-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 Feb 2019 17:12:12 +0100 Source: gsoap Binary: libgsoap10 libgsoap-dev gsoap gsoap-doc libgsoap-dbg gsoap-dbg Architecture: i386 Version: 2.8.35-4+deb9u2 Distribution: stretch Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Mattias Ellert Description: gsoap - Stub generators for gSOAP gsoap-dbg - Debugging symbols for gSOAP stub generators gsoap-doc - gSOAP documentation libgsoap-dbg - Debugging symbols for gSOAP libraries libgsoap-dev - Development libraries and headers for gSOAP libgsoap10 - Runtime libraries for gSOAP Changes: gsoap (2.8.35-4+deb9u2) stretch; urgency=medium . * Fix for CVE-2019-7659 Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and libgsoapssl/libgsoapssl++ libraries, as these are built with that flag. * Fix issue with DIME protocol receiver and malformed DIME headers This patch addresses a critical issue with the DIME protocol receiver that may cause the receiver to become unresponsive when a malformed DIME protocol message is received. -- https://www.genivia.com/advisory.html Checksums-Sha1: 728a27103660f0e6451ed95c0e8f08faabdbd581 3740338 gsoap-dbg_2.8.35-4+deb9u2_i386.deb 93d53fb773cb929192082d9b5f4b48804b7d5f10 8320 gsoap_2.8.35-4+deb9u2_i386.buildinfo dcab9bd2ec85e4381930071add70ab4d39c5bc2e 977092 gsoap_2.8.35-4+deb9u2_i386.deb 1b20689cbe546371e42e0e60d54e5e1b695adf5d 991416 libgsoap-dbg_2.8.35-4+deb9u2_i386.deb 6d6bada23effe599ebf6025a146a56e5a0af958e 283366 libgsoap-dev_2.8.35-4+deb9u2_i386.deb ebc2f8904f4dad9b4b69655603ec94960fc36662 284796 libgsoap10_2.8.35-4+deb9u2_i386.deb Checksums-Sha256: f51fff3eba2008d9ce2592d6e8b3abb9cc608216b25c979878f17de4b781c9bd 3740338 gsoap-dbg_2.8.35-4+deb9u2_i386.deb 98d6a40dffe1be53dab63fb988d33346ea424e486d9e54d82ddbcfa5a068f028 8320 gsoap_2.8.35-4+deb9u2_i386.buildinfo 395b01e5b512ad2e62b1034a68a9fa7013fb710b20100edff510276487ab87f3 977092 gsoap_2.8.35-4+deb9u2_i386.deb 867409cc6d5992b1185f9c8e1c1342a925e73b944fc14115fd817aacf8ee0b3e 991416 libgsoap-dbg_2.8.35-4+deb9u2_i386.deb d37e73c924869c9b7f2bdbcb3a19120cf9db5b00e1bc3b7b52bf003ebcb0101a 283366 libgsoap-dev_2.8.35-4+deb9u2_i386.deb 7feee435750001ce3675c0db746bb707abb35c805b9f3a7625e61789e9ff680c 284796 libgsoap10_2.8.35-4+deb9u2_i386.deb Files: d2b667d13449fc6e1b586ab522d5da2a 3740338 debug extra gsoap-dbg_2.8.35-4+deb9u2_i386.deb 217c18867e35965adc261dcfb1b846fa 8320 devel optional gsoap_2.8.35-4+deb9u2_i386.buildinfo a53ab9fe90fc8105a45d62ef5f10be32 977092 devel optional gsoap_2.8.35-4+deb9u2_i386.deb 80737a2692c6a6a2c3445d86d91725c6 991416 debug extra libgsoap-dbg_2.8.35-4+deb9u2_i386.deb 1f90651c65eae9f3ba90a1914261a3d9 283366 libdevel optional libgsoap-dev_2.8.35-4+deb9u2_i386.deb 357465bba329d512bfd13fb9d35030a1 284796 libs optional libgsoap10_2.8.35-4+deb9u2_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfQCLkDuIfHLCXwkJVmLYJthWcBwFAl0zgnIACgkQVmLYJthW cByNWRAAvM+HbpMkmn2JG3hCFsXjH518B7xleoDgjP1ezveHIsfZ2QegHxhqRsqO z98YDIaHX1ZzQWUdThwMEq1US+d10v+Xvxp4lnTt3DSPRp1Z3wKzaKySbEo47aXk o4ebbH3d9yFXBh8/d/1rOtAyBv1f1RVg5LpeqNbFgyM+lq2KGLjFANGhCwjri5NE xGK6rXbmMUJjd68CLjBxL2XZEnVgNAZyVTmCuKguoyUzGZY3XoI+ABC3rL2Euy9a sE72VrM/yYrFBHouYA0qy/SUbJCI9DyzEG74vTnfzMH92TDDhxi9npDIeVuAsKgX znmrKdaEFdgGFAti9ccLrOGuqkVisIW31mThycQzyNTb9WNSGOhc2P8VCBYfa9hh q+TNFPUR0fJDPP7LbMkNrMjWUzVq/OMGcyZg7cKt8i6jy/J/s31JsQ958cGGMrVG N6APFy7W+wNJws3riMHHnOrP1q9hQrXZoOaLE/xGRTlUtoRWDz1ctO9rWSm1jNFL ejNyLmCCyjq2WDG+HyZnRV/hI9oYfmHLwqU2XuZ8UZCyjToKRe58O9IejxOlxC60 W38NRH1m8m0sYxQbub2gszvpV+BzVwh27dz2mWhx1+DvsM6FvMTGKrIYbaVGuMqf jfDJP9c7d2rGmQfyAVw7JDovEEPyiQeMl+LEQf0zdvoSRi4oktc= =cmg+ -----END PGP SIGNATURE-----