libtasn1: stack overflow in asn1_der_decoding (CVE-2015-2806)
Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.
http://seclists.org/oss-sec/2015/q1/1060
CONFIRM:
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149
http://www.debian.org/security/2015/dsa-3220
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154805.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154741.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155270.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155483.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155117.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155435.html
http://www.mandriva.com/security/advisories?name=MDVSA-2015:193
http://www.ubuntu.com/usn/USN-2559-1
http://www.securitytracker.com/id/1032080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2806
(from redmine: issue id 4158, created on 2015-05-11, closed on 2015-06-11)
- Relations:
- child #4159 (closed)
- child #4160 (closed)
- child #4161 (closed)
- child #4162 (closed)