-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5956-1                   security@debian.org
https://www.debian.org/security/                                  Aron Xu
July 03, 2025                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : ring
CVE ID         : CVE-2023-27585

The embedded copy of pjproject is affected by a buffer overflow
vulnerability, which affects applications that use PJSIP DNS resolver.

For the stable distribution (bookworm), this problem has been fixed in
version 20230206.0~ds2-1.1+deb12u1.

We recommend that you upgrade your ring packages.

For the detailed security status of ring please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ring

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEBLHAyuu1xqoC2aJ5NP8o68vMTMgFAmhmKhwACgkQNP8o68vM
TMjDeQgAqLvbdm4lP7hnXQ8RDHf6NmZZbpVmZogbAat1CPIjyrHk1ekfOO5hf/lq
XvxFyYCu59B8UGSBXRV1BXjugOEfiPmPqcroZR1edEStJnjn7ezVKpAU3Tx285dD
vVupbICtF+yBJTkGoCrtl0NCUDyjSjzj1m3V5F2Qz8nSebpt/zVwvNNgQIbVheaK
+C5M/cs2LMKiQIP/kqDjmJ0QEzZSjFCeMV7lR+MZwbPGPbhycOU+N/LK6RG6dF6N
3DlMcizqS3qZGhza02mAGs7bAV9cUkayVGpQyXiuaTY8LUrNpMXsSWj8D1ynSVNr
zvIqK9vjXOABn0vS1KI5sL6ZI6+4hg==
=WyGA
-----END PGP SIGNATURE-----