UbuntuUpdates.org

Package "libksba"

Name: libksba

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • X.509 and CMS support library - development files
  • X.509 and CMS support library

Latest version: 1.6.0-2ubuntu0.2
Release: jammy (22.04)
Level: security
Repository: main

Links



Other versions of "libksba" in Jammy

Repository Area Version
base main 1.6.0-2build1
base universe 1.6.0-2build1
security universe 1.6.0-2ubuntu0.2
updates main 1.6.0-2ubuntu0.2
updates universe 1.6.0-2ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.6.0-2ubuntu0.2 2023-01-05 14:07:45 UTC

  libksba (1.6.0-2ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: integer overflow vulnerability in CRL signature parser
    - debian/patches/CVE-2022-47629.patch: check for overflows and large
      values in src/crl.c, src/ocsp.c.
    - CVE-2022-47629

 -- Marc Deslauriers <email address hidden> Tue, 03 Jan 2023 09:44:19 -0500

Source diff to previous version
CVE-2022-47629 Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.

Version: 1.6.0-2ubuntu0.1 2022-10-19 06:07:20 UTC

  libksba (1.6.0-2ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: integer overflow when reading tag-length objects
    - debian/patches/CVE-2022-3515.patch: check for integer overflow
      directly in the TLV parser
    - CVE-2022-3515

 -- Steve Beattie <email address hidden> Mon, 17 Oct 2022 17:07:14 -0700




About   -   Send Feedback to @ubuntu_updates