Bug 880735 - (CVE-2014-3468) VUL-0: CVE-2014-3468: libtasn1: asn1_get_bit_der() can return negative bit length
(CVE-2014-3468)
VUL-0: CVE-2014-3468: libtasn1: asn1_get_bit_der() can return negative bit le...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/99192/
maint:running:57609:important maint:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-05-30 12:18 UTC by Johannes Segitz
Modified: 2014-07-30 11:56 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2014-05-30 12:18:49 UTC
asn1_get_bit_der() can return negative bit length upon parsing ASN.1 input. This could lead to several problems in the code that assumes a correct and positive length count.

Fixed upstream in libtasn1 3.6:
http://lists.gnu.org/archive/html/help-libtasn1/2014-05/msg00006.html

Please submit for SLES 11-SP3, SLES 12, openSUSE 12.3 and openSUSE 13.1.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1102323
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468
Comment 1 Marcus Schaefer 2014-05-30 12:26:58 UTC
I'm not and never was responsible for this library, even though some 
stupid maintainer tool might have told you that. Please refer to the package
changelog and find the one who really contributes to it

Thanks
Comment 2 Swamp Workflow Management 2014-05-30 12:36:04 UTC
An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2014-06-06.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/57609
Comment 3 SMASH SMASH 2014-05-30 12:40:13 UTC
Affected packages:

SLE-11-SP3: libtasn1
Comment 4 Swamp Workflow Management 2014-05-30 22:00:28 UTC
bugbot adjusting priority
Comment 5 Swamp Workflow Management 2014-06-02 10:15:39 UTC
An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2014-06-09.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/57618
Comment 6 Bernhard Wiedemann 2014-06-03 10:00:19 UTC
This is an autogenerated message for OBS integration:
This bug (880735) was mentioned in
https://build.opensuse.org/request/show/236130 Factory / libtasn1
Comment 9 Scott Reeves 2014-06-16 22:10:58 UTC
Fixes submitted for SLE 11, SLE 12, openSUSE 12.3 and openSUSE 13.1.

I would suggest waiting for the related submission for bnc#880737 before pushing.
Comment 10 Bernhard Wiedemann 2014-06-16 23:00:15 UTC
This is an autogenerated message for OBS integration:
This bug (880735) was mentioned in
https://build.opensuse.org/request/show/237601 13.1 / libtasn1
https://build.opensuse.org/request/show/237602 12.3 / libtasn1
Comment 12 Swamp Workflow Management 2014-07-24 01:05:29 UTC
SUSE-SU-2014:0931-1: An update that fixes three vulnerabilities is now available.

Category: security (important)
Bug References: 880735,880737,880738
CVE References: CVE-2014-3467,CVE-2014-3468,CVE-2014-3469
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    libtasn1-1.5-1.28.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    libtasn1-1.5-1.28.1
SUSE Linux Enterprise Server 11 SP3 (src):    libtasn1-1.5-1.28.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    libtasn1-1.5-1.28.1
Comment 13 Bernhard Wiedemann 2014-07-26 09:00:13 UTC
This is an autogenerated message for OBS integration:
This bug (880735) was mentioned in
https://build.opensuse.org/request/show/242449 Factory / libtasn1
Comment 15 Marcus Meissner 2014-07-30 11:56:09 UTC
released