Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2022-47629

Published: 20 December 2022

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
libksba
Launchpad, Ubuntu, Debian
bionic
Released (1.3.5-2ubuntu0.18.04.2)
focal
Released (1.3.5-2ubuntu0.20.04.2)
jammy
Released (1.6.0-2ubuntu0.2)
kinetic
Released (1.6.0-3ubuntu1.1)
trusty
Released (1.3.0-3ubuntu0.14.04.2+esm2)
upstream
Released (1.6.3-1)
xenial
Released (1.3.3-1ubuntu0.16.04.1+esm2)
Patches:
upstream: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=f61a5ea4e0f6a80fd4b28ef0174bee77793cf070