Univention Bugzilla – Bug 55542
libksba: Multiple issues (5.0)
Last modified: 2023-01-13 15:50:06 CET
New Debian libksba 1.3.5-2+deb10u2 fixes: This update addresses the following issue: * Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. (CVE-2022-47629)
--- mirror/ftp/pool/main/libk/libksba/libksba_1.3.5-2+deb10u1.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/libksba_1.3.5-2+deb10u2.dsc @@ -1,3 +1,11 @@ +1.3.5-2+deb10u2 [Sat, 24 Dec 2022 15:36:29 +0100] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * Fix CVE-2022-47629: + An integer overflow flaw was discovered in the CRL signature parser in + libksba, an X.509 and CMS support library, which could result in denial of + service or the execution of arbitrary code. + 1.3.5-2+deb10u1 [Mon, 17 Oct 2022 22:31:58 +0200] Markus Koschany <apo@debian.org>: * Non-maintainer upload by the LTS team. <http://piuparts.knut.univention.de/5.0-2/#7211169090071213197>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-2] 2931bc6c6b Bug #55542: libksba 1.3.5-2+deb10u2 doc/errata/staging/libksba.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) [5.0-2] dc691da492 Bug #55542: libksba 1.3.5-2+deb10u2 doc/errata/staging/libksba.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x530>