Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 4170-1] pjproject security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4170-1] pjproject security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 4170-1] pjproject security update
  • Date: Mon, 9 Apr 2018 23:00:25 +0200
  • List-archive: https://lists.debian.org/msgid-search/20180409210025.GA16618 AT pisco.westfalen.local
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <jmm AT inutil.org>
  • Priority: urgent
  • Resent-date: Mon, 9 Apr 2018 21:00:54 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <FS2xzwqI-jJ.A.M7H.GS9yaB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4170-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 09, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : pjproject
CVE ID : CVE-2017-16872 CVE-2017-16875 CVE-2018-1000098
CVE-2018-1000099

Multiple vulnerabilities have been discovered in the PJSIP/PJProject
multimedia communication which may result in denial of service during
the processing of SIP and SDP messages and ioqueue keys.

For the stable distribution (stretch), these problems have been fixed in
version 2.5.5~dfsg-6+deb9u1.

We recommend that you upgrade your pjproject packages.

For the detailed security status of pjproject please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pjproject

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlrL0/0ACgkQEMKTtsN8
Tjb24Q//Tf+mgNJCFCH34I3wEO59joHw6/pytj587BrFiC6tE91ueYf2gMvoFyGM
9t3o1XMKxox2AQdoDkLJ5AHRGWm2rfgpe0Udog/W9deAG/U6eISTs7roisB58O58
iQ32rHPCBUyqxvPC8fks3BXiBUDbNoRiYiXTpqzfN/Rj3T0s33HCeHgq/LJVM4f9
cbM70HlG3Nb6LRmtXkSUTOv0enblHy/Hi98YfO4xR02bY1bnQLePWPG2bcC0rpWs
c9DxboRsh949yCH+5YK/4XiW1zX96SFlriX+uB6OiiWfzvdl/O5iUDa1Ccf8BorM
lANbeMuhfpTYfMIKP2/MkDCUJpMqZQ53VTX0GYCD4QDd4olyNpvdXNzyg53GIeBW
y1SAeF3J4ygURQQKbLARbStLGWEuW5f8b8lu9Cp1dtS/iwFlHFEUAB+m8jDqtI9k
q4hDLgtaR3c9x+XNH63EgVrga7fHQ332sDfh4o6vItsfs1FjtPeM89kbq4Fh8PnE
GJXFmggtuXpezhrgPrUnJwhzkbxRpd804ulY464izTJRTMIUvv7CcRH31Kn58DwC
Mt8417Lgi0jEDMCEYCOZjXL62EOM84qTHpWHZ4sFsubIzf1DZY6mW7Yghz1LzqLm
7+k9DG+9etDaNvxrM5nkfaeMbpedVSymqikqC6a2/tP8xDBp38k=
=wjk0
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 4170-1] pjproject security update, Moritz Muehlenhoff, 09.04.2018

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang