Ubuntu alert USN-8129-1 (pyasn1)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-8129-1] pyasn1 vulnerability | |
| Date: | Mon, 30 Mar 2026 14:09:48 +0000 | |
| Message-ID: | <E1w7DJM-0005Bv-Cu@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-8129-1 March 30, 2026 pyasn1 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: pyasn1 could be made to consume resources and crash if it received specially crafted input. Software Description: - pyasn1: ASN.1 library for Python Details: It was discovered that pyasn1 incorrectly handled recursion when decoding ASN.1 data. An attacker could use this issue to cause pyasn1 to consume resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 python3-pyasn1 0.6.1-1ubuntu0.2 Ubuntu 24.04 LTS python3-pyasn1 0.4.8-4ubuntu0.2 Ubuntu 22.04 LTS python3-pyasn1 0.4.8-1ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8129-1 CVE-2026-30922 Package Information: https://launchpad.net/ubuntu/+source/pyasn1/0.6.1-1ubuntu0.2 https://launchpad.net/ubuntu/+source/pyasn1/0.4.8-4ubuntu0.2 https://launchpad.net/ubuntu/+source/pyasn1/0.4.8-1ubuntu0.2
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmnKg4gACgkQcpJm3tlz hgHZaBAA1EsUxradeTb+F/+9tj1cg8cGlYvVglDYv8MHl7Y9A14cyWI5T1wbGVP1 USKj8adooISS3EsPBqlcFZnFBdmWBQNReR1SEevexPpfc8qJ5R+ztqLN3lngtw1c 82xisI288qXXsC/ND6bo9oXoTgQO+EAOQMA4fpCmoI9JV2YaAUo+bS4jy4vl+E6m 6Meo2SaGa42vh2EjeSk3szrBrUfes6lhIzUZ9aJZH2xa8T8xGcs2Dgs0nrbkHhDh mGIY57CQzbi6Gqa3Jhaq8S6+vn5/YZaDukQ0OtYIQotUjmKX18g49bbZy+9v8y4f y+eWywBszZDnneL9EBO5OlvvcPI/WMBtkUaua3Sw7+KXrT32WQecaZoZAEGSmII9 NXvKIcR+PprhlZYNXAz+Ooj8ygMfdl98/O3oE6EZKTDWLa0VOMsRC9oZeQhpBFSn xPRK4nzyZKO1rAJ52gCaIIC6O+CNogUJrpczOFi/SmWY/LVCw9m1s5sk9GRWR1DB +QyxpknkI4TI7Jh5H8vEiuH4EIbSlXsIbhtEx5CdonH1/QCM+kTJtLkXAo3cnmUd 3/HySngVDis1hNLHS9sXWhuDiSewLODQiqVAhzub6kzs+URI7crdLR2rdLo36iI3 Bm1K3K9q5tdooU3T0qWQxrORNNo1kr8vScI+7XSW8XLR8QK+oSk= =+sAR -----END PGP SIGNATURE-----