[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2142-1] slirp security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : slirp
Version        : 1:1.0.17-7+deb8u2
CVE ID         : CVE-2020-8608

It was discovered that there was a buffer overflow vulnerability in
slirp, a SLIP/PPP emulator for using a dial up shell account. This
was caused by the incorrect usage of return values from snprintf(3).

For Debian 8 "Jessie", this issue has been fixed in slirp version
1:1.0.17-7+deb8u2.

We recommend that you upgrade your slirp packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl5rXkwACgkQHpU+J9Qx
HlhhLA/9GrRPoZEkZVu3G3S5hkDyxmpR5I3MXoDu/VjkW6QmniGo0ET88tCALVvR
WDfurU7/ZLR6c1tBBZwQmn4lsd2JgQ8F22/JtBtuGJ8VVt/erlYbUXnW8DDq5hhN
5FQjekDW500AEtaE4Oqk4346kjqtB8Gxe6PXKYQ+kA6RepMqrtl4cmgGC1exM6Q5
8GxVseHg5sz4uQNp3sEPswO2CcMnMyU0jbh+cJAq7cwVhURbY42cUz/yM+0Ps007
BQtIUVGv/qzvZsW6g9OodNMgXcdNFLNA/KrmMEppKHFjVoQ/AU50fWMvHyHPR31f
n4oz5TUR1PD3o2Q6hzYQ+c18ODAdL2DzSZrXnSjgeK7LqktdGoyKndVR+EE1acDU
QxRQroIPHC6rvyRdd1lkisICtRMx27q5KA6FM9XLiJVY62IN8Mka9NeQv2V4xcaZ
x4LsTuOHvzkTcYdU3v7yIb6qKEj9lNoXA3ASFgB9NYRiFqDg5RRmmMvcLkxjqt93
z9Dnv685HBJHb8fTac+T+c2r2g+TWpLc6uZi0v5QD73WXkopuhRtBVSmvbC/3V8m
g/uvJMAGB1GHioJnmjVL01mdpGnSXUhekQ/6i/NvJ4EVFpUx313SZ0ilM+Glu0gu
qRjZAdpIJLQcCMas1qM0SAu98SCzdZbNVbyEDDlgdrYAh3Ft2HI=
=RU3H
-----END PGP SIGNATURE-----


Reply to: