Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5481-1] fastdds security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5481-1] fastdds security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5481-1] fastdds security update
  • Date: Sun, 20 Aug 2023 17:44:52 +0000
  • Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/ZOJRFLYFwem2LOtP AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=xeDHKxyjLvXPYsycUjfKsewrWLAZdxFsxZl5zaAmrO8=; b=Ja 7Ulr630Ep9zMhG3cYjHDb/vh2posSiyy8Ur8P6Ev1QQxZWWu7ha60hHG8iG13Nu2FmFKU3qc0CzTB ukupiJuCWT9yNVOqY4YsobQFK1ntaH6OKSZyc8eKk0mbhpviAuGehHydkQigNTEYRb58dNLx05K3d x3Z6iIEWszn48byi6LZwyvlJWeKFUAfnYAYD20cDRRG/GWnS5+gRfSbkULHc6RH880lXrNJOkMzdd 2nyMOFqs3DXY/FMuiNQ7BNMNa0f0cvUTavps1k92mo81yO9R+rG4P1dqjU77VVy1v540eUYF4j29Z wQkqjSHa2rZzc+EZtd1MYBw6LP2lUJIQ==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Sun, 20 Aug 2023 17:45:14 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <r2Iq1ND7SuM.A.s4C.qEl4kB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5481-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 20, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : fastdds
CVE ID : CVE-2023-39534 CVE-2023-39945 CVE-2023-39946 CVE-2023-39947
CVE-2023-39948 CVE-2023-39949

Multipe security issues were discovered in Fast DDS, a C++ implementation
of the DDS (Data Distribution Service), which might result in denial of
service or potentially the execution of arbitrary code when processing
malformed RTPS packets.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2.1.0+ds-9+deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 2.9.1+ds-1+deb12u1.

We recommend that you upgrade your fastdds packages.

For the detailed security status of fastdds please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/fastdds

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTiT8EACgkQEMKTtsN8
TjYjMRAAhNc26qPpZ0p9Jnbujlg6M6j1YFLLSv0wBH0bwG41mJthfVaB7pjPWhS1
jABPZ8whfOwPXqigcXWSpDqVO0JrVzyI2uLtyrm0TNaf1y8extPrqQRL1epPNJvh
AjXjX+CSRSSp20mEGr9bYg2a/FWnt60Vx+enyWd3xJE0KLucfkstNkD5cNv8Szxz
I/Qnb5bnmjEE1UKzaZgOLaw1rciCAvlsmoORMqps+FxIXm1KqdGtLKBNta3Y/vrr
QQMrK+oCsQkclQeC5Zm5BT6TNuRz7g6imEFP5bZCEkX0XNnZpF1tCSOSQ9z0CR3B
4QuGhV8jIcArTwLEns5U3yZr8XgSqiXAoAdL8uVBZ1a67ZFktz2riKz8AYAQiBhj
o58N4aYxjQnqw5h6OmIiuwl3QuYW1AhTQ5JyLNBrhBx/xBLznZtWkg5YBi3lzOVQ
KIh7fOO0lzpkgXVgf4ggeBuF9K/8fes89QjlIN3PzUYiVAA/Uu0XpTCocBALlsKP
rv5eZJkxKAyqrcCGzOBodhoMOKm+SeCKhrc/t2kQnD9G0MPk7eY/Gm26Oms0FHzE
IR5gcPvnIQ0p+N2psu/YNxboeBrycxxN2nCnjAReO4U4kcfycOCG66ogTGWEEUb0
/UbqHYjBiC3Z/wDzYtE8tni9HktHn0E1aYj5xgdtc4X92TioNrE=
=ALwP
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5481-1] fastdds security update, Moritz Muehlenhoff, 20.08.2023

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang