OESA-2026-1232
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-1232
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2026-1232.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2026-1232
- Upstream
- Published
- 2026-01-23T12:24:05Z
- Modified
- 2026-01-23T12:45:01.969947Z
- Summary
- libtasn1 security update
- Details
-
Libtasn1 is the ASN.1 library used by GnuTLS, p11-kit and some other packages. The goal of this implementation is to be highly portable, and only require an ANSI C99 platform.This library provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.
Security Fix(es):
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctet_string.(CVE-2025-13151)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:20.03-LTS-SP4 / libtasn1
Package
- Name
- libtasn1
- Purl
- pkg:rpm/openEuler/libtasn1&distro=openEuler-20.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.16.0-5.oe2003sp4
Ecosystem specific
{
"src": [
"libtasn1-4.16.0-5.oe2003sp4.src.rpm"
],
"aarch64": [
"libtasn1-4.16.0-5.oe2003sp4.aarch64.rpm",
"libtasn1-debuginfo-4.16.0-5.oe2003sp4.aarch64.rpm",
"libtasn1-debugsource-4.16.0-5.oe2003sp4.aarch64.rpm",
"libtasn1-devel-4.16.0-5.oe2003sp4.aarch64.rpm"
],
"noarch": [
"libtasn1-help-4.16.0-5.oe2003sp4.noarch.rpm"
],
"x86_64": [
"libtasn1-4.16.0-5.oe2003sp4.x86_64.rpm",
"libtasn1-debuginfo-4.16.0-5.oe2003sp4.x86_64.rpm",
"libtasn1-debugsource-4.16.0-5.oe2003sp4.x86_64.rpm",
"libtasn1-devel-4.16.0-5.oe2003sp4.x86_64.rpm"
]
}