-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3070-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 11, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : gnutls28 Version : 3.6.7-4+deb10u9 CVE ID : CVE-2021-4209 CVE-2022-2509 Two issues were found in GnuTLS, a library implementing the TLS and SSL protocols. A remote attacker could take advantage of these flaws to cause an application using the GnuTLS library to crash (denial of service), or potentially, to execute arbitrary code. For Debian 10 buster, these problems have been fixed in version 3.6.7-4+deb10u9. We recommend that you upgrade your gnutls28 packages. For the detailed security status of gnutls28 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gnutls28 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmL038UACgkQnUbEiOQ2 gwIGdg/9Hp3BfkLba/TNU6IXGKuDkmiFRPhZRqEQq72zQPvY/Yi1D1CSlzKnbzyX VHec36VG69MkdMlTonLr3hTkYc3MsJX8UjKsslZMnPcxMSQ/69c2LQlPrHHft6wg 6lld1x//1168tRisU6Z897xoRTR6fSJPC5Szju/Bk7tz0csgIna8KzYN5cCj7cnJ WR2Te0mIoxGzRO5C5fXkNst2eY0rtq5gAyaz+f551hyTG7yfDnvhXBrDdVkp1JxD P0K7CSqx5jgrmEHx173ysf8521XqKB3pJwhap0W8QQy/4kwbIm2fMz/xFtvLdsfm udePHzZ3iaACFs58JJbY4lOWLk6CAHx3PyhCty7UHcvvVifxfKW0kUVtxxZEAVPk nae7LXEZ+9V+llV47br6k9s/W+vOg9v41Nz81/NuotomETiiV2RFjTW9NfrKhjFN 8Yz1yYTTqByZxDiaPSlpAuDF93QHqE8HwY2nRMHzpnJAujqWgwrYLyhMrpSKFKcF KxEBHxCLRmjG/X9xkNaPeLAWdG+GJGry93qIf3myqVglza299UjanJOh4gZZUz6J 6E5kBILEoPnTp1ZbOULqMD4Vx9JqDPU41j+9GiJNmRVZDORPNJ3TMeGWp5ZLJQom p9rwvjhxPR9r3nGIk1u72NE9C2FhsNDUer9UUkPg0Y7bG6Jz4UY= =VgbO -----END PGP SIGNATURE-----
