• [SECURITY] [DSA 5481-1] fastdds security update

    From Moritz Muehlenhoff@21:1/5 to All on Sun Aug 20 19:50:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5481-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 20, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : fastdds
    CVE ID : CVE-2023-39534 CVE-2023-39945 CVE-2023-39946 CVE-2023-39947
    CVE-2023-39948 CVE-2023-39949

    Multipe security issues were discovered in Fast DDS, a C++ implementation
    of the DDS (Data Distribution Service), which might result in denial of
    service or potentially the execution of arbitrary code when processing malformed RTPS packets.

    For the oldstable distribution (bullseye), these problems have been fixed
    in version 2.1.0+ds-9+deb11u1.

    For the stable distribution (bookworm), these problems have been fixed in version 2.9.1+ds-1+deb12u1.

    We recommend that you upgrade your fastdds packages.

    For the detailed security status of fastdds please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/fastdds

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTiT8EACgkQEMKTtsN8 TjYjMRAAhNc26qPpZ0p9Jnbujlg6M6j1YFLLSv0wBH0bwG41mJthfVaB7pjPWhS1 jABPZ8whfOwPXqigcXWSpDqVO0JrVzyI2uLtyrm0TNaf1y8extPrqQRL1epPNJvh AjXjX+CSRSSp20mEGr9bYg2a/FWnt60Vx+enyWd3xJE0KLucfkstNkD5cNv8Szxz I/Qnb5bnmjEE1UKzaZgOLaw1rciCAvlsmoORMqps+FxIXm1KqdGtLKBNta3Y/vrr QQMrK+oCsQkclQeC5Zm5BT6TNuRz7g6imEFP5bZCEkX0XNnZpF1tCSOSQ9z0CR3B 4QuGhV8jIcArTwLEns5U3yZr8XgSqiXAoAdL8uVBZ1a67ZFktz2riKz8AYAQiBhj o58N4aYxjQnqw5h6OmIiuwl3QuYW1AhTQ5JyLNBrhBx/xBLznZtWkg5YBi3lzOVQ KIh7fOO0lzpkgXVgf4ggeBuF9K/8fes89QjlIN3PzUYiVAA/Uu0XpTCocBALlsKP rv5eZJkxKAyqrcCGzOBodhoMOKm+SeCKhrc/t2kQnD9G0MPk7eY/Gm26Oms0FHzE IR5gcPvnIQ0p+N2psu/YNxboeBrycxxN2nCnjAReO4U4kcfycOCG66ogTGWEEUb0 /UbqHYjBiC3Z/wDzYtE8tni9HktHn0E1aYj5xgdtc4X92TioNrE=
    =ALwP
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)