CVE-2015-2806

Publication date 1 April 2015

Last updated 24 July 2024

Ubuntu priority

Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.

Status

Show unmaintained releases

In Precise and older, it may make sense to just do the one-line change of increasing the temp array to 22 bytes. More investigation needed.

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
libtasn1-6	Upstream: http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=e47b2a0651ffe1867c844968ade7f6127957bf13 Upstream: http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f7ae724333b59013413158b88e10cdb936c5eeab Upstream: http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=e47b2a0651ffe1867c844968ade7f6127957bf13 Upstream: http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=4d4f992826a4962790ecd0cce6fbba4a415ce149

Package

Patch details

libtasn1-6