-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4106-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 07, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libtasn1-6 CVE ID : CVE-2017-10790 CVE-2018-6003 Debian Bug : 867398 Two vulnerabilities were discovered in Libtasn1, a library to manage ASN.1 structures, allowing a remote attacker to cause a denial of service against an application using the Libtasn1 library. For the stable distribution (stretch), these problems have been fixed in version 4.10-1.1+deb9u1. We recommend that you upgrade your libtasn1-6 packages. For the detailed security status of libtasn1-6 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libtasn1-6 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlp7TPxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QbRBAAnPEkX4R68VOr/kwZz4u61IrGctvG5lA8JkLTy25i48uwyVpWxpDHFVO3 8WHArjVtiSP2M0PpeOA6sz1nbmgwDOuIcMnEEeTX1dncL42MXUY1vhB9OcMs48LN LC8DUhF7LXQh7F3P27ipe9/4UecO6xd+wq70lScwLI0EFscrtqNi5Gap4Jyj7IMl fUUOMEBPafBPtDRHY+Pu4pwq5QrIqhppn5cPpJFuBmFhcHCBj3uH+9eg58leHP6J 05t26TTDcNR8ZDPB0SxmCHgrr6vVG/48ANoCJWjkHxjxyUkM7HI38uSZIk0TZ0IR JxiUdqMIgB6Z9wJWjzXuclZmF6jnpG5O7WMQW2S3b+ADyqRl7o/+Kq6nH6p5BeKA WNdI82MPpZz1VohH1ShJ9DHHOOqIBJu1NmTle92O62I++/soJ3GRO4ppxMsgrNLk b9J9V790SPeW0OcI1CyEVdoxK8xZlPA22lR+3ywhTTcrmvQQaeFtuVKGjE4gQCKY CfTZ4J+qxf+1yJSi4iVAv85bbi3/GonwYb2c+xAPvkQkczaxpkeM1yATKC64HjK5 IKHurF8uj+0yuE5H8lv6zp6kUcYD7iSNncvmTZd5AzLHo/Ly2+rjs//RjomZjP6a /2opnm4uV1BoQbF4tPCEhQ1zHyVW9xDqFQ4/ndIYOPk5abIy4Yg= =LK24 -----END PGP SIGNATURE-----