1
PublicDateAtUSN: 2016-04-29
2
Candidate: CVE-2016-4354
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4354
6
http://www.openwall.com/lists/oss-security/2015/04/13/5
7
http://www.openwall.com/lists/oss-security/2016/04/29/5
8
https://usn.ubuntu.com/usn/usn-2982-1
10
ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type,
11
which allows remote attackers to cause a denial of service (crash) via
12
crafted BER data, which leads to a buffer overflow.
17
Discovered-by: Hanno Böck
21
upstream: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=aea7b6032865740478ca4b706850a5217f1c3887
22
upstream_libksba: released (1.3.3-1)
23
precise_libksba: released (1.2.0-2ubuntu0.2)
24
trusty_libksba: released (1.3.0-3ubuntu0.14.04.2)
25
vivid/stable-phone-overlay_libksba: DNE
26
vivid/ubuntu-core_libksba: DNE
27
wily_libksba: not-affected (1.3.3-1)
28
xenial_libksba: not-affected
29
devel_libksba: not-affected