[ubuntu/jammy-updates] fort-validator 1.5.3-1ubuntu0.1 (Accepted)

[Ubuntu Archive Robot]

fort-validator (1.5.3-1ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: denial of service
    - debian/patches/CVE-2024-45234.patch: Prevent crash on BER-encoded
    signedAttrs in src/object/certificate.c.
    - debian/patches/CVE-2024-45235.patch: Prevent crash on missing
    Authority Key Identifier in src/extension.c.
    - debian/patches/CVE-2024-45236.patch: Prevent crash on missing
    signedAttrs in src/asn1/signed_data.c.
    - debian/patches/CVE-2024-45238.patch: Prevent crash on malformed
    subjectPublicKey in src/object/certificate.c.
    - debian/patches/CVE-2024-45239.patch: Prevent crash on missing
    eContent in src/asn1/decode.c.
    - debian/patches/CVE-2024-48943.patch: Introduce an rsync transfer
    timeout.
    - CVE-2024-45234
    - CVE-2024-45235
    - CVE-2024-45236
    - CVE-2024-45238
    - CVE-2024-45239
    - CVE-2024-48943
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2024-45237.patch: Prevent buffer overflow on
    malformed Key Usage in src/object/certificate.c.
    - CVE-2024-45237

Date: 2025-10-07 16:08:12.650167+00:00
Changed-By: Edwin Jiang <edwin.jiang at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/fort-validator/1.5.3-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.