it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5678-1] glibc security update

From: Salvatore Bonaccorso <carnil AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5678-1] glibc security update
Date: Fri, 03 May 2024 19:52:43 +0000
List-archive: https://lists.debian.org/msgid-search/E1s2yxX-008GS0-46 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=lpy8adVjbbgaBaEB05R8s3MNQfKuTTKD3foOEXLwLh4=; b=bO tdZyKP0LXjZZfs5Nv2rK2srYzW3mZWcPJScLC9vKaNkTatg4rfVd7S1A7EapWWq0LhZWRP/4uVX8L eX0YCaA/ipthZFzADXVj3WySvBWm2kUzUpQsLj2evz8lSinlr32YuBHP2kM08WubJki4kr1OVDqJ7 l04BORvM7X2J7s8eAX+JtcAvlHHievsIm3hHy4rctCuulklFq/Wjd/oLV1wsbavKIT2lgP/ITqHhE sLeNnZu2UCwAGhLsf3UbtHEslAjFNKjfGV8115MC0AEnG+5sm5Ux523ji4GMm45Hq2C+aXGu7QP9h V2uh8gkALbx82kBxUf62ZOgu3mvh78Nw==;
Old-return-path: <carnil AT seger.debian.org>
Priority: urgent
Resent-date: Fri, 3 May 2024 19:53:12 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <GlSCD1JkrgE.A.-L.nCUNmB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5678-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
May 03, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : glibc
CVE ID : CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602

Several vulnerabilities were discovered in nscd, the Name Service Cache
Daemon in the GNU C library which may lead to denial of service or the
execution of arbitrary code.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2.31-13+deb11u10.

For the stable distribution (bookworm), these problems have been fixed in
version 2.36-9+deb12u7.

We recommend that you upgrade your glibc packages.

For the detailed security status of glibc please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/glibc

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmY1QD5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Ra3hAAlAcmsW7eSdxGVoa90/83MD/hjEl2PF52Fhh2aCbSohifLlz/fnpg+2Fo
pRsvva5ZK3o5hzTwaLdaNL3MkS80qSGI5LYB24gP7EU6jTkltHoHumQ7X8cQZ8Hn
c0Sp5BK0UI2sfCsL/xtGusk0GnYXzw/SgAvcBSD4bh/xOusZjHa5XA4ox96v+IAN
HAunVpepllXW2T0NrGhq+bdPhTOVn35lNCR3HU6/SrpaldeWl1xT+1mEyuG+0jOd
bAJAC51fR/VMBqv6r37OGyS+62Vu5KETvQf8dCKPeFGMmpc3kZHVtv2y5VtXOdLn
Yl1BdRQRk+AuW+y7MQwdMUxtppzI8y2GJ0cZlprnkFzf0SnC/aCs9gmq6ekrGLlB
JVduPWiwxUjrhaIW4jH+FGFoCE4tUP0fCB/3epq647qkAxz2Op9ApDeySzYRVcuL
74g8vb7lMwlLA0qbRguaqWDj8PQLj1SQH4OyVu2EjfcSB6Kxt+zpJB1rw+AldfCz
AYKiI1qfgCW5i5NzvCfpVDjlQGUyWS/d7G9Z9IRZUryvQALgnxt67HG48u50KXE2
n0kZ3FWyI2unYkTZS3xrtt4CeAE47j3+obCYJ3ZGDct/3cJ2PAcWqbtf2kIt7jFp
xIdCRAGBIuMR/8zbXi6uMsagxQbEUuY4pA2TKrpp37RyN8d+UDY=
=E5yF
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5678-1] glibc security update, Salvatore Bonaccorso, 03.05.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.