[3.2] libksba: various flaws (CVE-2016-4574, CVE-2016-4579)
CVE-2016-4574: Off-by-one error in the append_utf8_value function
in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers
to cause
a denial of service (out-of-bounds read) via invalid utf-8 encoded data.
NOTE: this vulnerability exists because of an incomplete fix for
CVE-2016-4356.
References:
http://www.openwall.com/lists/oss-security/2016/05/10/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4574
Patch:
CVE-2016-4579: Libksba before 1.3.4 allows remote attackers to cause
a denial of service (out-of-bounds read and crash) via unspecified
vectors,
related to the “returned length of the object from
_ksba_ber_parse_tl.”
References:
http://www.openwall.com/lists/oss-security/2016/05/11/10
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4579
Patch:
(from redmine: issue id 5782, created on 2016-06-24, closed on 2016-07-07)
- Relations:
- parent #5780 (closed)
- Changesets:
- Revision 06abb516 on 2016-07-04T13:26:30Z:
main/libksba: security upgrade to 1.3.4. Fixes #5782