-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5041-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 11, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cfrpki CVE ID : CVE-2021-3761 CVE-2021-3907 CVE-2021-3908 CVE-2021-3909 CVE-2021-3910 CVE-2021-3911 CVE-2021-3912 CVE-2021-43173 CVE-2021-43174 Multiple vulnerabilities were discovered in Cloudflare's RPKI validator, which could result in denial of service or path traversal. For the stable distribution (bullseye), these problems have been fixed in version 1.4.2-1~deb11u1. We recommend that you upgrade your cfrpki packages. For the detailed security status of cfrpki please refer to its security tracker page at: https://security-tracker.debian.org/tracker/cfrpki Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmHd/DMACgkQEMKTtsN8 TjamFw//Xp8cdyNRxyeFrg9aH3H9xFVozYVXpGSZMRSoFDgrCW1BZuKPgtYH5Goi zUjPYRb3w5ETr07ZJ2c0lmjONxFjRBm2t7T/7Yg5nYBy0uD80d6My095GLBDuSTz bOOHXfcZInUAoc4Mlg3dFWHlJtI5W56R/t5TaBt2EBbxnCkIUcpxdCGq8eTL8uOi 2gFJms0ROkQpuNS4HH5A2b5IWEtZ59CqYkTmq9lIfUnuQXBxP3qGc6UxIjEPHz9r 9qck3lCiFKMvxN2mZ4dYMUFUSYbXRFfVVPQndtxQMII7Z60usFfRTUamEFqm/FAx 2AjrJ4hmtrCEPHcHMCocpE6YMgmaAQcl9DLnosVon8kFWpEk4i7Hv4Dh7Szq9GAk h+miguOB4cR4NNaE9ZQ6RL2mhe/Rw7RFBnsLreMZ1wkqiHOyBH/MtUSgqGynsUbV PbJLA8kyBGaoVx2Goc2dNdkWDPwJhEjw38B2Uo+7ay1I11hw7B7Bkp2AECK+gJaM 1CJ0dIeiq7adHZtIadIjL5gsihF3EQFcmmqJDqWH2dxrwNrtwYPVzV3cZVoRmc9q MjPC4hauxDdgAXFAtrAPqrk50yBU1Q6tZZYjDPU8ZePq21LIHGNDeFbxUbN81DI5 e06MZbHG49n3hI4wOO3VQta+Cb/MAqvAKTlZuUUjdTS4Dtxf29A= =n8pD -----END PGP SIGNATURE-----