摘要:
libtasn1 security update
安全等级: Critical
公告ID: KylinSec-SA-2025-1627
发布日期: 2025年3月18日
关联CVE: CVE-2024-12133
Libtasn1 is the ASN.1 library used by GnuTLS, p11-kit and some other packages. The goal of this implementation is to be highly portable, and only require an ANSI C99 platform.This library provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.
Security Fix(es):
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.(CVE-2024-12133)
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2024-12133 | KY3.4-5A | libtasn1 | Fixed |
| CVE-2024-12133 | V6 | libtasn1 | Fixed |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| libtasn1-help | noarch | 4.16.0-3.kb1.ky3_4 |
| libtasn1 | x86_64 | 4.16.0-3.kb1.ky3_4 |
| libtasn1-devel | x86_64 | 4.16.0-3.kb1.ky3_4 |
| libtasn1 | aarch64 | 4.16.0-3.kb1.ky3_4 |
| libtasn1-devel | aarch64 | 4.16.0-3.kb1.ky3_4 |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| libtasn1-help | noarch | 4.19.0-2.ks6 |
| libtasn1 | x86_64 | 4.19.0-2.ks6 |
| libtasn1-devel | x86_64 | 4.19.0-2.ks6 |
| libtasn1 | aarch64 | 4.19.0-2.ks6 |
| libtasn1-devel | aarch64 | 4.19.0-2.ks6 |
方法一:下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存,如 xxx.rpm
2、通过rpm命令升级,如 rpm -Uvh xxx.rpm
方法二:通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包,如 yum install 包名
