Fedora Linux 8645 Published by

A mingw-libtasn1 security update has been released for Fedora 35.



SECURITY: Fedora 35 Update: mingw-libtasn1-4.19.0-1.fc35


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-061f857481
2022-11-13 01:19:07.484541
--------------------------------------------------------------------------------

Name : mingw-libtasn1
Product : Fedora 35
Version : 4.19.0
Release : 1.fc35
URL :   http://www.gnu.org/software/libtasn1/
Summary : MinGW Windows libtasn1 library
Description :
libtasn1 is the ASN.1 library used in GNUTLS.

This package contains the MinGW Windows cross compiled libtasn1 library.

--------------------------------------------------------------------------------
Update Information:

Update to 4.19.0, fixes CVE-2021-46848.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 4 2022 Sandro Mani - 4.19.0-1
- Update to 4.19.0
* Thu Jul 21 2022 Fedora Release Engineering - 4.18.0-4
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Mar 25 2022 Sandro Mani - 4.18.0-3
- Rebuild with mingw-gcc-12
* Thu Jan 20 2022 Fedora Release Engineering - 4.18.0-2
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Nov 10 2021 Sandro Mani - 4.18.0-1
- Update to 4.18.0
* Thu Nov 4 2021 Sandro Mani - 4.17.0-1
- Update to 4.17.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2140067 - CVE-2021-46848 mingw-libtasn1: libtasn1: Out-of-bound access in ETYPE_OK [fedora-35]
  https://bugzilla.redhat.com/show_bug.cgi?id=2140067
[ 2 ] Bug #2140070 - CVE-2021-46848 mingw-libtasn1: libtasn1: Out-of-bound access in ETYPE_OK [fedora-36]
  https://bugzilla.redhat.com/show_bug.cgi?id=2140070
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-061f857481' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________