Bug 8158 - Upgrade libtasn1
Summary: Upgrade libtasn1
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Build system (show other bugs)
Target Milestone: 4.15.0
Assignee: Linn
Keywords: prosaic, samuel_tester
Depends on:
Reported: 2023-05-23 17:11 CEST by Linn
Modified: 2023-05-26 17:02 CEST (History)
1 user (show)

See Also:
Acceptance Criteria:


Description Linn cendio 2023-05-23 17:11:59 CEST
There have been vulnerability fixes made for libastn1. We are currently on version 4.18.0, with the latest version being 4.19.0 (released 23 aug 2022).

The fix made is:

* CVE-2021-46848 - an ETYPE_OK off-by-one array size check
Comment 2 Linn cendio 2023-05-25 16:11:08 CEST
Tested with server on Fedora 37 and Ubuntu 20.04. The smart card certificates were available in the session when running 'pkcs15-tool -c'. Marking as resolved.
Comment 3 Samuel Mannehed cendio 2023-05-26 17:02:56 CEST
Things seem to be in order. I compared the changes to other times we have upgraded libtasn1 and verified that smart card redirection continues to works well. I used client build 3174 on Fedora 38.

Note You need to log in before you can comment on or make changes to this bug.