Oval Definition:oval:com.redhat.rhsa:def:20120427
Revision Date:2012-03-27Version:634
Title:RHSA-2012:0427: libtasn1 security update (Important)
Description:libtasn1 is a library developed for ASN.1 (Abstract Syntax Notation One) structures management that includes DER (Distinguished Encoding Rules) encoding and decoding.

  • A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input (such as an X.509 certificate) that, when parsed by an application that uses libtasn1 (such as applications using GnuTLS), could cause the application to crash. (CVE-2012-1569)

    Red Hat would like to thank Matthew Hall of Mu Dynamics for reporting this issue.

    Users of libtasn1 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications linked to the libtasn1 library must be restarted, or the system rebooted.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2012-1569
    CVE-2012-1569
    RHSA-2012:0427
    RHSA-2012:0427-02
    RHSA-2012:0427-02
    Platform(s):Red Hat Enterprise Linux 6
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • libtasn1 is earlier than 0:2.3-3.el6_2.1
  • AND libtasn1 is signed with Red Hat redhatrelease2 key
  • libtasn1-devel is earlier than 0:2.3-3.el6_2.1
  • AND libtasn1-devel is signed with Red Hat redhatrelease2 key
  • libtasn1-tools is earlier than 0:2.3-3.el6_2.1
  • AND libtasn1-tools is signed with Red Hat redhatrelease2 key
  • BACK