UbuntuUpdates.org

Package "libksba-dev"

Name: libksba-dev

Description:

X.509 and CMS support library - development files

Latest version: 1.6.0-2ubuntu0.2
Release: jammy (22.04)
Level: security
Repository: main
Head package: libksba
Homepage: https://www.gnupg.org/related_software/libksba/

Links


Download "libksba-dev"


Other versions of "libksba-dev" in Jammy

Repository Area Version
base main 1.6.0-2build1
updates main 1.6.0-2ubuntu0.2

Changelog

Version: 1.6.0-2ubuntu0.2 2023-01-05 14:07:45 UTC

  libksba (1.6.0-2ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: integer overflow vulnerability in CRL signature parser
    - debian/patches/CVE-2022-47629.patch: check for overflows and large
      values in src/crl.c, src/ocsp.c.
    - CVE-2022-47629

 -- Marc Deslauriers <email address hidden> Tue, 03 Jan 2023 09:44:19 -0500

Source diff to previous version
CVE-2022-47629 Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.

Version: 1.6.0-2ubuntu0.1 2022-10-19 06:07:20 UTC

  libksba (1.6.0-2ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: integer overflow when reading tag-length objects
    - debian/patches/CVE-2022-3515.patch: check for integer overflow
      directly in the TLV parser
    - CVE-2022-3515

 -- Steve Beattie <email address hidden> Mon, 17 Oct 2022 17:07:14 -0700




About   -   Send Feedback to @ubuntu_updates