[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2353-1] bacula security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2353-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
August 29, 2020                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : bacula
Version        : 7.4.4+dfsg-6+deb9u2
CVE ID         : CVE-2020-11061
Debian Bug     :


An issue has been found in bacula, a network backup service.
By sending oversized digest strings a malicious client can cause a heap overflow in the director's memory which results in a denial of service.


For Debian 9 stretch, this problem has been fixed in version
7.4.4+dfsg-6+deb9u2.

We recommend that you upgrade your bacula packages.

For the detailed security status of bacula please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/bacula

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl9KxmhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEcNGQ//bmRZ9xcf6Y43WMFd9pugWxeYlm5SFX3CSFuvb3kFx1HuSEclG583lYm3
iuvFuCZZrtGVQHX9u6JtoSeIazRLNfo9DijXc7p42trGH5W9Iy2kdhdNKZVbW6Qu
SsMGQm1WeUrv56HAc+5PdUcli0w13CYLVh/wVR9d7Lxx6j5NVMCDnhnFHDq2iEQV
S2/u9Y+u+Fgx3zN0FT02vHIodVeUUMFp4twNJDyAhFrpa2AZPBq7hVhrPZo7p1j3
MPW7A7VXtldLxh5WIxLmRNJUq2QnmqNHKpvlpajAapL5PgSbtKutGfOjdgNKbvee
3Xe9j1JMyW3AryeHIBf4vSwT224UFZ3qogD5RB2B9Fv75DKwov5Fn4zEQbYwRQEr
sBPnEdJ7emzca2DLW/OdIi9KunmgAkhMSqBMl/YpqQstdU8NK9Nt4b3HsJMNFYh1
Jy8UhI2N7tOoxOpeiJADRlQIgt3vipx3SWED0vZHpGwAp/48oXM1ChM5FIEZQjOS
1HEdkcLGyuxdCdb3E/WnVF1REhkOp0nTCXsncF9KG1yxqvXBcQfMU8/ua/CVrHdR
cDs0TT/2YtTRmcc5YCUvdLleLzE1OXIczNOaWsCuGfjArwyLmESMCcf9myo/0umH
5J3ITrBo3y8VFTVdQxFxF6TMn8xprkAyyhnPxfMTH5ib8If7ng0=
=uL0H
-----END PGP SIGNATURE-----


Reply to: