[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2017:1860 -- centos 7 libtasn1

ID: oval:org.secpod.oval:def:204595Date: (C)2018-04-30   (M)2022-10-10
Class: PATCHFamily: unix




Libtasn1 is a library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. The following packages have been upgraded to a later upstream version: libtasn1 . Security Fix: * A heap-based buffer overflow flaw was found in the way the libtasn1 library decoded certain DER-encoded inputs. A specially crafted DER-encoded input could cause an application using libtasn1 to perform an invalid read, causing the application to crash. * A stack-based buffer overflow was found in the way libtasn1 decoded certain DER encoded data. An attacker could use this flaw to crash an application using the libtasn1 library. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Platform:
CentOS 7
Product:
libtasn1
Reference:
CESA-2017:1860
CVE-2015-2806
CVE-2015-3622
CVE    2
CVE-2015-2806
CVE-2015-3622
CPE    4
cpe:/a:gnu:libtasn1:4.4
cpe:/a:gnu:libtasn1
cpe:/a:gnu:libtasn1:4.3
cpe:/o:centos:centos:7
...

© SecPod Technologies