-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2964-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso June 21, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : iodine CVE ID : CVE-2014-4168 Debian Bug : 751834 Oscar Reparaz discovered an authentication bypass vulnerability in iodine, a tool for tunneling IPv4 data through a DNS server. A remote attacker could provoke a server to accept the rest of the setup or also network traffic by exploiting this flaw. For the stable distribution (wheezy), this problem has been fixed in version 0.6.0~rc1-12+deb7u1. For the testing distribution (jessie), this problem has been fixed in version 0.6.0~rc1-19. For the unstable distribution (sid), this problem has been fixed in version 0.6.0~rc1-19. We recommend that you upgrade your iodine packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJTpRRYAAoJEAVMuPMTQ89EX7oP/28EAYBKa3LxEaGXzasuhita vAWi8n+3fV18XMwpfk8XpQhWatXgxLqZzaB1+tt7YG7lGPQofwQm5O7EnOfFmiFd rgHmhoTEx1bJIk/qSGFuQnuHNrvAWmQyXjPo/ZofetP+54osTPtTCILzRclJ0Dcr Ju8Mlt4fNbIPYEBGCNdB4E1obpwrP7DewanHg8Ca6UrFiuXkCRHWysLpzpM1OA9p EkZYAa64cKbeYAYsWh6fsdBOiinOOrorXFgxTRCL7bWy7NTF8jXukhD8G4ITN/kR n+lUTx+MT/pRk53M6EnLnS9aEgyLCXytMxCod4yE57y+/G59q18mdO7jci1cMhKF H9Wc7xvY2STaLRtPxt7RED6V1Lbth6STp638dfO96TBwb8eCLSRu15Up7BTsTTIp cF57PreTSOFyBzonvH0Cs5zXEkSYVpkW+PBvC5K0jpJ56Hs1bxqHapvEtC89E7Zc BQ9OVp4Bys48Bu23HHg+O9xUu5sPJXHD/HVjCiCK9BLucsnJIS6ZfwBeDv4rSfZu WiG3Z0YFE4T1LuYteI9c72asPgu2Sa720i+Tqzpi4dULLkevHNPM8Dxtwo6fAHKn jiTw+FFrcjpyzklQ5wyLx1aDLDbDx2RkTkXtzTMz3GOxAakGznQ/OaBfQyiP1+cj AV7auTYO0B4jy2fVP3Hp =cOY7 -----END PGP SIGNATURE-----