[ubuntu/impish-updates] libslirp 4.4.0-1ubuntu0.21.10.1 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Tue Oct 26 14:58:17 UTC 2021


libslirp (4.4.0-1ubuntu0.21.10.1) impish-security; urgency=medium

  * SECURITY UPDATE: data leak in bootp_input()
    - debian/patches/CVE-2021-3592-1.patch: add mtod_check() to src/mbuf.*.
    - debian/patches/CVE-2021-3592-2.patch: limit vendor-specific area to
      input packet memory buffer in src/bootp.*, src/mbuf.*.
    - debian/patches/CVE-2021-3592-3.patch: check bootp_input buffer size
      in src/bootp.c.
    - debian/patches/CVE-2021-3592-4.patch: fix regression in dhcp in
      src/bootp.c.
    - CVE-2021-3592
  * SECURITY UPDATE: data leak in udp6_input()
    - debian/patches/CVE-2021-3593.patch: check udp6_input buffer size in
      src/udp6.c.
    - CVE-2021-3593
  * SECURITY UPDATE: data leak in udp_input()
    - debian/patches/CVE-2021-3594.patch: check upd_input buffer size in
      src/udp.c.
    - CVE-2021-3594
  * SECURITY UPDATE: data leak in tftp_input()
    - debian/patches/CVE-2021-3595-1.patch: check tftp_input buffer size in
      src/tftp.c.
    - debian/patches/CVE-2021-3595-2.patch: introduce a header structure in
      src/tftp.*.
    - CVE-2021-3595

Date: 2021-10-26 13:30:10.600793+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/libslirp/4.4.0-1ubuntu0.21.10.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the impish-changes mailing list