[SECURITY] [DLA 2256-1] libtirpc security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2256-1] libtirpc security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sun, 28 Jun 2020 14:20:53 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.20.2006281415590.12082@jupiter.server.alteholz.me>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libtirpc
Version        : 0.2.5-1+deb8u3
CVE ID         : CVE-2016-4429

It was discovered that libtiprc, a transport-independent RPC library,could be used for a denial of service or possibly unspecified other impactby a stack-based buffer overflow due to a flood of crafted ICMP and UDPpackets.



For Debian 8 "Jessie", this problem has been fixed in version
0.2.5-1+deb8u3.

We recommend that you upgrade your libtirpc packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl74iyVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEeioBAAxg3VI6ZQN+48cjUQqgIiOsTr7MqlLpdZXNzEdxjK4+9Fl4j9VrAzjHUG
9Oyt5XBSt7WllCV+LcGREFwxJMufJNrbmip4xy/GgoBOvKcrOOGlyuEUu3NAxtZC
kO+hYG1fVOifHly8E3J7+MWut7JVrYb6Ulw/kcO3m9AxshZz73iIp76vaxf59wpn
tRFDg+VkcwGXmzFKS0SL8uYqVehlSEW+eSqTHLsrgQw2YEcbS2ddztAGLWi6O/i0
puFi63xUaldW/XKcG57z6xz5i8LmjgB39LpNcjmeHKtmWZ3ggXIbXy3hfJThF2Ql
Qvn4lMoMj4Qnecxup6+zyGmwfBNEpqDVsOd50SCRSkrNO40KL2pYuoSt0SkfYcs8
HA+0bXCjXISDSG70lvQrbxsUNJfs9X0awlgeS8VHpkcUPpsrrpQEDxAIu4ofVVHs
NTeKP8kE0ZKdib4BfPnIDHnwULeduBv4WNVej/mVpP3OD1EcU4aMcWD+4RRF0L+6
DGjnLTbk76+AHrghziJ7JP2flR//ES98/ixAob/YLxTqYYdw/3TLk+sL0OnSEbKd
TNwhc2ONYeyXPSAnpnDAS+L86SiiCKDb7TBKDOr2wEG5ooXZTA6po8tMjh7HYxgN
45r5v4Z/alMtOB4sDGgC+e7wP/MIBpah+43UyvDGJ2aE9YFzhy0=
=aNvl
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2255-1] libtasn1-6 security update
Next by Date: [SECURITY] [DLA 2257-1] pngquant security update
Previous by thread: [SECURITY] [DLA 2255-1] libtasn1-6 security update
Next by thread: [SECURITY] [DLA 2257-1] pngquant security update
Index(es):
- Date
- Thread