Advisories ยป MGASA-2015-0200

Updated libtasn1 packages fix CVE-2015-3622

Publication date: 06 May 2015
Modification date: 06 May 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-3622

Description

Updated libtasn1 packages fix security vulnerability:

A malformed certificate input could cause a heap overflow read in the DER
decoding functions of Libtasn1. The heap overflow happens in the function
_asn1_extract_der_octet() (CVE-2015-3622).
                

References

SRPMS

4/core