-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4295-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 08, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : libhtp Version : 1:0.5.36-1+deb11u1 CVE ID : CVE-2024-23837 CVE-2024-45797 Multiple cases of denial of service due to excessive CPU time and memory utilization have been fixed in LibHTP, a parser for the HTTP protocol mainly used by the network analysis and threat detection software Suricata. For Debian 11 bullseye, these problems have been fixed in version 1:0.5.36-1+deb11u1. We recommend that you upgrade your libhtp packages. For the detailed security status of libhtp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libhtp Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmi+2Y8ACgkQiNJCh6LY mLE32Q//fitTBvcbTCUbXoBYKh5mrqldWQBNQVn72O/zV6CWvWDkkdXPpwZQ/d8C 8dALqqOW8c2mLLoHAZSg2NPoPIOxzvg8BwVpfNFReWDHfxWqlMuGqwtnEJkuOHUE HPf63Zfjrg02RpFJB+KzfxURGP36CbBKZUx0xSF/WSa9f48fph8uyorsONeZm2DB Z3zuTKVrVW0ULOgXWdzJPN0oYjJVGaCtaUEo1snBUA6AhljWZ3lrBWcvTpxn5Tee p8F5sXK5oekb4CE8nAGdiU9ENJEHkl1FxxlHqGOW9BdGQfwBxzPK9Z5RhjQh2v2e tsfNaCBJp3z2g2ngeUNba1DQO8JApTTuby4SIWEff5irxc+X6CiS0x2zxMCiOIZX kIaQzXRh4LTkgeG8eoBiRPuUsM6CZmGRM+HOJ7HQpI7yDq/itOWnWGMoMCnXHvU0 FL5TtGZQR40fDOdtyUK0D7fy233NLA+ynTn+i4fFIj+3GwCUJkFi6WRYeI4+a7ti Ro0fRtYyQ8uGo+q5tpCO3BQpall+6g8NeGwb5VK8Lnwxmg3evPVSChFhMHVtlkSW Vy/RGsAhwJtYlzkt0R/CRPzD3Hd9YzoovAHvFzxD63IdrEydp/bsAH/g1VDJBFpw H4kLBTojU/IlgKveS1I47yX1GFrPulN0Qk7qZT2tXlYMe4AOK6E= =oZPK -----END PGP SIGNATURE-----
