-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3341-1 security@xxxxxxxxxx https://www.debian.org/security/ Salvatore Bonaccorso August 20, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : conntrack CVE ID : CVE-2015-6496 Debian Bug : 796103 It was discovered that in certain configurations, if the relevant conntrack kernel module is not loaded, conntrackd will crash when handling DCCP, SCTP or ICMPv6 packets. For the oldstable distribution (wheezy), this problem has been fixed in version 1:1.2.1-1+deb7u1. For the stable distribution (jessie), this problem has been fixed in version 1:1.4.2-2+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1:1.4.2-3. We recommend that you upgrade your conntrack packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJV1b6tAAoJEAVMuPMTQ89E9acQAI9mJw2+XMAYv6o3b3LPoWEw blxUTwWaoEB8JzMthDL4vw54GbfYaAecIQ2/3Q81TQVHn+CUw4q3lgKIgRg4MHd5 Zi5WGD8tUFc0OLzX34E7FkHzMLgNDt2x1GfVCNZYJ2cLvEu1xMJTRKl0UxCfSUGU THHNEc6Ko9NgAtzJZgun2K3bxEpko61VuCNpoHW4ib4kGyeJ9aZE0E0CDh5s1CVm F6qSvoI5KOm4molOStf7AQU9dAubTi6ZNc8YaKKlHon6/uCySsXt52nBDfcygAlf HVK1lio+t5s0T24qzYjaJZxH6VqQ6dLLsc2YDdiBYuMkmylOgnAXlqW5kRjyrJEb kX3JCgLxI/lbdw9XHwsUELDcEppSXkrhor97K1Kmv4ef5qTLEp1IHUMppmn609Jk +P2sBlPco4+3fj/CSqhEdtnZADwKt/5ZuvEJr1J0ueZJvUrmuRi4v1tiwNUmnzlU 0Rwo0npZs0T/QarPtCtPgWutG2v8yS1XaOl5al8nqmE7+DtBql7Z22QbGYG9nD8t tHPTPMy8o9mctyrJ8bR7f3dQBbYjQwB3WJSNnC+1ceiU2+f4L6FuWUFbkU8rum31 8WpfUUA519b6vh8/SoiZrMaOwNcGtw23BkIYXko3GoEF3Docnb2dfXLRosZCIoH/ IC2ZqmuMiY41a0obKSdj =S6/f -----END PGP SIGNATURE-----
