-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 18 Aug 2023 20:19:21 +0200 Source: fastdds Architecture: source Version: 2.1.0+ds-9+deb11u1 Distribution: bullseye-security Urgency: medium Maintainer: Timo Röhling <timo@gaussglocke.de> Changed-By: Timo Röhling <roehling@debian.org> Closes: 1043548 Changes: fastdds (2.1.0+ds-9+deb11u1) bullseye-security; urgency=medium . * Backport security fixes - CVE-2021-38425 Denial-of-service by auth package flooding - CVE-2023-39534 Malformed GAP submessage triggers assertion failure - CVE-2023-39945 Unhandled exception on malformed data submessage - CVE-2023-39946 Heap overflow triggered by PID_PROPERTY_LIST - CVE-2023-39947 Heap overflow triggered by PID_PROPERTY_LIST - CVE-2023-39948 Uncaught fastcdr exceptions - CVE-2023-39949 Improper validation of sequence numbers (Closes: #1043548) Checksums-Sha1: cdc9547316de4eaff7abf04b38199fa8ca1115bd 2229 fastdds_2.1.0+ds-9+deb11u1.dsc 8a87b0035da77788d53cc3b1947fa7c5e6e5006f 3806662 fastdds_2.1.0+ds.orig.tar.gz bf63df8a21a09659001bf7204774ae4775efe3e9 67652 fastdds_2.1.0+ds-9+deb11u1.debian.tar.xz c646b7f6a6b3f841df6f51b3bb9a286a6263c9e6 9200 fastdds_2.1.0+ds-9+deb11u1_source.buildinfo Checksums-Sha256: 74aee52f5aa4dbe9279dc6ec38f9a8ae3b766e9b9cbea9538468fef5c4c349be 2229 fastdds_2.1.0+ds-9+deb11u1.dsc e133cc258e0f839c2224d3b5c3606d94bb781312f301e9177d59248ff96c3bb8 3806662 fastdds_2.1.0+ds.orig.tar.gz 1343b3e3bde313035d1d7b756fcaa9c4f80be79f10def483a898b5cafefd4c6f 67652 fastdds_2.1.0+ds-9+deb11u1.debian.tar.xz 5a656d25c9d6a1e33dd09bd1ced16c0732464ae8927dadd28216cef8a9f00354 9200 fastdds_2.1.0+ds-9+deb11u1_source.buildinfo Files: d89234b7b39e876d963f09bcaa7de43a 2229 libs optional fastdds_2.1.0+ds-9+deb11u1.dsc eef9c4efb90ea96ef62b53fb0ef3d525 3806662 libs optional fastdds_2.1.0+ds.orig.tar.gz c911c05b386561822a5366bf3e93247f 67652 libs optional fastdds_2.1.0+ds-9+deb11u1.debian.tar.xz 1e6f9df834736ec9ef696ced4369f45f 9200 libs optional fastdds_2.1.0+ds-9+deb11u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQHIBAEBCgAyFiEEJvtDgpxjkjCIVtam+C8H+466LVkFAmTf5ZkUHHJvZWhsaW5n QGRlYmlhbi5vcmcACgkQ+C8H+466LVnlGQwA4UicBUFYWS7iK64ayXvlJ/qa+hgd tC1/KJk/mkBDO5Z7b0/R05aLpqReA/c9C0CcrWUny+ndLVeVviCQIHi2DJU+Du9z sTNPpPBR8ila2STFB1CNlOQMaL0lpOYYe4nLOqiL1yqY/ZAK8UHdZ5Xg8/zko11q KQcPXotlDSp+QTqVYTg790jVxBrmw6AlkV/mBqbilY5ChcCCdhCfcRq8U4ay77c3 4Ijg+erce78Y+IoxmceZhf7X2zkl+vn1B/6N+4lLDoekJeCeD2k2hV0gb+TAK+fo hB0FW4syq/vRJsvZbIQ96UL3bpg6j96RblkKQbv7cXFRvDwT5LRFE/hh5ahRAxAV 10vJ2xw/ERtcnSnnRwtwXb3z1sVJQTL3NN/mT85SU1zY1a9vlxVXvQ3Gxmyo/qci GViCN/RLH5oo2Pitc2EV8dS1nSFJ3UA9soN6caxaVrENnr0wH9CelwXzvlV0ZyRD 5cbzSpXjo3+k/Sk6UijaIBmZ0gTKtgOtCfqb =Y6FW -----END PGP SIGNATURE-----