Hi,
On 21/4/24 21:58, Moritz Muehlenhoff wrote:
> Hi Victor,
> diff looks fine, but I don't believe this really needs a DSA; it's rather
> obscure attack vector.
> I think addressing this via the next Bookworm point release is perfectly
> fine, what do you think?
Fine for me. No objections
On Sun, Apr 21, 2024 at 07:35:43PM +, Victor Seva wrote:
> Hi,
>
>
> I've just uploaded sngrep 1.8.1-1 to sid and prepared 1.6.0-1+deb12u1 for
> bookworms-security [0].
>
> Attached debdiff file.
>
> Waiting for you reply,
> Victor
>
> [0]
>
Source: sngrep
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for sngrep.
CVE-2024-3119[0]:
| A buffer overflow vulnerability exists in all versions of sngrep
| since v0.4.2, due to improper handling of 'Call-ID' and
3 matches
Mail list logo