CVE-2006-5111

Publication date 3 October 2006

Last updated 17 July 2025

Ubuntu priority

The libksba library 0.9.12 and possibly other versions, as used by gpgsm in the newpg package on SUSE LINUX, allows attackers to cause a denial of service (application crash) via a malformed X.509 certificate in a signature.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libksba	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Fixed 0.9.12-1ubuntu0.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-365-1
libksba vulnerability
16 October 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-5111