Debian Security Advisory 5413-1

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5413-1                   [email protected]://www.debian.org/security/                        Thorsten AlteholzMay 26, 2023                          https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : sniproxyCVE ID         : CVE-2023-25076Debian Bug     : 1033752An issue has been found in sniproxy, a transparent TLS and HTTP layer 4proxy with SNI support. Due to bad handling of wildcard backend hosts,a crafted HTTP or TLS packet might lead to remote arbitrary codeexecution.For the stable distribution (bullseye), this problem has been fixed inversion 0.6.0-2+deb11u1.We recommend that you upgrade your sniproxy packages.For the detailed security status of sniproxy please refer toits security tracker page at:https://security-tracker.debian.org/tracker/sniproxyFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmRwsRMACgkQO1LKKgqv2VRavQgAuKHflNXCnnu4VYTdqVME/Gkm37TyaxmrIaWliakXlQcz56ZIVBAdbko4mUgqaWBleXcSXRNe/D+9I8ugQUSVzWXNXqOcu9Z+nQzlpHpB+wQR/rMrC97Ep00NLcEELevoz20uDf6ufU+AQixYyfthvncwKcj0TFp4G4VcQboB5CocCVhlXvqEtimch/M117hfKEsD5AJWY04vXicmCqZWrtEjKUSNkZkrRKT/7u4DTkYcYgYsPBKCT0vPGf2XpWEP0bJb7vRyrPq5BnoLXJclF/t6CqD4L9MtBP1gwHPrtJQmgYdjyWm7wKvKAKXINGSUIYDZKOw/3EEkzL2tHOSxng===0CH/-----END PGP SIGNATURE-----