There have been vulnerability fixes made for libastn1. We are currently on version 4.18.0, with the latest version being 4.19.0 (released 23 aug 2022).
The fix made is:
* CVE-2021-46848 - an ETYPE_OK off-by-one array size check
Tested with server on Fedora 37 and Ubuntu 20.04. The smart card certificates were available in the session when running 'pkcs15-tool -c'. Marking as resolved.
Things seem to be in order. I compared the changes to other times we have upgraded libtasn1 and verified that smart card redirection continues to works well. I used client build 3174 on Fedora 38.