Forum: >>> Magnum BBS <<<

[SECURITY] [DSA 5505-1] lldpd security update

From Salvatore Bonaccorso@21:1/5 to All on Mon Sep 25 22:30:02 2023

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------- Debian Security Advisory DSA-5505-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 25, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : lldpd
CVE ID : CVE-2023-41910

Matteo Memelli reported an out-of-bounds read flaw when parsing CDP
addresses in lldpd, an implementation of the IEEE 802.1ab (LLDP)
protocol. A remote attacker can take advantage of this flaw to cause a
denial of service via a specially crafted CDP PDU packet.

For the oldstable distribution (bullseye), this problem has been fixed
in version 1.0.11-1+deb11u2.

For the stable distribution (bookworm), this problem has been fixed in
version 1.0.16-1+deb12u1.

We recommend that you upgrade your lldpd packages.

For the detailed security status of lldpd please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/lldpd

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKSBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUR7DtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Sdnw/3WH0qPypSyEnjG7l5EcQp6jvNLgiS5jElWJK6nlp1hDjDSWXMtCqaUn63 fnZND9xDGRIymeJP+xF7Id52nxLsnz3Xwc+eJzxjfGsXQG7Cserxdw3IlGkxfOg/ WFGObUQt5BsioT5CvZU4irwUzCU2dPbOFnRKgw2KJHQnHvENfDpF/Q5iXMKrnpjm 2RnTZ4QQDBxBy18AESKbOhwQf42RVKq32MZXrmxjJNB9oiLKn+rcMdSHwHIa065k 6iQnUBZM/kyKXdvy4nHhyAUcP1fRlEs2OMlKm1ZHAdLMZZUkpH+lfrWQxvldTnfA R87XMC56O28KsXOKOlNoAMKrQhBW40MwyXaTHrp5DmBaA8ttscSqUjlaCc/dkVvt ll9xAHZpuXwwrqN3eXKG18WnNu0JDdEoHjnF2a/J+KHC3ZM3YCz2e6zLF9sreqRJ VF+aIbTwC40IKrfru9Dk7UZyUzHDsTTC1y6M8QjUEe5ruLNdFr4pxKyAf3sfswU4 9rmqpFP20jBKbCXWzoHyp1cI+Dapfh9rWPYl+FZ177TRIQY2+3wJ1qCYST70cSxN VTQn7P45EHekJ31JCgGohGc9oWRlzr0K1j1cT7nx+kxkqzI9exCj2AKczft7ukNP j3sKllJqdn2j1dPmhYyIggCQiKq/Tj3shTPkdV8PgPzfzigh0w==
=Hds+
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online
Recent Visitors
- Guest
  Tue Jan 28 06:40:34 2025
  from /bin/busybox Cat /proc/self/ex via Raw
- Gwylbert
  Tue Jan 28 04:48:36 2025
  from Sydney, Nsw via Telnet
- Guest
  Tue Jan 28 03:02:48 2025
  from /bin/busybox Cat /proc/self/ex via Raw
- Keyop
  Tue Jan 28 00:51:06 2025
  from Huddersfield, West Yorkshire via SSH
- Keyop
  Tue Jan 28 00:50:25 2025
  from Huddersfield, West Yorkshire via SSH
- Keyop
  Tue Jan 28 00:49:39 2025
  from Huddersfield, West Yorkshire via SSH
- Guest
  Mon Jan 27 22:26:23 2025
  from /bin/busybox Cat /proc/self/ex via Raw
- Bob Worm
  Mon Jan 27 21:08:12 2025
  from Wales, Uk via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	407
Nodes:	16 (2 / 14)
Uptime:	12:05:26
Calls:	8,554
Calls today:	6
Files:	13,219
Messages:	5,925,373

[SECURITY] [DSA 5505-1] lldpd security update

Who's Online

Recent Visitors

System Info