[SECURITY] [DSA 5481-1] fastdds security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5481-1] fastdds security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Sun, 20 Aug 2023 17:44:52 +0000
Message-id: <[🔎] ZOJRFLYFwem2LOtP@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5481-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 20, 2023                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : fastdds
CVE ID         : CVE-2023-39534 CVE-2023-39945 CVE-2023-39946 CVE-2023-39947 
                 CVE-2023-39948 CVE-2023-39949

Multipe security issues were discovered in Fast DDS, a C++ implementation
of the DDS (Data Distribution Service), which might result in denial of
service or potentially the execution of arbitrary code when processing
malformed RTPS packets.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2.1.0+ds-9+deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 2.9.1+ds-1+deb12u1.

We recommend that you upgrade your fastdds packages.

For the detailed security status of fastdds please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/fastdds

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTiT8EACgkQEMKTtsN8
TjYjMRAAhNc26qPpZ0p9Jnbujlg6M6j1YFLLSv0wBH0bwG41mJthfVaB7pjPWhS1
jABPZ8whfOwPXqigcXWSpDqVO0JrVzyI2uLtyrm0TNaf1y8extPrqQRL1epPNJvh
AjXjX+CSRSSp20mEGr9bYg2a/FWnt60Vx+enyWd3xJE0KLucfkstNkD5cNv8Szxz
I/Qnb5bnmjEE1UKzaZgOLaw1rciCAvlsmoORMqps+FxIXm1KqdGtLKBNta3Y/vrr
QQMrK+oCsQkclQeC5Zm5BT6TNuRz7g6imEFP5bZCEkX0XNnZpF1tCSOSQ9z0CR3B
4QuGhV8jIcArTwLEns5U3yZr8XgSqiXAoAdL8uVBZ1a67ZFktz2riKz8AYAQiBhj
o58N4aYxjQnqw5h6OmIiuwl3QuYW1AhTQ5JyLNBrhBx/xBLznZtWkg5YBi3lzOVQ
KIh7fOO0lzpkgXVgf4ggeBuF9K/8fes89QjlIN3PzUYiVAA/Uu0XpTCocBALlsKP
rv5eZJkxKAyqrcCGzOBodhoMOKm+SeCKhrc/t2kQnD9G0MPk7eY/Gm26Oms0FHzE
IR5gcPvnIQ0p+N2psu/YNxboeBrycxxN2nCnjAReO4U4kcfycOCG66ogTGWEEUb0
/UbqHYjBiC3Z/wDzYtE8tni9HktHn0E1aYj5xgdtc4X92TioNrE=
=ALwP
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5480-1] linux security update
Next by Date: [SECURITY] [DSA 5282-1] tryton-server security update
Previous by thread: [SECURITY] [DSA 5480-1] linux security update
Next by thread: [SECURITY] [DSA 5282-1] tryton-server security update
Index(es):
- Date
- Thread