CVE-2016-9132

Name	CVE-2016-9132
Description	In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-786-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
botan1.10 (PTS)	jessie, jessie (lts)	1.10.8-2+deb8u2	vulnerable
	stretch (security), stretch (lts), stretch	1.10.17-1+deb9u1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
botan1.10	source	wheezy	1.10.5-1+deb7u2		DLA-786-1
botan1.10	source	(unstable)	1.10.14-1

Notes

[jessie] - botan1.10 <ignored> (Minor issue, not believed to be exploitable in practice)
Fixed in 1.10.14 and 1.11.34, all prior versions affected.
Fixed by: https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f