lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1ejV8N-0000fz-Oi@seger.debian.org>
Date: Wed, 07 Feb 2018 19:11:55 +0000
From: Salvatore Bonaccorso <carnil@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4106-1] libtasn1-6 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4106-1                   security@...ian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
February 07, 2018                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libtasn1-6
CVE ID         : CVE-2017-10790 CVE-2018-6003
Debian Bug     : 867398

Two vulnerabilities were discovered in Libtasn1, a library to manage
ASN.1 structures, allowing a remote attacker to cause a denial of
service against an application using the Libtasn1 library.

For the stable distribution (stretch), these problems have been fixed in
version 4.10-1.1+deb9u1.

We recommend that you upgrade your libtasn1-6 packages.

For the detailed security status of libtasn1-6 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/libtasn1-6

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlp7TPxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QbRBAAnPEkX4R68VOr/kwZz4u61IrGctvG5lA8JkLTy25i48uwyVpWxpDHFVO3
8WHArjVtiSP2M0PpeOA6sz1nbmgwDOuIcMnEEeTX1dncL42MXUY1vhB9OcMs48LN
LC8DUhF7LXQh7F3P27ipe9/4UecO6xd+wq70lScwLI0EFscrtqNi5Gap4Jyj7IMl
fUUOMEBPafBPtDRHY+Pu4pwq5QrIqhppn5cPpJFuBmFhcHCBj3uH+9eg58leHP6J
05t26TTDcNR8ZDPB0SxmCHgrr6vVG/48ANoCJWjkHxjxyUkM7HI38uSZIk0TZ0IR
JxiUdqMIgB6Z9wJWjzXuclZmF6jnpG5O7WMQW2S3b+ADyqRl7o/+Kq6nH6p5BeKA
WNdI82MPpZz1VohH1ShJ9DHHOOqIBJu1NmTle92O62I++/soJ3GRO4ppxMsgrNLk
b9J9V790SPeW0OcI1CyEVdoxK8xZlPA22lR+3ywhTTcrmvQQaeFtuVKGjE4gQCKY
CfTZ4J+qxf+1yJSi4iVAv85bbi3/GonwYb2c+xAPvkQkczaxpkeM1yATKC64HjK5
IKHurF8uj+0yuE5H8lv6zp6kUcYD7iSNncvmTZd5AzLHo/Ly2+rjs//RjomZjP6a
/2opnm4uV1BoQbF4tPCEhQ1zHyVW9xDqFQ4/ndIYOPk5abIy4Yg=
=LK24
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ