-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3465-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz June 21, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : minidlna Version : 1.2.1+dfsg-2+deb10u4 CVE ID : CVE-2023-33476 A heap-based buffer overflow vulnerability was found in the HTTP chunk parsing code of minidlna, a lightweight DLNA/UPnP-AV server, which may result in denial of service or the execution of arbitrary code. For Debian 10 buster, this problem has been fixed in version 1.2.1+dfsg-2+deb10u4. We recommend that you upgrade your minidlna packages. For the detailed security status of minidlna please refer to its security tracker page at: https://security-tracker.debian.org/tracker/minidlna Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmSTSapfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEdLMg/+I7l6vKl12OFlt8mFzO3NCLIj+CBaTAoG+JBdvgfbQ2OT8dQ4jFtQForE sl5Nap4Ch64eHaNZ8lfzLVHLmsBHjDdTDnDwITx/hGsLNw2pvZZRnE2OaoEz22lr UtBag/RzeQqWt+yXkmiD2hACIT/RzeHP7bsxI/DNOAOcrJ81+7bzBwdzIgUiVO2X 5wnikzcOg/zZyw+JTiKDZxwG+D2jgHO85ctV4u3qTM5rPWOY9FobVAa+hWYurOtW RAvrRdoK+0ozsVdYFJ4tJ3wXd5ck1VIjoYPmad5reTzJouoedD3zYU2NTmSPTbKF L7iG+bgAiZqE9ou+pb7Muc7YkhF9ZVWJVsWPWo/Op7VVF5BEa7VJ3Dd/UJp9/eS3 ryYkx3cYzrKeJAm+2MIXLEnyiS93xLz/0FJ+rGgJ5TsmyAotyuWhM2l3Ud06YJu+ eeCkvG/MIU8Jcd8h8SdOlkEimKPKcv1Pqh8LTQhQTHnZm9g6cFqx3Sw74pF/Jaye j7Bmab7y0HFP0l8LHNuWEd9buyAIc4fXH+TDmPa7ed4DJRLY8c2OrFBUrjvXvvyF A15dNsjM7bGRoVbvxFq0SmOMzH14glquvYiFZ7ydR70l962CF1WIQnPqNOH2PJzU MNDtWKCWGL7kJvm3jkR5MfC3AULdMeEHDfLMsqgqK1v64rF55jI= =1+zh -----END PGP SIGNATURE-----
