A new update is available for Univention Corporate Server 3.1 as
part of the extended security maintenance.
It addresses the following issues:

Program component:  libtasn1-3
Reference:          CVE-2014-3467 CVE-2014-3468
                    CVE-2014-3469 CVE-2015-2806
Fixed version:      2.7-1.13.201509010828

More details about the issues: 
* Memory overreads in ASN1 parsing (CVE-2014-3467)
* NULL dereferences in ASN1 parsing (CVE-2014-3468, CVE-2014-3469)
* Stack-based buffer overflow in asn1_der_decoding in libtasn1 allows
  remote attackers to have unspecified impact via unknown vectors
  (CVE-2015-2806)

-- 
Univention GmbH
be open.
Mary-Somerville-Str.1
28359 Bremen
Tel. : +49 421 22232-0
Fax  : +49 421 22232-99

<info@univention.de>
http://www.univention.de/

Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876