|
|
Subscribe / Log in / New account

Debian alert DLA-4024-1 (poco)



From:
              Adrian Bunk <bunk@debian.org>


To:
              debian-lts-announce@lists.debian.org


Subject:
              [SECURITY] [DLA 4024-1] poco security update


Date:
              Mon, 20 Jan 2025 16:47:56 +0200


Message-ID:
              <Z45iHNgE//P69Yxx@localhost>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4024-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
January 20, 2025                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : poco
Version        : 1.10.0-6+deb11u2
CVE ID         : CVE-2023-52389

An integer overflow in Poco::UTF32Encoding() hase been fixed in the POCO
C++ libraries for building network-based applications.

For Debian 11 bullseye, this problem has been fixed in version
1.10.0-6+deb11u2.

We recommend that you upgrade your poco packages.

For the detailed security status of poco please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/poco

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmeOYhwACgkQiNJCh6LY
mLFuIhAAgwO6/KBCCNy+aTSColNtvnVKavMPpYXvLwgqpu5/LVcgeH6ApQt/ixNi
9/VpXyuDm7FSVP7obuPs+GL55ukRbcr+wQqr6OqJ4LQ67fIu3O9SfwqRkSLVyBme
7IhQDh4fz//tO+98oudfJhdtLMlFN0yhaFnCodBxCfYYq2N9kFs/xQdk8kcVU0Vj
RrGFbqzZrmxwTllyoqxgTKYzO+WGQZ5bxY639UV8YEVGE/0zQnDeKq26VLGRhYCh
vi55VXZ2pPBYmPEysQrjEge8dsxkJO6f5Ib8RlXKN1hvqsnTATa4jHD4cbSZyquf
eKSOmYuCt1wr5Wppz0fAvEF3/cSga41ge2x2vtH07CSjQfehhtTeJAFoyN/yT1oS
IAxAkA19nv1ODJ6huCU6VSbaGYwSTiTDh6DYTTsdRUKnA0EDzj8RrIWeLJmPYH0j
i4imbp8x/4zdYc/LUkmlJNYRv96Q2JciH28+WrAwt9hMUDu9Bk2RigPn2MdbCJVN
Cu/OBBZW5DgACWL4lxaYpeh482YXILo82g5urXQW8utM80fMgSCFei/DOazLRmcT
/zSEz2p2A3KUGw/cqT5e2h/cX++MKU0KJAVxdrh2pe2Lbm/Dxf0XCkXEQ6yrgMKb
/lBKXScG68854dnzykX+T+B2VBkNOlQT9DQY2WI4fZjb/COGijg=
=ttHi
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds