[SECURITY] [DLA 2865-1] resiprocate security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2865-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
December 29, 2021 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : resiprocate
Version : 1:1.11.0~beta1-3+deb9u2
CVE ID : CVE-2017-11521 CVE-2018-12584
Debian Bug : 869404 905495
Two vulnerabilities were fixed in the reSIProcate SIP stack.
CVE-2017-11521
The SdpContents::Session::Medium::parse function allowed remote
attackers to cause a denial of service.
CVE-2018-12584
The ConnectionBase::preparseNewBytes function allowed remote
attackers to cause a denial of service or possibly execute arbitrary
code when TLS communication is enabled.
For Debian 9 stretch, these problems have been fixed in version
1:1.11.0~beta1-3+deb9u2.
We recommend that you upgrade your resiprocate packages.
For the detailed security status of resiprocate please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/resiprocate
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmHMaVgACgkQiNJCh6LY
mLFOUhAAtfuH7ymIjfJOtlgw0Z3ivQ3t/4QD2wE0/DNhsdKLrvuwlNcljz+QO/Va
ux86u72ATrvNUj9w3hu7OnXlgvzCSMNii8/21z0v0ENnXokDoVm0f3kJm3AQBavm
PaYHfhORHYphP4y+fs11RYtDmGyWF5W0uqYa3jC9Vso1/4Kd0PuekcOJt06JZA5W
C1qkOmgWzUN7vRoGRrDRnLS8uNZ95CVCbAtq5dQBwCJ7KO8yNdTZBcjugivLDV82
ipxENbERaTODSIsDx3XMzB1zYb+9NPsStzqsDNPX53ay6HAQ6T+ZGdrQRcwNtKgp
NoYwnVb19YOiebkQd/NvoUCJuoZ1ttJ5MIQ/GzJF3aG/CirZu2VZwire+jXHyCgO
G/lvvRXifjzYaULGpT15G4J9S9GFx78bWtM53aVDHwAZ9nJxl/2XVvyDgFz0ECQz
6cPxaVUO13AV3xgaBZDvG4P0xKGSX1eSQGQtJto+pK4JuvA1fbFfeuwLEQW5MD/w
HzN0WGKnAbku0a4VQDw6rMnZp8glBpoUqNlfECuMVomd6w4zyIwqNhlIf0mJlL1U
2fQbC/RrgwUV6ESfotO4+w5CSqaYAOj63WkLP00nNV17F7K1X7GztKbUfB3I+RfJ
22KJg/XAbLSCmwhGZQY2MggsBSDrztO97WXMZtHftyPEi9J2FKQ=
=uuTe
-----END PGP SIGNATURE-----
Reply to: