Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5305-1] libksba security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5305-1] libksba security update


Chronologisch Thread  
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5305-1] libksba security update
  • Date: Wed, 21 Dec 2022 21:42:59 +0000
  • Authentication-results: mail.piratenpartei.de; dkim=none; dmarc=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
  • List-archive: https://lists.debian.org/msgid-search/E1p86rb-00C9VR-JK AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=pqFUpPYapnriRs6WXkDiTCzwqvWtlqIQsy920nIX6pU=; b=tJ eYs5rX4olnjaFIHMnKw94Mgg6MR8QOl8SzuLnpbhsdM1qBUtaYxmEbbsTqBw/Qx4k1s+bTYmIitif E2HoXWTFkM6ygf9jPxEFUgGojUDLrfds+yFl8u4WU8haasmsh004GiyHRwayeK1v4aea94iWPjfX+ krJrawd28SqakmyDKAeHaJi/LCzWGSBDeBrLQgrRyA4iMzDNtTDV1wyXb1FF9X91MHGJUpEXdI4sO hKr56c/NYfFhduHeXLv666CSR0idauX/XDQyg/XPP/bKbru56VCrqh7tfYbIB4pbGIDBz+PwactLf u8/RLWHM7fCUGZtlP+LecuTi7s92qO5Q==;
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Wed, 21 Dec 2022 21:43:26 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <PMPZUG57C3M.A.1lC.-33ojB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5305-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
December 21, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : libksba
CVE ID : CVE-2022-47629

An integer overflow flaw was discovered in the CRL signature parser in
libksba, an X.509 and CMS support library, which could result in denial
of service or the execution of arbitrary code.

For the stable distribution (bullseye), this problem has been fixed in
version 1.5.0-3+deb11u2.

We recommend that you upgrade your libksba packages.

For the detailed security status of libksba please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/libksba

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmOjfbNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TZeA/+NmgALkjZhrkd2BixzJp2eAe5ocLW5B0g9lB93NIyUORM2A3CgX0MsF+U
bYrehbBdQosJOMko5E4St7ETC6H4eVknHj+snuP0j0MY/KQspoTTZfE/28y28734
oXiBTuaOmEItHWlpuvreTPOzeNaWck/osiSLaBIWCKooGDnpUrTYAV+AQ7l8pyBU
7iaZfOV1hR+ndTYdp/JK1Rl0FgPazCe4UQP1EAhMOE8XqVNKZ/MSh2U5JaSPUzTt
+sgJWunB9ysBHbSuKFJ1cli7nqFf8urDmKYYU4gZtKFl4AJV0Oe39UTxjOwQkVhz
8buLUVwLtXfSxu8jBTQXGLuwQJrr9W1S5mny3wxMgOOqNozdyoFuYNoIFY4+84dT
G4H+L0sWbFCWVHY8gCKwPSa6ZK0eP4UQ9dxgmUfK5K6Ldo8gi0iX1v1Ub3OYz7Jz
eIfkUKTx82yLmFcFisQNgeXe6lMN+Tzu7WTs3w8Y3OA7a65nKb79PDJFZ/Hiw+p0
6L+C7SkhfcItMbKwqU3IdfsVrGxTK4VbdYZEoMv0+43zBypLDUF+eVC4E3MJSB0k
+qAiyLzr6qbaVZp4m04/B2puqnBACIIc3Vm9BUKQCWYx4R6C8rqfxtOfD2Xmz4xG
cNZfr342Kig4QNbkc1zatx72maEX1KGt2x9BmqtSvebuw/EwkBQ=
=9jlL
-----END PGP SIGNATURE-----



  • [IT-SecNots] [SECURITY] [DSA 5305-1] libksba security update, Salvatore Bonaccorso, 21.12.2022

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang