Source: libtasn1-6 Version: 4.2-3 Severity: important Tags: security upstream patch fixed-upstream
Hi, the following vulnerability was published for libtasn1-6. CVE-2017-6891[0]: | Two errors in the "asn1_find_node()" function (lib/parser_aux.c) | within GnuTLS libtasn1 version 4.10 can be exploited to cause a | stacked-based buffer overflow by tricking a user into processing a | specially crafted assignments file via the e.g. asn1Coding utility. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-6891 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6891 [1] https://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=5520704d075802df25ce4ffccc010ba1641bd484 Regards, Salvatore
