Security update for libtasn1 (important)

2014-07-24T03:05:20
ID SUSE-SU-2014:0931-1
Type suse
Reporter Suse
Modified 2014-07-24T03:05:20

Description

libtasn1 has been updated to fix three security issues:

   * asn1_get_bit_der() could have returned negative bit length
     (CVE-2014-3468)
   * Multiple boundary check issues could have allowed DoS (CVE-2014-3467)
   * Possible DoS by NULL pointer dereference in asn1_read_value_type
     (CVE-2014-3469)

Security Issues:

   * CVE-2014-3468
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468</a>>
   * CVE-2014-3467
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467</a>>
   * CVE-2014-3469
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469</a>>