advisories/20931.adv

type: security
subject: Updated libtasn1 packages fix security vulnerability
CVE:
 - CVE-2017-6891
src:
  5:
   core:
     - libtasn1-4.2-4.2.mga5
description: |
  Jakub Jirasek of Secunia Research discovered that libtasn1 did not
  properly validate its input. This would allow an attacker to cause a
  crash by denial-of-service, or potentially execute arbitrary code, by
  tricking a user into processing a maliciously crafted assignments file
  (CVE-2017-6891).
references:
 - https://bugs.mageia.org/show_bug.cgi?id=20931
 - https://www.debian.org/security/2017/dsa-3861
ID: MGASA-2017-0159
1	type: security
2	subject: Updated libtasn1 packages fix security vulnerability
3	CVE:
4	- CVE-2017-6891
5	src:
6	5:
7	core:
8	- libtasn1-4.2-4.2.mga5
9	description: \|
10	Jakub Jirasek of Secunia Research discovered that libtasn1 did not
11	properly validate its input. This would allow an attacker to cause a
12	crash by denial-of-service, or potentially execute arbitrary code, by
13	tricking a user into processing a maliciously crafted assignments file
14	(CVE-2017-6891).
15	references:
16	- https://bugs.mageia.org/show_bug.cgi?id=20931
17	- https://www.debian.org/security/2017/dsa-3861
18	ID: MGASA-2017-0159