Red Hat Bugzilla – Bug 1311994
CVE-2015-5727 botan: excess memory allocation in BER decoder
Last modified: 2018-01-30 04:50:47 EST
The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer.
CVE-2015-5727 has been fixed in 1.8.15 and 1.10.10.
As of today, we have:
So this bug can be closed imho.