SUSE-SU-2016:1510-1

UNKNOWN

Security update for libksba

Published Jun 7, 2016

Modified 9 years ago

Fix available

Details

This update for libksba fixes the following issues:

CVE-2016-4579: Out-of-bounds read in _ksba_ber_parse_tl()
CVE-2016-4574: two OOB read access bugs (remote DoS) (bsc#979261)

Also adding reliability fixes from v1.3.4.

Affected Packages

libksba

SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Server 12SUSE Linux Enterprise Server 12 SP1SUSE Linux Enterprise Server for SAP Applications 12

Fixed in:

1.3.0-23.1

libksba8

SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Server 12SUSE Linux Enterprise Server 12 SP1SUSE Linux Enterprise Server for SAP Applications 12

Fixed in:

1.3.0-23.1

libksba-devel

SUSE Linux Enterprise Software Development Kit 12SUSE Linux Enterprise Software Development Kit 12 SP1

Fixed in:

1.3.0-23.1

References

REPORT

https://bugzilla.suse.com/979261

REPORT

https://bugzilla.suse.com/979906

WEB