-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3853-1 security@xxxxxxxxxx https://www.debian.org/security/ Sebastien Delafond May 15, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bitlbee CVE ID : CVE-2016-10188 CVE-2016-10189 It was discovered that bitlbee, an IRC to other chat networks gateway, contained issues that allowed a remote attacker to cause a denial of service (via application crash), or potentially execute arbitrary commands. For the stable distribution (jessie), these problems have been fixed in version 3.2.2-2+deb8u1. For the upcoming stable (stretch) and unstable (sid) distributions, these problems have been fixed in version 3.5-1. We recommend that you upgrade your bitlbee packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAlkZeTwACgkQEL6Jg/PV nWRDYgf9EhqKwSKewMbqjZrPRdk7L3dcQvF1y46T7F3eE3jQkka6vKC2vfR9IY7S WlkDaLbd+9+LqhdBM1vDHI/4zSvehjQwPPyvL0iSM+6NGrED2RtgB0lBUHxfLBSj 0dKzJfl3DROgQ39Ws79Rf5JJxOH0u1fLFM9UphZm2+Rico6dasz3e0prWslBfp0A FKcI/Mvb7Syi/nCZbTZ++yl/QNlVu9p1bxy5y1ZxVdfcakTX0Jcf0pjb+4CmzMtN fv7onbNTr3Z6nB6XzkeviiP6op3P3HC13ayXFvTOm32Q7/hXd9JSGL07/6FyGMqc e5qcgpPXPt9oRgv2eD87uHwqeZu81g== =TcC4 -----END PGP SIGNATURE-----
