-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2372-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 12, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : libproxy Version : 0.4.14-2+deb9u1 CVE ID : CVE-2020-25219 It was discovered that there was a denial of service attack in libproxy, a library to make applications HTTP proxy aware. A remote server could cause an infinite stack recursion. For Debian 9 "Stretch", this problem has been fixed in version 0.4.14-2+deb9u1. We recommend that you upgrade your libproxy packages. For the detailed security status of libproxy please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libproxy Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl9cl/MACgkQHpU+J9Qx HlgjrxAAxk8OunTVKCTtCztwJKSWCSp46WGF+4fRXmKIFdjHw0/+4e6dKcaHXEbF 3OwLem9UGa4C8VnmuXb3S8ThAbZZ+ceaIYBBun8DlD7/3V23RezZeiegKr+ZhN61 6WYKRl8cGWJmGX0TVOW27tmw2Yin5n+tTQAroAVvx3HT2xy8wvzruwtJMPx01LzN iQqaQrcnkiHOpkOcp0STPb15J2YRaDaZa6lGa214sN11lMw8HN7ARdM967qXz5x3 cAYLbOpzQm3BIBZhEGFA0407VYLduvexIVwgOBi8PeilYHuLCLfm7DKkbOtRn2Tn sZfDg6NuAitjpy/WbnwUUmBn3+blCtTOacJMq9PFjr+2E0QCAHZxqrzD2KUV02x/ tF46GlFiBVi3XsDyWADBpU9IWy/EY0uHjfC840fA5F7c4zsd9pUXy5na7kVdIFFH pb7itoMKhIRRXYeyEsTBa2RPX3pbSx/s3nM/usd2DpyZG71SYy1anBwwrhgt3+JH psnzEmvm0YgGQ8Fd0C0PZI1sbbfuDVUpO3vSoqQK/yXITPuTgSYgEw7ittFgNFr1 Xn9rJtaejY/biO6o138ZrgWUg4enbuvolbOGSoXxEiA7dVsJKN+ZoF7QXovEdQoH mTPDaNkY4KRvtJE8K/fLleUu02SLclymAdssYxfpxVSrmxbYY8U= =+5f8 -----END PGP SIGNATURE-----
