it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5189-1] gsasl security update
- Date: Sun, 24 Jul 2022 18:39:47 +0000
- Authentication-results: mail.piratenpartei.de; dkim=none; dmarc=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
- List-archive: https://lists.debian.org/msgid-search/20220724183947.GA6417 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=lrwHEkaR/VV5j1JuxNl5XNvn94Q1D8Gs+w2mXlJ3eJU=; b=Ce WIHbHT9nQGfTddRxJEyZySdsrknwRWykGSJJwzz/k7Ngd/MatpsMTT5g8G4g2mxjPoKLCdJKaOPO0 kUY7vBAo0EUfbNsXqUZc2aHloVuzWA92mG+DpHPa999ZuNyLCs36eJkkD4eO167cTZgl/5yE8OoOM kE63uOVSJoWRwb1S4caK+bCImTqeGYw9HIOKPy8zFDKI35A3mirUAo1pG3o05MWGWeRnFkNpJTxEO BvdAjm18GONhdMjaHwE70wRRc0mHUsgh1bNPgwab8UK8zUXjYx2fvUukXYsKWg2JGTComNNR7i6gK R38T/jS9Zu4MxvAaqMat4D37JPFc/ldQ==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Sun, 24 Jul 2022 18:40:09 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <egvw7f6sgDF.A.qgH.JIZ3iB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5189-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
July 24, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : gsasl
CVE ID : CVE-2022-2469
Simon Josefsson discovered an out-of-bounds memory read in GNU SASL,
an implementation of the Simple Authentication and Security Layer
framework, which could result in denial of service.
For the oldstable distribution (buster), this problem has been fixed
in version 1.8.0-8+deb10u1.
For the stable distribution (bullseye), this problem has been fixed in
version 1.10.0-4+deb11u1.
We recommend that you upgrade your gsasl packages.
For the detailed security status of gsasl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gsasl
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmLdkcYACgkQEMKTtsN8
TjZMEw/9GN/3M2cA43nZZAt0rKrAyg/ie4eO8TmJykQGWRJpLle5Z/nFV4QLAYSu
NDWuSa3qlFCAJOr6zI8lgU2nhQVPm8JfkL5hIWHdgtREJMYD9yHHWZEzvzMNa2dj
+7bbCCY1ijxaHoChHYRdE9P6m06Gcct1YXu5TjrD+U4PRI9IgYCu37kyY6JAoes3
TPBPGQ849TC4Mb1U2FI4wxNuLcDwiO4SKj66DY0VBOFlh4sGhV15v1XevikfnVIQ
7xLWFiAvzMWuBB+75Ss5vuqXOKBoUAnF04lkYrKlZ4i9KV/Vmb8y30x1Ud91GDBI
VLPKddK8dVoxaFx+X9zYO4ZnJ4H+6pTbjZbDOJrsZ6LlJ1/uicaFoRzm23DxqvnI
Hl3DzxciA52N8bVEYmI2uHcKEiq5ZHqFXxvkxSb9rYtwLmzgEOMUU0ivMBUCtpNC
hMYf1HjhOoG3BLOXqopV/gv2wGQIAnYiJcclcAPVIKc1eBsq4Z+oy54tZp5doodv
zAZrUP9yJ8/QKsnx1n2dckGGXr1grdWsN8UtkgpsjjeKDAmb8zWRyubLqhmBT2F3
8txZ3IZ8N7h7VRMf0RRSpSh8zZgCoRKuk5CVOylle/CZ1ttWm97Oz/w15bX8vc1Y
oCm8J138CZDYqHMJFLKYJ8DOJQk/oAAV0ZbCoR9tqPiuqX1s2Ws=
=F4P5
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5189-1] gsasl security update, Moritz Muehlenhoff, 24.07.2022
Archiv bereitgestellt durch MHonArc 2.6.24.