UbuntuUpdates.org

Package "libksba8"

Name: libksba8

Description:

X.509 and CMS support library

Latest version: 1.3.5-2ubuntu0.18.04.2
Release: bionic (18.04)
Level: security
Repository: main
Head package: libksba
Homepage: http://www.gnupg.org/related_software/libksba/

Links


Download "libksba8"


Other versions of "libksba8" in Bionic

Repository Area Version
base main 1.3.5-2
updates main 1.3.5-2ubuntu0.18.04.2

Changelog

Version: 1.3.5-2ubuntu0.18.04.2 2023-01-05 14:07:27 UTC

  libksba (1.3.5-2ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: integer overflow vulnerability in CRL signature parser
    - debian/patches/CVE-2022-47629.patch: check for overflows and large
      values in src/crl.c, src/ocsp.c.
    - CVE-2022-47629

 -- Marc Deslauriers <email address hidden> Tue, 03 Jan 2023 09:45:12 -0500

Source diff to previous version
CVE-2022-47629 Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.

Version: 1.3.5-2ubuntu0.18.04.1 2022-10-19 06:07:13 UTC

  libksba (1.3.5-2ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: integer overflow when reading tag-length objects
    - debian/patches/CVE-2022-3515.patch: check for integer overflow
      directly in the TLV parser
    - CVE-2022-3515

 -- Steve Beattie <email address hidden> Mon, 17 Oct 2022 17:13:54 -0700




About   -   Send Feedback to @ubuntu_updates