[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 470-1] libksba security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libksba
Version        : 1.2.0-2+deb7u2
CVE ID         : CVE-2016-4579

It was discovered that there was a possible read access beyond a buffer
vulnerability in libksba, a X.509 and CMS certificate support library.

The returned length of the object from _ksba_ber_parse_tl (ti.length)
was not always checked against the actual buffer length, thus leading
to a read access after the end of the buffer and thus a SEGV.

For Debian 7 "Wheezy", this issue has been fixed in libksba version
1.2.0-2+deb7u2.

We recommend that you upgrade your libksba packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXNfa4AAoJEB6VPifUMR5Y1swP/1j/SdGmwXP6FL+dS/If7DSY
S2RQiQq4yJ18zpaYhPi1xxdOK9s3QOvBcZf0ojwPPf028m9a0RsQxgzPShW77Qqf
b6k+58TN2RyLR9MDdIQwLBnp9WXScua/T3sYthjIwKPcToxChHtJwHNEYtyx8J4u
QnZWle4pwZIlDJhThTBf6icqCXvwgJyIQk7K/RZs1t8fugEhMFJc9H5TJnoizMLt
eGaIflqvih1ZsCDJDLm4dFtzha2DdMu5tGCN+V1Ft5/45Hi5JPi7yzNQe6s1Pw1e
730o1lLEPPuF/XRprIIrdNxVRwqnJY1OLq7JU44FQj76v09FGxt2aBbAWQb/suJ/
DAHNuIprU9bEDuqRgdCDPeHJbNviNsKvXe8Gg4Pwb1EKzQVka/oNTNQIWWyQAOIU
oEJBBjVhkoTGIiUXcafQRPINSgzgF5P3MXU7Ad0kaByh59AWpHzVbtrH8Mp3nfdQ
GWDnfr9OnjBah7uZ/W90YSN3ZTCs57ILqKz5DZcQ9o67q2JAo9sqDWWQM0JvjEXN
f6HczUz+fEAVy3vLKdHqXm+v8tD+NBxwMTjZHpCMKfAKq5aDUVkD1KH3bg8HOFuj
HeeeVZ9yW/yr7osw4JSa+jaPMsbJpRbko4pZSC8iLvMGWhoATNuVb/5kS5wzSK3v
YP6YNs3iE2lrOlToWTdW
=j/l6
-----END PGP SIGNATURE-----
Reply to: