USN-5688-2: Libksba vulnerability
26 October 2022
Libksba could be made to crash or run programs if it decoded specially crafted data.
Releases
Packages
- libksba - X.509 and CMS support library
Details
USN-5688-1 fixed vulnerabilities in Libksba. This update provides
the corresponding update for Ubuntu 22.10.
Original advisory details:
It was discovered that an integer overflow could be triggered in Libksba
when decoding certain data. An attacker could use this issue to cause a
denial of service (application crash) or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.10
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5688-1: libksba-dev, libksba, libksba-mingw-w64-dev, libksba8