libksba: Multiple vulnerabilities

2016-04-26T00:00:00
ID GLSA-201604-04
Type gentoo
Reporter Gentoo Foundation
Modified 2016-04-26T00:00:00

Description

Background

Libksba is a X.509 and CMS (PKCS#7) library.

Description

libksba is vulnerable to two integer overflows and a Denial of Service vulnerability. Please read the references for additional details.

Impact

Remote attackers could cause Denial of Service or unspecified other vectors through various integer overflows.

Workaround

There is no known workaround at this time.

Resolution

All libksba users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-libs/libksba-1.3.3"