Univention Bugzilla – Bug 55023
gsasl: Multiple issues (5.0)
Last modified: 2022-07-28 09:11:31 CEST
New Debian gsasl 1.8.0-8+deb10u1 fixes: This update addresses the following issue: * GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client (CVE-2022-2469)
--- mirror/ftp/pool/main/g/gsasl/gsasl_1.8.0-8.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/gsasl_1.8.0-8+deb10u1.dsc @@ -1,3 +1,7 @@ +1.8.0-8+deb10u1 [Fri, 22 Jul 2022 09:08:01 +0200] Moritz Muehlenhoff <jmm@debian.org>: + + * CVE-2022-2469 + 1.8.0-8 [Tue, 21 Apr 2015 11:09:57 +0200] Simon Josefsson <simon@josefsson.org>: * Upload to unstable. <http://piuparts.knut.univention.de/5.0-2/#3650498745650009912>
OK: yaml OK: announce_errata OK: patch OK: piuparts
<https://errata.software-univention.de/#/?erratum=5.0x370>