1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3254-1] suricata security update

    From Salvatore Bonaccorso@1:229/2 to All on Sat May 9 16:50:02 2015
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3254-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso
    May 09, 2015 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : suricata
    CVE ID : CVE-2015-0971

    Kostya Kortchinsky of the Google Security Team discovered a flaw in the
    DER parser used to decode SSL/TLS certificates in suricata. A remote
    attacker can take advantage of this flaw to cause suricata to crash.

    For the stable distribution (jessie), this problem has been fixed in
    version 2.0.7-2+deb8u1.

    For the unstable distribution (sid), this problem has been fixed in
    version 2.0.8-1.

    We recommend that you upgrade your suricata packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBCgAGBQJVThyLAAoJEAVMuPMTQ89E4BgP/34wihdTIJoUGG6prBqmxbp9 RqsxFNdd+RA39wPRE1jV5EegaLjQIxAsosOuEsyYdWv+ejqg1wtRYtqwd+r9UiE2 aXO004SnhJ5UVLW35JMrFrltRRyh1noEtzzOUYn6XZPAoj02w9RRAIuDzlmvvWW6 2i2aVxOGpous6XlOnLtnwObUmaSctJn6EzLid1PLn8SmH3p4T8iaFPJ8uRJ69ZdY /r8ocyiTLBeGuceUr1LKQ3ebiE2CGSTGXTnFtsA3Jw/stdHjYH+TyqdNOYxQ56Ge xIen7pAO4L8lV1YV5ZKEtCNJ+3WXDwmPLaOM8RrnhfPDk17BY7VKwKMU8A/3CIkr Bv9k1TI2xsTeQPfoNxg2H8IDwxbwk3XuZI4QQNCOmYZ6jWThrUwgXQLozF9t3FeN NIdXalLArD+e0iD1GVisMlKOz8DWQvidkoCWKHatkjdxOKYSpiS6KFLUMRwMCiuv WlAjwYlCmNVbNjHiBdDckNcxPE0DPl3Rsj2S1wd5LstYR5DZO4UyZm0Ot2FB1+/3 NS8Ual7ksA4F4snw7pZ+BfCsIJpECtHEuyN6imSd8YNuVQrgQacDaDR/lUGlc6sV UAIhuvkOQWvj9acnDoIBrxKFBg1njy1S3W+0RcQ2hWhEn6RV1VBNGs5zEzb8qb2x IXFwTBInH43gTtSs1l/l
    =A+CU
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)