-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6194-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 03, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : pyasn1 CVE ID : CVE-2026-30922 Debian Bug : 1131371 It was discovered that pyasn1, a generic ASN.1 library for Python, is prone to a denial of service vulnerability when decoding ASN.1 data with deeply nested structures. For the oldstable distribution (bookworm), this problem has been fixed in version 0.4.8-3+deb12u2. For the stable distribution (trixie), this problem has been fixed in version 0.6.1-1+deb13u2. We recommend that you upgrade your pyasn1 packages. For the detailed security status of pyasn1 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pyasn1 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmnPvKxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SbCg//Xdj3it20RDpV2MbMrM6CiqU8/L0B8EPXMNFPs247tJHsSBwmA37jg9fH FPKFamat9ymhBeSoaLARByyOIL8gTrbup0d51BUR9Z1Pa/wBxtKCqk9CnYvJf7na nXPvOaaAUf7+am0jobTwLE9UV6X98h4cz+cInv+C8ZwlpfixJhPe7rtxLmSiUHcl fYCvOrgJ2YBvWtpnBRf1W4X8aNOAmFfgFl7j4Q+MBQO1lEcgEqaymcuaRdg6pWg4 hbM87NSxd2n68JnNPtt2pOGjqp2dZII93qxplV0S7A27TYMXNo90J8Hk7k6JbLCs pk1XqCnK+jJbqbAZ/WjnD9bJOGJw1bpJTNWlr7eWZj0Jjtp+T72gv90FkdOj+jCy PxcGjgZC2Z9+a1jpMGW70JOiGBSziBl2zJDSgj15xdKuSYpn++iZqYNDAzgrJOt/ sazJdM64dYbkOzetpH+d01gmB323a3x9JPlo8nbjMWeQ8Unj9uLbY4r75kVFuuJX 9N+4SWLko5TGbsDtQFsoWCnNNzDAa4aZ8I9vR5/1vJNSZnBRdW5+eHRqZnKTWbfA P3ghEBzlRsXgm3iiHOxRmULaLoVDlnFb1noWaXKSyTlCWQJ5bvhhUzXBZo+2fEXJ eoKKLYP+C2a9gTKO9kINoeF6iBi9jnZcNYFo7e7/ifAlnjMf1Tw= =4fis -----END PGP SIGNATURE-----
