Security News

Cybersecurity news aggregator

🐧
MEDIUM Updates Debian Security

DSA-6271-1 gsasl - security update

debianlibrary
  • What: Security update for gsasl library
  • Impact: Debian users need to update to fix input sanitization issue
Read Full Article →

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index] [SECURITY] [DSA 6271-1] gsasl security update To: debian-security-announce@lists.debian.org Subject: [SECURITY] [DSA 6271-1] gsasl security update From: Moritz Muehlenhoff <jmm@debian.org> Date: Thu, 14 May 2026 14:38:27 +0000 Message-id: <[🔎] agXeY95D0g13sz7i@seger.debian.org> Reply-to: debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6271-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gsasl CVE ID : not yet available It was discovered that missing input sanitising in the DIGEST-MD5 parser of the GNU SASL library could result in denial of service. For the oldstable distribution (bookworm), this problem has been fixed in version 2.2.0-1+deb12u1. For the stable distribution (trixie), this problem has been fixed in version 2.2.2-1.1+deb13u1. We recommend that you upgrade your gsasl packages. For the detailed security status of gsasl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gsasl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmoF3gwACgkQEMKTtsN8 TjZNcA/+M8SUrM+6GWUX101Asox+ywwP9XzeHAtJF929nDZ2TUiCftAOMheiQrlQ Qo/ABJ5W8e/HoAGL6Oywfm27KAPzN/1HbLL1IdJYkbm2s2gWUEef1hSwdH+0AXeU rA5j+gO/6JgqysDkXab05cDnzPpPCCCfL6+LysvtcDm0sQTkXUvno5NUEjX8AKrQ zAJ5mgpPOmmGBPrkOWyWEyrFyFjcJDzPmmd1mz2XrvHMz/YSPpiqSaEWKC3rVptV w6DY9lfGOCeQ10Cr9mJzD8VMIFRRCF4QdvxAPPncLKFkLLlOAGmys+qSUPQuwNqh +Q7UsPoSoVjShtinTsRtZP+jtMJy/9hVrGnG8Oq/kdNAtsZ868TTSwxw+JTyjVE4 9jXUBoGk0bBCYm6I62lkdS+CU3CdtFTz3/ySGShjXetlOMd2rJ7nJgAjw+Pf/vXb d00Qw5FUe6t63Q0R0qZw/UIR10Yl7Z2Us04+1CUcZAmOx5ePMCunvSg9f1mnOq68 FHPRn/TYGFZKWfx5s8UBga5zX/TNTqVbDLzX56vF/Z6vdal5kUw6/IpMRByQWC/S FUNNZu8v5arUe8HogLmrGTE4IUdIKjG83+11kgMiYxuA3WyTHM20Y9k1V/Ckh+ti gW9wK+I7A4nqxMlXLSlSQRjnq9SG4PUyhZlazJNIlgYelM6EtYw= =QNTN -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Moritz Muehlenhoff (on-list) Moritz Muehlenhoff (off-list) Prev by Date: [SECURITY] [DSA 6270-1] postgresql-17 security update Previous by thread: [SECURITY] [DSA 6270-1] postgresql-17 security update Index(es): Date Thread

Related Articles

MEDIUM DSA-6277-1 openjpeg2 - security update Debian Security MEDIUM DSA-6191-1 gst-plugins-ugly1.0 - security update Debian Security MEDIUM DSA-6190-1 gst-plugins-bad1.0 - security update Debian Security MEDIUM DSA-6140-1 gnutls28 - security update Debian Security
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn