[CLSA-2023:1701446494] Fix CVE(s): CVE-2022-3515, CVE-2022-47629

Type:

security

Severity:

Critical

Release date:

2023-12-01 16:01:37 UTC

Description:

   * SECURITY UPDATE: integer overflow in the TLV parser
     - debian/patches/CVE-2022-3515.patch: detect a possible overflow directly
       in the TLV parser
     - CVE-2022-3515
   * SECURITY UPDATE: integer overflow in the CRL signature parser
     - debian/patches/CVE-2022-47629.patch: fix an integer overflow in the CRL
       signature parser
     - CVE-2022-47629
   * Enable internal tests

Updated packages:

libksba-dev_1.3.3-1ubuntu0.16.04.1+tuxcare.els1_amd64.deb
sha:4f6afe1d33f2fe4818d044ed758c15a5e4354814
libksba8_1.3.3-1ubuntu0.16.04.1+tuxcare.els1_amd64.deb
sha:3543f9fa171bbb3b22b167622ce25993982b50a0

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.