89d2670023ea8ab2a4aa3e721b214fc1578070ac
pcsc-lite-devel-1.5.2-11.el6.s390x.rpm	SHA-256: 7a0152b8fd618a5e4627fc82fe61e5496558d29205739c2ebb2b171e3f4b05a2
pcsc-lite-doc-1.5.2-11.el6.s390x.rpm	SHA-256: c4c305d243611152cce54b758d5cbca7c6b0f39804c6d7198b8daaba69538ad8
pcsc-lite-libs-1.5.2-11.el6.s390.rpm	SHA-256: 3921e5b6ce79429c5f65621447cf43f1d01a562e40106f9a5eb60cea00d67b46
pcsc-lite-libs-1.5.2-11.el6.s390x.rpm	SHA-256: cb4a73d4601e86fe383565d14670ec1dc9d90f1da0674d019dff6d7d21aa5e87

Red Hat Enterprise Linux for Power, big endian 6

SRPM
pcsc-lite-1.5.2-11.el6.src.rpm	SHA-256: e6108d00beb2afcc4c66cbb9543395c4026c15fd49f6a2c50149aed8af3ef3b1
ppc64
pcsc-lite-1.5.2-11.el6.ppc64.rpm	SHA-256: 0db707d947a898e7380240fdb1325d2e194e6d0fbad5493048e50f6ca3422647
pcsc-lite-debuginfo-1.5.2-11.el6.ppc.rpm	SHA-256: df80f7872759a1ab2abe63d833e02b4c803223af8bc74b94c2625bc8295dc94e
pcsc-lite-debuginfo-1.5.2-11.el6.ppc.rpm	SHA-256: df80f7872759a1ab2abe63d833e02b4c803223af8bc74b94c2625bc8295dc94e
pcsc-lite-debuginfo-1.5.2-11.el6.ppc64.rpm	SHA-256: cf9898fdf1ea071f94dfa673173e79dd22a1e451ab1107538935916cd6fb0e7e
pcsc-lite-debuginfo-1.5.2-11.el6.ppc64.rpm	SHA-256: cf9898fdf1ea071f94dfa673173e79dd22a1e451ab1107538935916cd6fb0e7e
pcsc-lite-devel-1.5.2-11.el6.ppc.rpm	SHA-256: ec2aa93552fff63b1c433cf943687db7d2eec377676da9b97e86a3227e48c81e
pcsc-lite-devel-1.5.2-11.el6.ppc64.rpm	SHA-256: 5d38e834b2a4be634de1100dbc4266d4aecaa0c24d511f338fa304ea413e6561
pcsc-lite-doc-1.5.2-11.el6.ppc64.rpm	SHA-256: ab23bb8205b5478ae2c037c80d8ef80fe1f42cbe5168b21cd5d35a066a650d11
pcsc-lite-libs-1.5.2-11.el6.ppc.rpm	SHA-256: b2ffe7fc009ddadba69ff303ec8d9739855ad1717aa0f9a6682c642ae587df12
pcsc-lite-libs-1.5.2-11.el6.ppc64.rpm	SHA-256: 7a482c6ff2f852e2d0737d353d6cb73caafd20e859412178ecd4f2981d84153b

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
pcsc-lite-1.5.2-11.el6.src.rpm	SHA-256: e6108d00beb2afcc4c66cbb9543395c4026c15fd49f6a2c50149aed8af3ef3b1
x86_64
pcsc-lite-1.5.2-11.el6.x86_64.rpm	SHA-256: ff78f9ba74b945cb07bc7d8d786566ee96be1de67b59b33539419de049b5826b
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.x86_64.rpm	SHA-256: ca6ba1dbf7bcad4baf2bf1340885f60036b29353f47664b53a3c6e112c911a5a
pcsc-lite-devel-1.5.2-11.el6.i686.rpm	SHA-256: 0d41a1c46282ef2f406f1264e5051c04866cc0f0c328c3962eb82bbc64c0b9f7
pcsc-lite-devel-1.5.2-11.el6.x86_64.rpm	SHA-256: 6cd284a2a1f7df0d7c4782c02cf7a5710c38ba99b32cc02d4937b9da484592a5
pcsc-lite-doc-1.5.2-11.el6.x86_64.rpm	SHA-256: 90bf7384cfbaf20a333cccbbb28fdf3ac764aac263ba98f3ddd6d8776782c066
pcsc-lite-libs-1.5.2-11.el6.i686.rpm	SHA-256: 0b6047ad4aad8b00b823e142cdbabbf0f06af886648ca1cb945773cd6ac8e781
pcsc-lite-libs-1.5.2-11.el6.x86_64.rpm	SHA-256: e35b702eba52cbe8e09725620a6f032dbc446be3eaf3db5faf2dd5a5a9575741

Red Hat Enterprise Linux Server from RHUI 6

SRPM
pcsc-lite-1.5.2-11.el6.src.rpm	SHA-256: e6108d00beb2afcc4c66cbb9543395c4026c15fd49f6a2c50149aed8af3ef3b1
x86_64
pcsc-lite-1.5.2-11.el6.x86_64.rpm	SHA-256: ff78f9ba74b945cb07bc7d8d786566ee96be1de67b59b33539419de049b5826b
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.x86_64.rpm	SHA-256: ca6ba1dbf7bcad4baf2bf1340885f60036b29353f47664b53a3c6e112c911a5a
pcsc-lite-debuginfo-1.5.2-11.el6.x86_64.rpm	SHA-256: ca6ba1dbf7bcad4baf2bf1340885f60036b29353f47664b53a3c6e112c911a5a
pcsc-lite-devel-1.5.2-11.el6.i686.rpm	SHA-256: 0d41a1c46282ef2f406f1264e5051c04866cc0f0c328c3962eb82bbc64c0b9f7
pcsc-lite-devel-1.5.2-11.el6.x86_64.rpm	SHA-256: 6cd284a2a1f7df0d7c4782c02cf7a5710c38ba99b32cc02d4937b9da484592a5
pcsc-lite-doc-1.5.2-11.el6.x86_64.rpm	SHA-256: 90bf7384cfbaf20a333cccbbb28fdf3ac764aac263ba98f3ddd6d8776782c066
pcsc-lite-libs-1.5.2-11.el6.i686.rpm	SHA-256: 0b6047ad4aad8b00b823e142cdbabbf0f06af886648ca1cb945773cd6ac8e781
pcsc-lite-libs-1.5.2-11.el6.x86_64.rpm	SHA-256: e35b702eba52cbe8e09725620a6f032dbc446be3eaf3db5faf2dd5a5a9575741
i386
pcsc-lite-1.5.2-11.el6.i686.rpm	SHA-256: c0920421b7961d7024cc82c4f6f233068933eee8ac32cf72fcdb033627739683
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-debuginfo-1.5.2-11.el6.i686.rpm	SHA-256: 3fa8cb93b81fa5186328bf49887ecbf55e53aa9d176231fbdfd6dcb81b64f9a4
pcsc-lite-devel-1.5.2-11.el6.i686.rpm	SHA-256: 0d41a1c46282ef2f406f1264e5051c04866cc0f0c328c3962eb82bbc64c0b9f7
pcsc-lite-doc-1.5.2-11.el6.i686.rpm	SHA-256: c34338321753b97acb2d43bf71fdb5f4f168a86367af6188f1174f91c9114d8f
pcsc-lite-libs-1.5.2-11.el6.i686.rpm	SHA-256: 0b6047ad4aad8b00b823e142cdbabbf0f06af886648ca1cb945773cd6ac8e781

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories