1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 2964-1] iodine security update

    From Salvatore Bonaccorso@1:229/2 to All on Sat Jun 21 07:20:02 2014
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-2964-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso
    June 21, 2014 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : iodine
    CVE ID : CVE-2014-4168
    Debian Bug : 751834

    Oscar Reparaz discovered an authentication bypass vulnerability in
    iodine, a tool for tunneling IPv4 data through a DNS server. A remote
    attacker could provoke a server to accept the rest of the setup or
    also network traffic by exploiting this flaw.

    For the stable distribution (wheezy), this problem has been fixed in
    version 0.6.0~rc1-12+deb7u1.

    For the testing distribution (jessie), this problem has been fixed in
    version 0.6.0~rc1-19.

    For the unstable distribution (sid), this problem has been fixed in
    version 0.6.0~rc1-19.

    We recommend that you upgrade your iodine packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBCgAGBQJTpRRYAAoJEAVMuPMTQ89EX7oP/28EAYBKa3LxEaGXzasuhita vAWi8n+3fV18XMwpfk8XpQhWatXgxLqZzaB1+tt7YG7lGPQofwQm5O7EnOfFmiFd rgHmhoTEx1bJIk/qSGFuQnuHNrvAWmQyXjPo/ZofetP+54osTPtTCILzRclJ0Dcr Ju8Mlt4fNbIPYEBGCNdB4E1obpwrP7DewanHg8Ca6UrFiuXkCRHWysLpzpM1OA9p EkZYAa64cKbeYAYsWh6fsdBOiinOOrorXFgxTRCL7bWy7NTF8jXukhD8G4ITN/kR n+lUTx+MT/pRk53M6EnLnS9aEgyLCXytMxCod4yE57y+/G59q18mdO7jci1cMhKF H9Wc7xvY2STaLRtPxt7RED6V1Lbth6STp638dfO96TBwb8eCLSRu15Up7BTsTTIp cF57PreTSOFyBzonvH0Cs5zXEkSYVpkW+PBvC5K0jpJ56Hs1bxqHapvEtC89E7Zc BQ9OVp4Bys48Bu23HHg+O9xUu5sPJXHD/HVjCiCK9BLucsnJIS6ZfwBeDv4rSfZu WiG3Z0YFE4T1LuYteI9c72asPgu2Sa720i+Tqzpi4dULLkevHNPM8Dxtwo6fAHKn jiTw+FFrcjpyzklQ5wyLx1aDLDbDx2RkTkXtzTMz3GOxAakGznQ/OaBfQyiP1+cj AV7auTYO0B4jy2fVP3Hp
    =cOY7
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)