Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5867-1] gnutls28 security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5867-1] gnutls28 security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5867-1] gnutls28 security update
  • Date: Mon, 17 Feb 2025 20:12:18 +0000
  • Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/E1tk7TW-00C1M3-Ch AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=12Z44JtYySezsnjou3TRm2/nN0R7iGwgRWNhRXZAag8=; b=QH I+Q1ml06yTF0Rv1ZiRSdD5a0LIxJjzQQg27ixoCu+37lO7o8Gx3XhgI+gIXHA6V6mAHF6Lbpk5eYG uZWBqxQQdmLMXM0QS1rAsIwSZIr6BY+SouA+qMGIjOJC0rGyRJ/Pfak7ZRgG22l/Clxtq0ACQ6hQn 9fN5n44m6xyzBju/aIzAVbwObtJCeW/CuttWzr5oyUKLSfvlYImzK36RM6xJxNSP815GResBt2khl K2en47oxTqf4yJ3k4v/4ORaTe7abN3LWRCSR07QYrGlNnB7KWeI+2v3VOVQnASgXMa0yhZptBaRuD R905vRZxesFR1q1LVmR6DIxuatoiSUuQ==;
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Mon, 17 Feb 2025 20:12:45 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <Qu-ENpLFzqD.A.XQHM.9g5snB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5867-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 17, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : gnutls28
CVE ID : CVE-2024-12243

Bing Shi reported a flaw in GnuTLS, a library implementing the TLS and
SSL protocols. Inefficient processing of certificates containing
numerous names or name constraints may result in a denial of service.

For the stable distribution (bookworm), this problem has been fixed in
version 3.7.9-2+deb12u4.

We recommend that you upgrade your gnutls28 packages.

For the detailed security status of gnutls28 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/gnutls28

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmezltNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SBNg/6AynKwvzU8U76XkHSSUJymD2nO271A89u1NmiUJ7x6WlgOt7QcvvIpr1U
3kvaRFVOM5r9U3Tjayzo1amwvIbNfCJgz6fCWkWtrkgOHIfCRZUhhZyMkJ0GJw8+
nBy1cXjau/MyJ16YcfVu7XgNuV/YuuyYthNs0SQNxaGWfhVD+d15djRP6p4aXa0o
tXuoWl5bfqlsyRZu3urjbfVDauGTXYvn4V3xIZtWeC3CaC6HnFPubOuAoGcbgDKl
lq+BfAVb+9mjfhiQnbC3sW9Wii+oHjZxiMZYPtmc0eCFFxrY3kh2UgKZcysNkKfV
1xJH28/PCitSbD9k/44Ref4r9fHnZVauVyDRe2EjRIQqQWOhWpbu/b0bawGJXpV6
8pNKqpzERttNAEc5UHWDAAsGpPwbsWJT10tF2FVZRRRJtHYJ3v1gKaS7P8utyDcC
R16pDMy2zfY2fNZ4f1uWy6iEPM0ajTTyTVIs6i7ssDpLpAjzLK/oKPa5bvEkHHIF
kzMm6gP+3FkC53aVIqBxwGIlJJqLQsib2smshOASi8WbA12tpS5NDnG1ZlSqN/4n
d/D283d4+6J9NdjaggZp3q4zTnFKQJrQhiQLYg9KUZXsCHrEi0qou6pqOz2B4V3i
jEDlhMTGpOr64w7yXu753/sxARG1+kaelkYUf3GuIBqwCair+Qg=
=+hVN
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5867-1] gnutls28 security update, Salvatore Bonaccorso, 17.02.2025

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang