--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/pcsc-lite/patches/S11-scardrelease_context.patch	Wed Jan 11 14:23:48 2017 -0800
@@ -0,0 +1,39 @@
+Upstream patch/fix that was included in the next release of pcsclite:
+https://anonscm.debian.org/cgit/pcsclite/PCSC.git/patch/?id=697fe05967af7ea215bcd5d5774be587780c9e22
+patch by Peter Wu <[email protected]> 2016-12-25 22:31:24 (GMT)
+committed by Ludovic Rousseau <[email protected]> 2016-12-30 16:18:39 (GMT)
+
+Once MSGRemoveContext is invoked (via SCARD_RELEASE_CONTEXT), cardsList is freed. 
+A repeated invocation of SCARD_RELEASE_CONTEXT (with an empty context handle) 
+results in a use-after-free followed by a double-free. After MSGRemoveContext, 
+invocation of SCardEstablishContext enable further use-after-free of cardsList in 
+MSGCheckHandleAssociation, MSGRemoveContext, MSGAddHandle, MSGRemoveHandle. 
+
+To avoid this problem, destroy the list only when the client connection is terminated.
+
+This patch was based on the above and modified to work with our v1.8.14 of the pcsc-lite source code 
+and named accordingly to build with our existing Solaris pcsc-lite userland patch layout.
+
+--- a/src/winscard_svc.c	2017-01-09 14:27:56.897972773 -0500
++++ b/src/winscard_svc.c	2017-01-09 14:26:46.043849006 -0500
+@@ -868,7 +868,6 @@
+ 		UNREF_READER(rContext)
+ 	}
+ 	(void)pthread_mutex_unlock(&threadContext->cardsList_lock);
+-	list_destroy(&threadContext->cardsList);
+ 
+ 	/* We only mark the context as no longer in use.
+ 	 * The memory is freed in MSGCleanupCLient() */
+@@ -979,6 +978,11 @@
+ 		(void)MSGRemoveContext(threadContext->hContext, threadContext);
+ 	}
+ 
++       
++	(void)pthread_mutex_lock(&threadContext->cardsList_lock);
++	list_destroy(&threadContext->cardsList);
++	(void)pthread_mutex_unlock(&threadContext->cardsList_lock);
++
+ 	Log3(PCSC_LOG_DEBUG,
+ 		"Thread is stopping: dwClientID=%d, threadContext @%p",
+ 		threadContext->dwClientID, threadContext);
+