-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 18 Aug 2023 12:44:49 +0200 Source: fastdds Architecture: source Version: 2.9.1+ds-1+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: Debian Robotics Team <team+robotics@tracker.debian.org> Changed-By: Timo Röhling <roehling@debian.org> Closes: 1043548 Changes: fastdds (2.9.1+ds-1+deb12u1) bookworm-security; urgency=medium . * Backport security fixes - CVE-2023-39534 Malformed GAP submessage triggers assertion failure - CVE-2023-39945 Unhandled exception on malformed data submessage - CVE-2023-39946 Heap overflow triggered by PID_PROPERTY_LIST - CVE-2023-39947 Heap overflow triggered by PID_PROPERTY_LIST - CVE-2023-39948 Uncaught fastcdr exceptions - CVE-2023-39949 Improper validation of sequence numbers (Closes: #1043548) Checksums-Sha1: 944dae81351c8845764ec54057ce633d7abca038 3027 fastdds_2.9.1+ds-1+deb12u1.dsc de452fb3851e21bc11a41c038eb8ec210a5f37e8 2888964 fastdds_2.9.1+ds.orig.tar.xz a542228dca9c3625f663e6ecdc7ad8f4f29f80ff 24096 fastdds_2.9.1+ds-1+deb12u1.debian.tar.xz c17487209b3d22847c280f9224407ca25fee51be 8707 fastdds_2.9.1+ds-1+deb12u1_source.buildinfo Checksums-Sha256: 08344e6bdd9958098ef4ac2b52e379186927d6414c956a3b4bf694d555e0d25a 3027 fastdds_2.9.1+ds-1+deb12u1.dsc ff2d3827d573468456cb8ae79e9b9b657137b40f33624381b2d4c7a9f1ad2512 2888964 fastdds_2.9.1+ds.orig.tar.xz 9705ddc0d08873ccee374c07a9210f7952ea074d0f1510e406c866e300e9992c 24096 fastdds_2.9.1+ds-1+deb12u1.debian.tar.xz b216f1ebd59d86a0d80775382788e30cbe71f38e91c7fa61134129a5fa8c9a4a 8707 fastdds_2.9.1+ds-1+deb12u1_source.buildinfo Files: 99e4ebaf6bad21d84fc5870b93c8c942 3027 libs optional fastdds_2.9.1+ds-1+deb12u1.dsc f098d3f5779bb1cf0f8de27c93b67956 2888964 libs optional fastdds_2.9.1+ds.orig.tar.xz 5a992064016f461b8766a05c12d7e00b 24096 libs optional fastdds_2.9.1+ds-1+deb12u1.debian.tar.xz 8393f4f66cf8b522265f5e8a5a5a2bd9 8707 libs optional fastdds_2.9.1+ds-1+deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQHIBAEBCgAyFiEEJvtDgpxjkjCIVtam+C8H+466LVkFAmTfXHUUHHJvZWhsaW5n QGRlYmlhbi5vcmcACgkQ+C8H+466LVl+Wgv/eUVueFRcKbwL7zGsMjRM8u9rgsUC 1LQ/qyVhohrayDjXonDYvKpjUCDDTlNf3GIbn346jk3g1gSy52WscCgxc0TS2TXC cL6LJSALPBGVxHpOexJxBuCHYoJq58lRXSG0voCg48bMpMEiv5YNYBn8XEL00xcE 7XDk/vxD715Y/t5cyr/Fnqcg3/5Lhrl2l8Qw5/VrCcsP5E0qdSwFvnR/7ctUWyXf nVXxC335vqx0EZ8tJca0BwDWDDerBwqsBytF1fcSjK+wtWfZ3b4BBpge181+PWMF XzlkWFjh8EdMyBgpjUYsIs3/AB2Rro/EloBV0yn03tHj3tZu12wVrAxwpaSvaBfQ Kg/dNhOE8A2QGv99xRRJd+ScALlbULQyZU1vhokaaBgHyiPwadjYslGkuDLnS4r2 AcqpNgi+Gxj8FTHeks/+nk5uCxjIR3D1VGstnB/IKKMikenX1ZxXqSdppaCtvfDp 5iMl5qvstMoLvWbSacWjy7mO2ZA4dhjKHQYj =6Obv -----END PGP SIGNATURE-----