[SECURITY] [DLA-2414-1] fastd security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA-2414-1] fastd security update
From: Sven Eckelmann <sven@narfation.org>
Date: Sun, 25 Oct 2020 20:30:46 +0100
Message-id: <[🔎] 9780529.6P1Tcn27FW@sven-edge>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2414-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                       Sven Eckelmann
October 25, 2020                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : fastd
Version        : 18-2+deb9u1
CVE ID         : CVE-2020-27638
Debian Bug     : 972521

In fastd, a fast and secure tunnelling daemon, a receive buffer 
handling problem was discovered which allows a denial of service 
(memory exhaustion) when receiving packets with an invalid type code.

For Debian 9 stretch, this problem has been fixed in version
18-2+deb9u1.

We recommend that you upgrade your fastd packages.

For the detailed security status of fastd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/fastd

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEF10rh2Elc9zjMuACXYcKB8Eme0YFAl+V0mYACgkQXYcKB8Em
e0bp5w/+OgtFwuTQVHxiUC6tqiJLQFlR3AOTlI0+KHQ1GATtzcev54lwWy48Uudq
zKFonF90sDezjmYeEDDT5avxjzZKfm7KRU+ZJZrvwASTCo2K1ITNx1ne/jK+pZA3
CY4d/2q+79W1b3gkpoWLr7UiDEAJHHUMgkoqSmxRfVODjq+rVkxdf5OlGMtdPm8e
klF61r85ngBzwSK2KFHyO70zcD+573l876lQvZsruRAL6q7gAvNbRfTfMOc1NX4U
IImvRVn1u5WEPJNqkneuKlzcAT5tMUqOJrk9FCTsr3MBz4xvmvDAaYNk8srrKIOi
slRasdpMZjF+MKX2LKegp07lfeAAsDGCkFFjcI6Q4anEXnFpRhTvEyBGUOTzjP3l
4DW5xvqkbaqEBRNsNKkBU0HrRH/Y40es1F9kUYqPJMDGGEQlBJMW0U5Cabsr6Gvb
i2Bsy/K948Bt4j9DsGjQOoFd3fKAu+Jf8iw/9/HG5gspSCoLnGQoDvhreVTpiyEt
NhxH0kWZcXe0PkOq/g2bNWAyNzNFgMAlFv5LD4Gw5WXHva8YzyzcDG5uw31UYONO
CPJ6aF+y7ti+brTBjwN8Ol0fyjgqcD+NitGvG3stEUI2aDDNo6cYED74Uwk+Dz2H
sXA97K9RJdxnptyex8GKALKyK0tQCPtR/lWgoIrUnOQYPBcMS0w=
=i+4h
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2413-1] phpmyadmin security update
Next by Date: [SECURITY] [DLA 2415-1] freetype security update
Previous by thread: [SECURITY] [DLA 2413-1] phpmyadmin security update
Next by thread: [SECURITY] [DLA 2415-1] freetype security update
Index(es):
- Date
- Thread