it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Salvatore Bonaccorso <carnil AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 4875-1] openssl security update
- Date: Thu, 25 Mar 2021 15:41:28 +0000
- Authentication-results: mail02.piratenpartei.de; dkim=none; spf=none (mail02.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
- List-archive: https://lists.debian.org/msgid-search/E1lPS6y-0004cY-BX AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version :Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=2cRk9I3diXVFplxrLpQ90Ft75kzDXsgMDRH3zBOPYzo=; b=dn h0q2rfwJzAppOMbANfDkKLlj6w7gA+qBPKif0ZdEv92sj1fwjet09YZvNqqpa9VUHm7K/8wokIOPC eVqd1Xn8TTxyu4s6ywpiWoTrKkHmgJJsx8d5sGBnRft9BWH1HALlw0wSYtjk9nkry+WkygSpwU4zF rZQGgR0k5VMqHpPoPxMs4x/UiK0ngvIDLPVy5/2dAwGLNFWOlOeMk2yb0+uzAnRZLoyQUdPObHjq1 gIC2u+9hWe9jEiwyfgZQ1nDZKMzVYLBJvCw1hRlZ7grMM0LniMnjnPQTq+gNrfkBi8Cf/pddNzbRj QxBGzbw0JMbaF4WxwU3ijXqW9/ISBbYQ==;
- Old-return-path: <carnil AT seger.debian.org>
- Priority: urgent
- Resent-date: Thu, 25 Mar 2021 15:41:48 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <mQmz6ddtCFH.A.VAF.88KXgB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4875-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
March 25, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openssl
CVE ID : CVE-2021-3449
A NULL pointer dereference was found in the signature_algorithms
processing in OpenSSL, a Secure Sockets Layer toolkit, which could
result in denial of service.
Additional details can be found in the upstream advisory:
https://www.openssl.org/news/secadv/20210325.txt
For the stable distribution (buster), this problem has been fixed in
version 1.1.1d-0+deb10u6.
We recommend that you upgrade your openssl packages.
For the detailed security status of openssl please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/openssl
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmBcru1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0S4mQ//TejQ2VdmmRyQT6iSB6p9zu55Aq/cDlOaW+i338XKwZyI/AxvA+KMohGb
3xquLt4F9xaqT/I6jEUXRvev/y5+gsF3F6bIDczkR/3YG6YivWOXbcBXqIa8Z+NF
F2xcz33R3iMZyLh03N4iw7LaZmCTcXFXgsdpDpGv/SM0Ze7B44GRA9znYtoHWqJk
Mbk/ddsCQOYNRPccO+tfLzRKlNmoSIDDTbrPdAnETEevgVDbIHTyh/Wiv3BR/leV
YHzEGMZ7EQlCrt7V7DoYp2/tXfmxVbrvw0ZOnyGnrfn/wVgaYhxbYhhP9LqszDgL
0z/KGOOIVs4Kqjos3d5QBymA9M1QNzBbfcH+QV3NmqqmOLHfHEFSGmd/JsCX1H7/
xZo3lFCaLAexZwcwa0cQ8AyZuaBnLmpSKoVb9Oo+MAKiPmmjEJ/IBOF4/qnwlLa6
jJ79/fq/SMV3+Unf4wtNrLV1W/J5Yhio1WIOVYzmIYrCcHpHDT3gtC9LC3IOIVCS
ddJJtMB43092Z1knlfujhnEcTrVDxadcW8vce7vkFnErux7cTNSyEKdZ4afUOZP8
nxFDffPylMfvZXVS+Bp1668GiGfVAN9e+cIhy6RatkM2CMx63mZq3tXMfpT6wzps
us3U1xgIgTZabZhyyuQGPFwpxLxnc32y26wgCxMjOHtmXdP8T5s=
=r6Ce
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 4875-1] openssl security update, Salvatore Bonaccorso, 25.03.2021
Archiv bereitgestellt durch MHonArc 2.6.24.