Red Hat Security Advisory 2017-1860-01 - Libtasn1 is a library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. The following packages have been upgraded to a later upstream version: libtasn1. Security Fix: A heap-based buffer overflow flaw was found in the way the libtasn1 library decoded certain DER-encoded inputs. A specially crafted DER-encoded input could cause an application using libtasn1 to perform an invalid read, causing the application to crash.
4e1518276ab61f012581d289e98462389a2b11059b8faa634132b7d1358f0f04
Gentoo Linux Security Advisory 201509-4 - Multiple vulnerabilities have been found in libtasn1, the worst of which could lead to arbitrary code execution. Versions less than 1.4.5 are affected.
7409f641de00682e65c15ff139158d68c60b58fefecad508e0f36dd168033008
Debian Linux Security Advisory 3220-1 - Hanno Boeck discovered a stack-based buffer overflow in the asn1_der_decoding function in Libtasn1, a library to manage ASN.1 structures. A remote attacker could take advantage of this flaw to cause an application using the Libtasn1 library to crash, or potentially to execute arbitrary code.
104a7ca770c2f094e24b977f62889248aae1654afbd89d28a167301c466b922d
Ubuntu Security Notice 2559-1 - Hanno Boeck discovered that Libtasn1 incorrectly handled certain ASN.1 data. A remote attacker could possibly exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service, or possibly execute arbitrary code.
e8575b0456c13580465636c7568680a3a643488b8bd3c99de3bf49c006524226
Mandriva Linux Security Advisory 2015-193 - The libtasn1 library before version 4.4 is vulnerable to a two-byte stack overflow in asn1_der_decoding.
007d36ef1e9e3ed182bdeada4da602d261dde0f484f8b56cde2cda356977fd99