Fedora 26 : mingw-libtasn1 (2017-d5cf1a55ce)

high Nessus Plugin ID 101725

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

Noteworthy changes in release 4.11 (released 2017-05-27) [stable]

- Introduced the ASN1_TIME_ENCODING_ERROR error code to indicate an invalid encoding in the DER time fields.

- Introduced flag ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME.
This flag allows decoding errors in time fields even when in strict DER mode. That is introduced in order to allow toleration of invalid times in X.509 certificates (which are common) even though strict DER adherence is enforced in other fields.

- Added safety check in asn1_find_node(). That prevents a crash when a very long variable name is provided by the developer. Note that this to be exploited requires controlling the ASN.1 definitions used by the developer, i.e., the 'name' parameter of asn1_write_value() or asn1_read_value(). The library is not designed to protect against malicious manipulation of the developer assigned variable names. Reported by Jakub Jirasek.

Noteworthy changes in release 4.10 (released 2017-01-16) [stable]

- Updated gnulib

- Removed -Werror from default compiler flags

- Fixed undefined behavior when negating integers in
_asn1_ltostr(). Issue found by oss-fuzz project (via gnutls):
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38 8

- Pass the correct length to
_asn1_get_indefinite_length_string in asn1_get_length_ber. This addresses reading 1-byte past the end of data. Issue found by oss-fuzz project (via gnutls):
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33 0 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33 1

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected mingw-libtasn1 package.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2017-d5cf1a55ce

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=331

Plugin Details

Severity: High

ID: 101725

File Name: fedora_2017-d5cf1a55ce.nasl

Version: 3.5

Type: local

Agent: unix

Published: 7/17/2017

Updated: 1/6/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:mingw-libtasn1, cpe:/o:fedoraproject:fedora:26

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 6/9/2017

Vulnerability Publication Date: 5/22/2017

Reference Information

CVE: CVE-2017-6891