[SECURITY] [DSA 6114-1] pyasn1 security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 6114-1] pyasn1 security update
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 28 Jan 2026 21:44:05 +0000
Message-id: <[🔎] E1vlDKX-003gLy-12@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6114-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
January 28, 2026                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : pyasn1
CVE ID         : CVE-2026-23490
Debian Bug     : 1125753

It was discovered that pyasn1, a generic ASN.1 library for Python, is
prone to a denial of service vulnerability, which may result in memory
exhaustion from malformed OID/RELATIVE-OID with excessive continuation
octets.

For the oldstable distribution (bookworm), this problem has been fixed
in version 0.4.8-3+deb12u1.

For the stable distribution (trixie), this problem has been fixed in
version 0.6.1-1+deb13u1.

We recommend that you upgrade your pyasn1 packages.

For the detailed security status of pyasn1 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/pyasn1

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAml6gtpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Tmqw//XvnR86W1i1bznGrwCqgROck0GgXFua9f8dR83akm25pjJUwE0+cHmvMd
M8/q5eaTfJT+UqRoccZTxhX+ByhkkXqR2JZ3WrcLBlc1wXA+sCckVXPQnGSVcs5r
SEXOyCH5H8k0zyZO/12fCFP7pEQzLdPQx97yrYnIYC+cy5nvcHCZZePd10XpgHpy
qwgx5m0XG2aKuWbC20O1bf0ZVd9OTDtRzJ5XeYZnBAsmov9QNa86HQR/km9OXt2H
2FBTn4LI1492QkkD+Vpph3s2rdIym7dfsb0Qwp/mTCIBdubzCzXh2WgY7Ih2uQy7
nkL4oFD8V1ujeWG0Z45mFSeAxYC70hXcMcYbhKqSnjGc0CTtR5Z2eKCEi0VbESeD
zS5YWa1g7FE/surAJloryVRZRiSKNLQyn1r8miLijaA/1KISWZf6DJXQzgVeOM7I
BfSaATqBuvGl8AIGEb7wo/tVtxUZw5HV3C6M+Gcq4Zb16RnydfXHluN2VgeKB9SC
l/r1cLthLKhk6VtR+pr1k2cIWtMNJcKSbr6lSQkJrzvNiL8nhUCfFtOwSYhg8dJp
HYq4AOaEnM6vgCE9PiUQaRIeyRUIb40NwuXAcloBqDxH4xc89mg+iTyasW6b5qvC
n27EVMBnZLKBAZjhydi/ddcQT5U4BJePR6BBVfArVTS7jv3U3BU=
=yld7
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 6113-1] openssl security update
Next by Date: [SECURITY] [DSA 6115-1] gimp security update
Previous by thread: [SECURITY] [DSA 6113-1] openssl security update
Next by thread: [SECURITY] [DSA 6115-1] gimp security update
Index(es):
- Date
- Thread