Versions mentioned in the description apply to the upstream
Remediation section below for
Debian:9 relevant versions.
Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.
libtasn1-6 to version 4.10-1.1 or higher.