Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5770-1] expat security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5770-1] expat security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5770-1] expat security update
  • Date: Tue, 17 Sep 2024 20:41:49 +0000
  • List-archive: https://lists.debian.org/msgid-search/ZunpjWWMnbKw3L1+ AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=Slhf/n29sc18WhqKW8190t3Xe+nipClIWmt+w9LCV2M=; b=Xf UM/Kj7Z6XwY5ENUE6YHWcIOupM2sUKELQuRaFRVv/e7ZfrD7BuQvCUloXQoHLWL9CgwrT5W+WY0yp IKreVa7bQLh00IZuuIrFh+9Hy1xbJOSqTD06O4WMfteecOFDIvX4AUxzoaQjq9wKxkJFCBLjKIsOg HCddI52pZ7szuS2hMpy85x0vH3SEIE4NrUFAmAm9ecLOQZabdOPVgbaTknc6WF9FHDKABHd1zCu/e PxV6eoUFMIHoMbf1F+fjZg15qZDXK0nrEVLul4/flivAoNPlR4wmSOawgodaIrJz/XjZohwK7n8Nw fjDYQPcDzAZPYwvZfHEFRyYBrLapQuEw==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Tue, 17 Sep 2024 20:42:12 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <7WtIsKEtPOC.A.n9fG.kme6mB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5770-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
September 17, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : expat
CVE ID : CVE-2024-45490 CVE-2024-45491 CVE-2024-45492

Shang-Hung Wan discovered multiple vulnerabilities in the Expat
XML parsing C library, which could result in denial of service or
potentially the execution of arbitrary code.

For the stable distribution (bookworm), these problems have been fixed in
version 2.5.0-1+deb12u1.

We recommend that you upgrade your expat packages.

For the detailed security status of expat please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/expat

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmbp6EIACgkQEMKTtsN8
Tjb+0hAAsAHl9didzh1S8vHaLH8P8I1XT0302RGP1N6r4BKvjEozuTKml28F3NEK
9IplBZXH8GM6tnF1/gRJf5Dp4YsL7H+nYUjbkZEdLM2TztRoy4wnITxUwqQ7q1ly
/bWMuyaoUn9jZu6SA+yEL68DtbXpFbs8IAOE3kqPsbcWvJ7O7LU3Ajjw5aWYwxV0
kdVyI67rBkfWAdyFRjlkxF62+ieR9sjpKNDKK1nmO+I8eEF5E/WOXsfPlzcKwax2
mMhisTscEIvaBSKCaQICCojYbvju8KW8B+NsJMsyRbPoimTyzE2n4VBk0ZNHjv+w
sIddwdgzXpWHHRbVtl6zjiZvzxUtphp6tHstxoW8YZQKkQiwqqlpONqXKWG1yR0o
pltUr7JjTylDo41M21yK/WizdxFkdrUJi4drKTONekvbhUEaTLaoR/ywYi0Za7T0
sUguAJk25id2px3LdTvMhQywTNmL103LkFfq1WIXL9x+yzYdKos8P3qu9DIaIqms
R4dy2xMhiJwVyQXi74Tte9h5n6FXET1Z8MoyxFOVI6SQ5FBXJMmL48r6Uwhb09tH
ZL2VNUequSC2L4uGozFFaHvr3M606srokRbo18XvNTNUvApJjAFt/WTnOjKUDuJM
08PjLw6brD/XBR6p/NKX8vMQmmXClyKwB97SG1MYu/MfdJK/7wQ=
=bEe8
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5770-1] expat security update, Moritz Muehlenhoff, 17.09.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang