-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2865-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk December 29, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : resiprocate Version : 1:1.11.0~beta1-3+deb9u2 CVE ID : CVE-2017-11521 CVE-2018-12584 Debian Bug : 869404 905495 Two vulnerabilities were fixed in the reSIProcate SIP stack. CVE-2017-11521 The SdpContents::Session::Medium::parse function allowed remote attackers to cause a denial of service. CVE-2018-12584 The ConnectionBase::preparseNewBytes function allowed remote attackers to cause a denial of service or possibly execute arbitrary code when TLS communication is enabled. For Debian 9 stretch, these problems have been fixed in version 1:1.11.0~beta1-3+deb9u2. We recommend that you upgrade your resiprocate packages. For the detailed security status of resiprocate please refer to its security tracker page at: https://security-tracker.debian.org/tracker/resiprocate Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmHMaVgACgkQiNJCh6LY mLFOUhAAtfuH7ymIjfJOtlgw0Z3ivQ3t/4QD2wE0/DNhsdKLrvuwlNcljz+QO/Va ux86u72ATrvNUj9w3hu7OnXlgvzCSMNii8/21z0v0ENnXokDoVm0f3kJm3AQBavm PaYHfhORHYphP4y+fs11RYtDmGyWF5W0uqYa3jC9Vso1/4Kd0PuekcOJt06JZA5W C1qkOmgWzUN7vRoGRrDRnLS8uNZ95CVCbAtq5dQBwCJ7KO8yNdTZBcjugivLDV82 ipxENbERaTODSIsDx3XMzB1zYb+9NPsStzqsDNPX53ay6HAQ6T+ZGdrQRcwNtKgp NoYwnVb19YOiebkQd/NvoUCJuoZ1ttJ5MIQ/GzJF3aG/CirZu2VZwire+jXHyCgO G/lvvRXifjzYaULGpT15G4J9S9GFx78bWtM53aVDHwAZ9nJxl/2XVvyDgFz0ECQz 6cPxaVUO13AV3xgaBZDvG4P0xKGSX1eSQGQtJto+pK4JuvA1fbFfeuwLEQW5MD/w HzN0WGKnAbku0a4VQDw6rMnZp8glBpoUqNlfECuMVomd6w4zyIwqNhlIf0mJlL1U 2fQbC/RrgwUV6ESfotO4+w5CSqaYAOj63WkLP00nNV17F7K1X7GztKbUfB3I+RfJ 22KJg/XAbLSCmwhGZQY2MggsBSDrztO97WXMZtHftyPEi9J2FKQ= =uuTe -----END PGP SIGNATURE-----