MGASA-2016-0310

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0310.html

Import Source

https://advisories.mageia.org/MGASA-2016-0310.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2016-0310

Published

2016-09-21T20:38:22Z

Modified

2026-04-16T04:27:39.822222Z

Summary

Updated libksba packages fix security vulnerability

Details

It was found that an unproportionate amount of memory is allocated when parsing crafted certificates in libskba, which may lead to DoS. Moreover in libksba 1.3.4, allocated memory is uninitialized and could potentially contain sensitive data left in freed memory block.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / libksba

Package

Name: libksba
Purl: pkg:rpm/mageia/libksba?arch=source&distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.5-1.mga5

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2016-0310.json"