Mageia 2022-0485: libksba security update | LinuxSecurity.com
MGASA-2022-0485 - Updated libksba packages fix security vulnerability

Publication date: 30 Dec 2022
URL: https://advisories.mageia.org/MGASA-2022-0485.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-47629

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the
CRL signature parser. (CVE-2022-47629)

References:
- https://bugs.mageia.org/show_bug.cgi?id=31311
- https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html
- https://www.debian.org/security/2022/dsa-5305
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47629

SRPMS:
- 8/core/libksba-1.5.0-1.2.mga8

Mageia 2022-0485: libksba security update

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser

Summary

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. (CVE-2022-47629)

References

- https://bugs.mageia.org/show_bug.cgi?id=31311

- https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html

- https://www.debian.org/security/2022/dsa-5305

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47629

Resolution

MGASA-2022-0485 - Updated libksba packages fix security vulnerability

SRPMS

- 8/core/libksba-1.5.0-1.2.mga8

Severity
Publication date: 30 Dec 2022
URL: https://advisories.mageia.org/MGASA-2022-0485.html
Type: security
CVE: CVE-2022-47629

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.