+ libksba: Multiple vulnerabilities
+ Multiple vulnerabilities have been found in libksba, allowing a
+ possible Denial of Service and unspecified other vectors through integer
+ overflows.
+
+ libksba
+ April 26, 2016
+ April 26, 2016: 1
+ 546464
+ remote
+
+
+ 1.3.3
+ 1.3.3
+
+
+
+ Libksba is a X.509 and CMS (PKCS#7) library.
+
+
+ libksba is vulnerable to two integer overflows and a Denial of Service
+ vulnerability. Please read the references for additional details.
+
+
+
+ Remote attackers could cause Denial of Service or unspecified other
+ vectors through various integer overflows.
+
+
+
+ There is no known workaround at this time.
+
+
+ All libksba users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/libksba-1.3.3"
+
+
+
+
+
+ Denial of Service due to stack overflow in src/ber-decoder.c
+
+
+ Integer overflow in the BER decoder src/ber-decoder.c
+
+
+ Integer overflow in the DN decoder src/dn.c
+
+
+
+ BlueKnight
+
+ b-man
+
diff --git a/metadata/glsa/glsa-201604-05.xml b/metadata/glsa/glsa-201604-05.xml
new file mode 100644
index 000000000000..5293801892f4
--- /dev/null
+++ b/metadata/glsa/glsa-201604-05.xml
@@ -0,0 +1,93 @@
+
+
+