Debian Local Security Checks : Debian: Security Advisory (DLA-2513-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.892513

Categoría: Debian Local Security Checks

Título: Debian: Security Advisory (DLA-2513-1)

Resumen: The remote host is missing an update for the Debian 'p11-kit' package(s) announced via the DLA-2513-1 advisory.

Descripción: Summary:
The remote host is missing an update for the Debian 'p11-kit' package(s) announced via the DLA-2513-1 advisory.

Vulnerability Insight:
Several memory safety issues affecting the RPC protocol were fixed in p11-kit, a library providing a way to load and enumerate PKCS#11 modules.

CVE-2020-29361

Multiple integer overflows

CVE-2020-29362

Heap-based buffer over-read

For Debian 9 stretch, these problems have been fixed in version 0.23.3-2+deb9u1.

We recommend that you upgrade your p11-kit packages.

For the detailed security status of p11-kit please refer to its security tracker page at: [link moved to references]

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references]

Affected Software/OS:
'p11-kit' package(s) on Debian 9.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-29361
Debian Security Information: DSA-4822 (Google Search)
https://www.debian.org/security/2021/dsa-4822
https://github.com/p11-glue/p11-kit/releases
https://github.com/p11-glue/p11-kit/security/advisories/GHSA-q4r3-hm6m-mvc2
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/01/msg00002.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-29362
https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5wpq-43j2-6qwc

Copyright Copyright (C) 2021 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.892513
Categoría:	Debian Local Security Checks
Título:	Debian: Security Advisory (DLA-2513-1)
Resumen:	The remote host is missing an update for the Debian 'p11-kit' package(s) announced via the DLA-2513-1 advisory.
Descripción:	Summary: The remote host is missing an update for the Debian 'p11-kit' package(s) announced via the DLA-2513-1 advisory. Vulnerability Insight: Several memory safety issues affecting the RPC protocol were fixed in p11-kit, a library providing a way to load and enumerate PKCS#11 modules. CVE-2020-29361 Multiple integer overflows CVE-2020-29362 Heap-based buffer over-read For Debian 9 stretch, these problems have been fixed in version 0.23.3-2+deb9u1. We recommend that you upgrade your p11-kit packages. For the detailed security status of p11-kit please refer to its security tracker page at: [link moved to references] Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references] Affected Software/OS: 'p11-kit' package(s) on Debian 9. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-29361 Debian Security Information: DSA-4822 (Google Search) https://www.debian.org/security/2021/dsa-4822 https://github.com/p11-glue/p11-kit/releases https://github.com/p11-glue/p11-kit/security/advisories/GHSA-q4r3-hm6m-mvc2 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/01/msg00002.html Common Vulnerability Exposure (CVE) ID: CVE-2020-29362 https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5wpq-43j2-6qwc
Copyright	Copyright (C) 2021 Greenbone AG