[SECURITY] [DSA 3056-1] libtasn1-3 security update

ID DEBIAN:DSA-3056-1:9FC99
Type debian
Reporter Debian
Modified 2014-10-26T12:44:43


Debian Security Advisory DSA-3056-1 security@debian.org http://www.debian.org/security/ Sebastien Delafond October 26, 2014 http://www.debian.org/security/faq

Package : libtasn1-3 CVE ID : CVE-2014-3467 CVE-2014-3468 CVE-2014-3469

Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures. An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference.

For the stable distribution (wheezy), these problems have been fixed in version 2.13-2+deb7u1.

We recommend that you upgrade your libtasn1-3 packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org