1
PublicDateAtUSN: 2015-05-01
2
Candidate: CVE-2015-3622
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3622
6
https://blog.fuzzing-project.org/9-Heap-overflow-invalid-read-in-Libtasn1-TFPA-0052015.html
7
https://usn.ubuntu.com/usn/usn-2604-1
9
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1
10
before 4.5 allows remote attackers to cause a denial of service
11
(out-of-bounds heap read) via a crafted certificate.
16
Discovered-by: Hanno Böck
20
upstream_libtasn1-3: needs-triage
21
precise_libtasn1-3: released (2.10-1ubuntu1.4)
22
trusty_libtasn1-3: DNE
23
utopic_libtasn1-3: DNE
28
upstream: http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=f979435823a02f842c41d49cd41cc81f25b5d677
29
upstream_libtasn1-6: released (4.4-3)
30
precise_libtasn1-6: DNE
31
trusty_libtasn1-6: released (3.4-3ubuntu0.3)
32
utopic_libtasn1-6: released (4.0-2ubuntu0.2)
33
vivid_libtasn1-6: released (4.2-2ubuntu1.1)
34
devel_libtasn1-6: released (4.2-2ubuntu2)
35
vivid/stable-phone-overlay_libtasn1-6: released (4.2-2ubuntu1.1)
36
vivid/ubuntu-core_libtasn1-6: released (4.2-2ubuntu1.1)