OESA-2022-2030

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-2030
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2022-2030.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2022-2030
Upstream
Published
2022-10-28T11:04:29Z
Modified
2025-08-12T05:11:02.442767Z
Summary
libtasn1 security update
Details

Libtasn1 is the ASN.1 library used by GnuTLS, p11-kit and some other packages.The goal of this implementation is to be highly portable, and only require an ANSI C99 platform.This library provides Abstract Syntax Notation One (ASN.1,as specified by the X.680 ITU-T recommendation) parsing and structures management,and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.

Security Fix(es):

GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder.(CVE-2021-46848)

Database specific 
{
    "severity": "Critical"
}
References

Affected packages

openEuler:20.03-LTS-SP1 / libtasn1

Package

Name
libtasn1
Purl
pkg:rpm/openEuler/libtasn1&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.16.0-2.oe1

Ecosystem specific 

{
    "noarch": [
        "libtasn1-help-4.16.0-2.oe1.noarch.rpm"
    ],
    "aarch64": [
        "libtasn1-debugsource-4.16.0-2.oe1.aarch64.rpm",
        "libtasn1-4.16.0-2.oe1.aarch64.rpm",
        "libtasn1-debuginfo-4.16.0-2.oe1.aarch64.rpm",
        "libtasn1-devel-4.16.0-2.oe1.aarch64.rpm"
    ],
    "src": [
        "libtasn1-4.16.0-2.oe1.src.rpm"
    ],
    "x86_64": [
        "libtasn1-debugsource-4.16.0-2.oe1.x86_64.rpm",
        "libtasn1-4.16.0-2.oe1.x86_64.rpm",
        "libtasn1-debuginfo-4.16.0-2.oe1.x86_64.rpm",
        "libtasn1-devel-4.16.0-2.oe1.x86_64.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / libtasn1

Package

Name
libtasn1
Purl
pkg:rpm/openEuler/libtasn1&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.16.0-2.oe1

Ecosystem specific 

{
    "noarch": [
        "libtasn1-help-4.16.0-2.oe1.noarch.rpm"
    ],
    "aarch64": [
        "libtasn1-4.16.0-2.oe1.aarch64.rpm",
        "libtasn1-devel-4.16.0-2.oe1.aarch64.rpm",
        "libtasn1-debugsource-4.16.0-2.oe1.aarch64.rpm",
        "libtasn1-debuginfo-4.16.0-2.oe1.aarch64.rpm"
    ],
    "src": [
        "libtasn1-4.16.0-2.oe1.src.rpm"
    ],
    "x86_64": [
        "libtasn1-4.16.0-2.oe1.x86_64.rpm",
        "libtasn1-debuginfo-4.16.0-2.oe1.x86_64.rpm",
        "libtasn1-debugsource-4.16.0-2.oe1.x86_64.rpm",
        "libtasn1-devel-4.16.0-2.oe1.x86_64.rpm"
    ]
}

openEuler:22.03-LTS / libtasn1

Package

Name
libtasn1
Purl
pkg:rpm/openEuler/libtasn1&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.17.0-3.oe2203

Ecosystem specific 

{
    "noarch": [
        "libtasn1-help-4.17.0-3.oe2203.noarch.rpm"
    ],
    "aarch64": [
        "libtasn1-debuginfo-4.17.0-3.oe2203.aarch64.rpm",
        "libtasn1-debugsource-4.17.0-3.oe2203.aarch64.rpm",
        "libtasn1-devel-4.17.0-3.oe2203.aarch64.rpm",
        "libtasn1-4.17.0-3.oe2203.aarch64.rpm"
    ],
    "src": [
        "libtasn1-4.17.0-3.oe2203.src.rpm"
    ],
    "x86_64": [
        "libtasn1-debuginfo-4.17.0-3.oe2203.x86_64.rpm",
        "libtasn1-devel-4.17.0-3.oe2203.x86_64.rpm",
        "libtasn1-debugsource-4.17.0-3.oe2203.x86_64.rpm",
        "libtasn1-4.17.0-3.oe2203.x86_64.rpm"
    ]
}