[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 5189-1] gsasl security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5189-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 24, 2022                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : gsasl
CVE ID         : CVE-2022-2469

Simon Josefsson discovered an out-of-bounds memory read in GNU SASL,
an implementation of the Simple Authentication and Security Layer
framework, which could result in denial of service.

For the oldstable distribution (buster), this problem has been fixed
in version 1.8.0-8+deb10u1.

For the stable distribution (bullseye), this problem has been fixed in
version 1.10.0-4+deb11u1.

We recommend that you upgrade your gsasl packages.

For the detailed security status of gsasl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gsasl

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmLdkcYACgkQEMKTtsN8
TjZMEw/9GN/3M2cA43nZZAt0rKrAyg/ie4eO8TmJykQGWRJpLle5Z/nFV4QLAYSu
NDWuSa3qlFCAJOr6zI8lgU2nhQVPm8JfkL5hIWHdgtREJMYD9yHHWZEzvzMNa2dj
+7bbCCY1ijxaHoChHYRdE9P6m06Gcct1YXu5TjrD+U4PRI9IgYCu37kyY6JAoes3
TPBPGQ849TC4Mb1U2FI4wxNuLcDwiO4SKj66DY0VBOFlh4sGhV15v1XevikfnVIQ
7xLWFiAvzMWuBB+75Ss5vuqXOKBoUAnF04lkYrKlZ4i9KV/Vmb8y30x1Ud91GDBI
VLPKddK8dVoxaFx+X9zYO4ZnJ4H+6pTbjZbDOJrsZ6LlJ1/uicaFoRzm23DxqvnI
Hl3DzxciA52N8bVEYmI2uHcKEiq5ZHqFXxvkxSb9rYtwLmzgEOMUU0ivMBUCtpNC
hMYf1HjhOoG3BLOXqopV/gv2wGQIAnYiJcclcAPVIKc1eBsq4Z+oy54tZp5doodv
zAZrUP9yJ8/QKsnx1n2dckGGXr1grdWsN8UtkgpsjjeKDAmb8zWRyubLqhmBT2F3
8txZ3IZ8N7h7VRMf0RRSpSh8zZgCoRKuk5CVOylle/CZ1ttWm97Oz/w15bX8vc1Y
oCm8J138CZDYqHMJFLKYJ8DOJQk/oAAV0ZbCoR9tqPiuqX1s2Ws=
=F4P5
-----END PGP SIGNATURE-----


Reply to: