Amazon Linux 1 Security Advisory: ALAS-2012-60
Advisory Release Date: 2012-04-05 12:48 Pacific
Advisory Updated Date: 2014-09-14 15:45 Pacific
A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input (such as an X.509 certificate) that, when parsed by an application that uses libtasn1 (such as applications using GnuTLS), could cause the application to crash. (CVE-2012-1569)
Affected Packages:
libtasn1
Issue Correction:
Run yum update libtasn1 to update your system.
i686:
libtasn1-tools-2.3-3.4.amzn1.i686
libtasn1-debuginfo-2.3-3.4.amzn1.i686
libtasn1-2.3-3.4.amzn1.i686
libtasn1-devel-2.3-3.4.amzn1.i686
src:
libtasn1-2.3-3.4.amzn1.src
x86_64:
libtasn1-debuginfo-2.3-3.4.amzn1.x86_64
libtasn1-tools-2.3-3.4.amzn1.x86_64
libtasn1-2.3-3.4.amzn1.x86_64
libtasn1-devel-2.3-3.4.amzn1.x86_64