[ MDVSA-2015:232 ] libtasn1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:232
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : libtasn1
 Date    : May 8, 2015
 Affected: Business Server 1.0, Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated libtasn1 packages fix security vulnerability:
 
 A malformed certificate input could cause a heap overflow read in the
 DER decoding functions of Libtasn1. The heap overflow happens in the
 function _asn1_extract_der_octet() (CVE-2015-3622).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3622
 http://advisories.mageia.org/MGASA-2015-0200.html
 _________________________________________________________________

007 Software

[ MDVSA-2015:232 ] libtasn1

Leave a Reply Cancel reply

Software and Security Information