Commit Graph

5 Commits

Author SHA1 Message Date
Gustavo Zacarias
3a0a0b9af6 libksba: bump to version 1.3.5
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-08-23 17:56:32 +02:00
Gustavo Zacarias
a21fa6951e libksba: security bump to version 1.3.4
Fixes:
CVE-2016-4356 - Fix encoding of invalid utf-8 strings in
dn.c" and "read access out of bounds".

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-10 15:46:22 +02:00
Gustavo Zacarias
3c52e364eb libksba: security bump to version 1.3.3
Fixes (no CVEs assigned yet):

* integer overflow in the DN decoder src/dn.c (append_quoted,
append_atv)

* integer overflow in the BER decoder src/ber-decoder.c (ber_decoder_s)

* denial of service due to stack overflow in src/ber-decoder.c
(push_decoder_state, pop_decoder_state)

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-14 10:06:43 +02:00
Gustavo Zacarias
42d40e2ea0 libksba: security bump to version 1.3.2
Fixes a buffer overflow in ksba_oid_to_str.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-11-26 00:07:54 +01:00
Gustavo Zacarias
67a0403a2b libksba: bump to version 1.3.1
Also add hash file.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-10-07 12:21:33 +02:00