[SECURITY] [DLA 3441-1] sofia-sip security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3441-1] sofia-sip security update
From: "Chris Lamb" <lamby@debian.org>
Date: Fri, 02 Jun 2023 12:10:34 -0400
Message-id: <[🔎] 168572106676.274599.11354038440941422020@copycat>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3441-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
June 02, 2023                                 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : sofia-sip
Version        : 1.12.11+20110422.1-2.1+deb10u4
CVE ID         : CVE-2023-32307
Debian Bug     : 1036847

It was discovered that there was a series of heap overflow and
integer overflow vulnerabilities in Sofia-SIP, a building block for
creating VoIP/SIP and instant messaging applications.

For Debian 10 buster, this problem has been fixed in version
1.12.11+20110422.1-2.1+deb10u4.

We recommend that you upgrade your sofia-sip packages.

For the detailed security status of sofia-sip please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/sofia-sip

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmR6D+QACgkQHpU+J9Qx
Hlhczg//RL0gw7xnRkJyB+jkCiKaeQYCsnNlM0Z2yQ4TD44e/7JTFddvzAqBPtDG
Jcu4oyYKDmCBikLdyqE2geVTASTNzIMr44IdyT5tFaHBASHybrtbqSzBaAa0/iCC
iyrHi9t0lyIH7B2dRNCiHCAsz0tJn+JPHkWFr4m9GSDEq3xvGuKg1RcM88wV4WCE
mYcHC8RHHU8kCFIb+crVyfEuBwGZASXIL7yb1hmmwikpGvoNIkCrKXJPQvCvz9Ho
Ag3ubt91pN/Q4hBMlFZFSZXjDMDsgdSqU/HoKpu0czKJKTi7o/AqCTi4Va8nygyQ
T4cEiQLO3tXMj3/q2Ehf1naAekJluYxFg8r+ahAHU9/gtqki20eCahg5bMlA3sIN
uiOQ41rLIz2L56okEkbuh/FKKp09ZSp8sTg/9cvnwfd8d6YqD3PSwnT+uoLePLN6
goQWmbn/nbEmVGxhcBWs3CP4sVjN80fqkZSV0gQfgkNu9UQhcR/BBHDMJmtFsCCH
4EJ4HBIXLT61GlKBmxBfHe4aKRPCchbq4UZR5c8au62CW6EHya8lZtF5AyC3QxyH
6Ke9ViD92arGyEEYWWTRqsA8ga2AD4YocGhkFp5De9Df1Rp6Ly6HCQX28RDKmiLw
JGVAzbi2HMfDqP/cek4j1PDXPQiBkChS5PuxbPySsuRzpQNXf1o=
=cSOX
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3440-1] cups security update
Next by Date: [SECURITY] [DLA 3442-1] nbconvert security update
Previous by thread: [SECURITY] [DLA 3440-1] cups security update
Next by thread: [SECURITY] [DLA 3442-1] nbconvert security update
Index(es):
- Date
- Thread