1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5189-1] gsasl security update

    From Moritz Muehlenhoff@21:1/5 to All on Sun Jul 24 20:50:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5189-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    July 24, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : gsasl
    CVE ID : CVE-2022-2469

    Simon Josefsson discovered an out-of-bounds memory read in GNU SASL,
    an implementation of the Simple Authentication and Security Layer
    framework, which could result in denial of service.

    For the oldstable distribution (buster), this problem has been fixed
    in version 1.8.0-8+deb10u1.

    For the stable distribution (bullseye), this problem has been fixed in
    version 1.10.0-4+deb11u1.

    We recommend that you upgrade your gsasl packages.

    For the detailed security status of gsasl please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/gsasl

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmLdkcYACgkQEMKTtsN8 TjZMEw/9GN/3M2cA43nZZAt0rKrAyg/ie4eO8TmJykQGWRJpLle5Z/nFV4QLAYSu NDWuSa3qlFCAJOr6zI8lgU2nhQVPm8JfkL5hIWHdgtREJMYD9yHHWZEzvzMNa2dj +7bbCCY1ijxaHoChHYRdE9P6m06Gcct1YXu5TjrD+U4PRI9IgYCu37kyY6JAoes3 TPBPGQ849TC4Mb1U2FI4wxNuLcDwiO4SKj66DY0VBOFlh4sGhV15v1XevikfnVIQ 7xLWFiAvzMWuBB+75Ss5vuqXOKBoUAnF04lkYrKlZ4i9KV/Vmb8y30x1Ud91GDBI VLPKddK8dVoxaFx+X9zYO4ZnJ4H+6pTbjZbDOJrsZ6LlJ1/uicaFoRzm23DxqvnI Hl3DzxciA52N8bVEYmI2uHcKEiq5ZHqFXxvkxSb9rYtwLmzgEOMUU0ivMBUCtpNC hMYf1HjhOoG3BLOXqopV/gv2wGQIAnYiJcclcAPVIKc1eBsq4Z+oy54tZp5doodv zAZrUP9yJ8/QKsnx1n2dckGGXr1grdWsN8UtkgpsjjeKDAmb8zWRyubLqhmBT2F3 8txZ3IZ8N7h7VRMf0RRSpSh8zZgCoRKuk5CVOylle/CZ1ttWm97Oz/w15bX8vc1Y oCm8J138CZDYqHMJFLKYJ8DOJQk/oAAV0ZbCoR9tqPiuqX1s2Ws=
    =F4P5
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)