============================================================================ Ubuntu Security Notice USN-2957-2 May 02, 2016 libtasn1-6 vulnerability ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Libtasn1 could be made to hang if it processed specially crafted data. Software Description: - libtasn1-6: Library to manage ASN.1 structures Details: USN-2957-1 fixed a vulnerability in Libtasn1. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libtasn1-6 4.7-3ubuntu0.16.04.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2957-2 http://www.ubuntu.com/usn/usn-2957-1 CVE-2016-4008 Package Information: https://launchpad.net/ubuntu/+source/libtasn1-6/4.7-3ubuntu0.16.04.1