1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4983-1] neutron security update

    From Moritz Muehlenhoff@21:1/5 to All on Sun Oct 10 20:10:01 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4983-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 10, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : neutron
    CVE ID : CVE-2021-40085
    Debian Bug : 993398

    Pavel Toporkov discovered a vulnerability in Neutron, the OpenStack
    virtual network service, which allowed a reconfiguration of dnsmasq
    via crafted dhcp_extra_opts parameters.

    For the oldstable distribution (buster), this problem has been fixed
    in version 2:13.0.7+git.2021.09.27.bace3d1890-0+deb10u1. This update
    also fixes CVE-2021-20267.

    For the stable distribution (bullseye), this problem has been fixed in
    version 2:17.2.1-0+deb11u1. This update also fixes CVE-2021-38598.

    We recommend that you upgrade your neutron packages.

    For the detailed security status of neutron please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/neutron

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmFjK5YACgkQEMKTtsN8 TjbU1g//UhYzxu7NVB94lMUiL3WvmmOSMwOMl8PoyCiJl/ONKuCF8L3i9dhVxTOg 6qMDytNqOLOgMq4N32Vr0qjvL+bB+ruMEP50baHdOC8hDb84TcjpQUQncokYErBD zvuY4NtUqfvwdCovdfqgsyovADY0orPFsziXLEe4biuWaQp664fWAJdWaBd+mZfG O8vxrXGT4Nii651a+ExiXKv9jlVPknILU9nMEtgedi3HCdzL3ESvkD9w5/J7pPOx Nb0bBnGHazAa6QDM9yeb3lXX1nOtu+C6uLzBqEPGxZVj4iKUV+PbMBHUZxm+t33e 7p0tNZutNHXGTYpBj5+sUtLzVAniUs+P6CesnqjRojr0FEXBm916c5+p6MKHimcS o1TIKPwMgrZOYYvtpO/QVJKZTqdtgEz9toPDoDbNXNp4Ql5Zx/xc6d7uPRWaFwI7 om5V7JRS8agLrCtZQ7uTyLmM1SuWyetlbyzhR+eAs1dCN4QnF61NCZq1SIzPxeAZ KmuB8+C2L4fLTJ976cFLEKpM4nJbRqsVq2feF2cGeav+WSDTSIACzlchnuPlaW4n k2fpuqu7AqEXxfRYHFrMShq1q7A9gZF5B/RHvjYbN4sHmnfy2RqD/cyTyo4X+rw9 et2j6LPAgUfpkZRHkehXMbfEMfbe/t9m0IlRZmYRV2kaxwe1KzU=
    =VIDk
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)