Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora: 2018-ef303deec6 Critical: LibTASN1 Stack Exhaustion

fedora
Calendar Grey February 6, 2018
Dist Fedora Esm H88
This release refines libtasn1 to address stack overflow issues and boost ASN.1 decoding on Fedora 26. Discover additional details!
Update to 4.13 (#1535261)

Summary

A library that provides Abstract Syntax Notation One (ASN.1, as specified

by the X.680 ITU-T recommendation) parsing and structures management, and

Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.

Update to 4.13 (#1535261)

[ 1 ] Bug #1535578 - CVE-2018-6003 libtasn1: Stack exhaustion due to indefinite recursion during BER decoding

https://bugzilla.redhat.com/show_bug.cgi?id=1535578

su -c 'dnf upgrade libtasn1' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Topics%20covered

Topics Covered

security advisory fedora update critical stack exhaustion libtasn1

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 26
Version: 4.13
Release: 1.fc26
URL:
Summary: The ASN.1 library used in GNUTLS

Topics%20covered

Topics Covered

security advisory fedora update critical stack exhaustion libtasn1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here