USN-5787-1: Libksba vulnerability
5 January 2023
Libksba could be made to crash or run programs if it processed specially crafted data.
Releases
Packages
- libksba - X.509 and CMS support library
Details
It was discovered that Libksba incorrectly handled parsing CRL signatures.
A remote attacker could use this issue to cause Libksba to crash, resulting
in a denial of service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.10
Ubuntu 22.04
Ubuntu 20.04
Ubuntu 18.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5787-2: libksba-dev, libksba, libksba8