Created attachment 487886 [details, diff]
"The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack."
@maintainer(s), after bump, please call for stable if needed. Thank you
Gentoo Security Padawan
Can be stabilized.
Stable on alpha.
sparc was dropped to exp.
sparc stable (thanks to Rolf Eike Beer)
arm64 is not stable arch, but leaving in place if they want to stabilize before GLSA is released.
This issue was resolved and addressed in
GLSA 201710-11 at https://security.gentoo.org/glsa/201710-11
by GLSA coordinator Aaron Bauman (b-man).
*** Bug 647010 has been marked as a duplicate of this bug. ***