-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5269-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
November 02, 2022                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : pypy3
CVE ID         : CVE-2022-37454

Nicky Mouha discovered a buffer overflow in the sha3 module of PyPy, a
fast, compliant alternative implementation of the Python language.

For the stable distribution (bullseye), this problem has been fixed in
version 7.3.5+dfsg-2+deb11u2.

We recommend that you upgrade your pypy3 packages.

For the detailed security status of pypy3 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pypy3

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNivD4ACgkQEMKTtsN8
TjYcfxAAhkg2+/s7yTHve08CkBReV5cZ+z3cJSCCm53l4CHbpiNcza7IPzi0/GMj
EupYEF+Mozvtm2puVgnWRkckuF5Nss3+yZYpHpPug4AHbEQy7GD7OdqVkV6aih0o
AgIfd2jeaxzUAEEQ/7Mr+wInMknxDGmW5giFo2vUvR5dESRcfuImyaiJBlT6KUZY
5ocMpp/JNcomfI61vJnzpqcnP8MMSLfzQuyyJoWXlUonJJCKw881Em2buRDRIZJJ
r3Gl5uF4vXUsJEWQqLMvpqJfCwjI+h6gmkZexv8fklU+xF5NFbf8Hlo2mOJq7mZV
X6xplm0AhgsaqtM/dm1U4jHFflLvJ6LYTRTP3XqsuysSMhmURE6n7wUZBF/BvCqn
747nS3yKFKyWXcP2AuEwZy1awo2xWigk5QJLIpcMcYP1MxLrMYZE2F59xXTctPLd
wxZjdT1PZIUmxHVw3+kGDkGB/4EB9DGTYP925Acj+pwnrgBgwisQs0o2vKkKhYMZ
3xvUf0BMszbVmNMBHE0YFPtAD/H8ALdxOTFwMtihQzBKvwmiBohn1lLRr00rNpai
YxJVOPxPFQUhI/RrB2m1BD0aAWSPNGZu8THbYyxA+1Sur3DMMRrihDLGfcZj2RzK
GMEkUffW5oj9ZQeqhele6vfqHfvWRnhjc8rVkhRlyFCYLsHtnM4=2m5H
-----END PGP SIGNATURE-----