-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3586-1 security@xxxxxxxxxx https://www.debian.org/security/ Moritz Muehlenhoff May 23, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : atheme-services CVE ID : CVE-2016-4478 It was discovered that a buffer overflow in the XMLRPC response encoding code of the Atheme IRC services may result in denial of service. For the stable distribution (jessie), this problem has been fixed in version 6.0.11-2+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 7.0.7-2. For the unstable distribution (sid), this problem has been fixed in version 7.0.7-2. We recommend that you upgrade your atheme-services packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXQ3CNAAoJEBDCk7bDfE42954P/3WLQz1DcmpFdEykinHBsqH4 swHZcjbuXZENhiKYIyBaidtnm5eXwe1JH/AVWJ5zKZ97dzQ3aLB1bsCN65dQQl+I 8ytWHlAR2xxvlwa+kqWBhfW8CS3VlhX8U5dxWLSCXT5ftsBsuDnepQCrNzwRvlUT rw3Xb9S3chzI3bhBNab64LDp84vm669MdkS48JwyY3e/WPa19fRn6DbvlwP61jFW jw6t5NfBNIpydDmCAZTEMmAnDhS6wZHPVkZlK8vYt4jApYjbT4L35/uX5kiF4phw maoLVFNgMiXK1udnvRf7PXXgH4PDq56in34oa27qOk1fKT6i7d9ltl7bGl1xqnpA 8gqkomi3H+EMQvnV7aVh3BZ0BoGvi1tJ9fp0eWcgDUQ7aWSOYHtxFpC5MtNudUoP u9BTMs224DV2de/vGlUpdQkizP0fPbiqWkV1u4Wgx7hBxG6C7Ru9/LngQqwatsNZ cwHw7AZfduqZJ2adP20lMJlm+v5T3ekabd1Y590IpEgXBBaLIHSWn3WCMXna4F6/ FgL5TneSayjzeTcW7EEJfIG4WTQr+eIdvlm53WGOCSwlcPX5y8HsN0kQPGIqajqz PcT5LttIObblJQYJ6BGxsWjGEUHg9E5zC8lDfocJEiYtscygVAeTy+VbDWrqcGg+ SmfH9IIRFEVIG1rGXmC9 =kK57 -----END PGP SIGNATURE-----