lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20170810184154.nalvzm72v53dgtwv@pisco.westfalen.local>
Date: Thu, 10 Aug 2017 20:41:54 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3933-1] pjproject security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3933-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 10, 2017                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : pjproject
CVE ID         : CVE-2017-9359 CVE-2017-9372

Two vulnerabilities were found in the PJSIP/PJProject communication
library, which may result in denial of service.

For the oldstable distribution (jessie), these problems have been fixed
in version 2.1.0.0.ast20130823-1+deb8u1.

For the stable distribution (stretch), these problems had been fixed
prior to the initial release.

We recommend that you upgrade your pjproject packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlmMqH8ACgkQEMKTtsN8
Tjb8ZA/+MoK5FzFRXDS+/07+t6fu0goLfwpB1MA3IZh+284hyPmCWSvXxRvJ2u7x
JQ30fVqIkNEnw5LkzO7KIXW6rfROivughsmx6/wjM6zQpPP6m3v5SzTmG2nu0NxZ
2+2M3qHMkItZj99xU+oVfmfNBEVaM6ugCL+KkIDfTn/ZKtlfOSRazMBURpBExt19
pxp0D1mco5Xj9s6LZcvG6ZQUn7Dtt0zm/ctxqTvt8PNNuwySp9QzYFR3Y+DonvQg
ExPYyUD7KfLXhOXaIAPvC10sYmqk14WZ3iPuY4At0LNPLjSGvPKd7aYPkQMsBm9h
9MiA0MEqGm2yBvWV2lhue+LwnH9KGq2aRf5CITaO/PluqKbnO9bnfZXHasfEZjg4
yDiagcjBHlJoxgildCNuaOa73cn0veT1m169mSlPw7dc/2IzI6TSFEEuK5oaWnf9
1YGFZzymlNLWhG+atY64+EFQiOU3gUbP3MaE5sZ8VeTBgm5VWFqcqnsc2G5rvP/i
EoMafYRsjPZzt4AsMgTyATbpxpqjqiUteE8a/rD3JrwugMf81naE3uyI+raIJYaw
/3Q0Hh9IyWQTuSuVC/Asd82eP6JJGgIjk+0FDwAjoRDKixCCxMe1McujwaqUZi1i
WCsEjcFVGFFGgVPujFxUmZjjdcNkZz77hCIJ25z6Ppt5a/OKn6E=
=zNaM
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ