The libksba library 0.9.12 and possibly other versions, as used by gpgsm in the newpg package on SUSE LINUX, allows attackers to cause a denial of service (application crash) via a malformed X.509 certificate in a signature.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | libksba | < 0.9.14-1 | libksba_0.9.14-1_all.deb |
Debian | 11 | all | libksba | < 0.9.14-1 | libksba_0.9.14-1_all.deb |
Debian | 10 | all | libksba | < 0.9.14-1 | libksba_0.9.14-1_all.deb |
Debian | 999 | all | libksba | < 0.9.14-1 | libksba_0.9.14-1_all.deb |
Debian | 13 | all | libksba | < 0.9.14-1 | libksba_0.9.14-1_all.deb |