Debian 10226 Published by

A fastdds security update has been released for Debian GNU/Linux 11 and 12 to address multiple security issues.



[SECURITY] [DSA 5481-1] fastdds security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5481-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 20, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : fastdds
CVE ID : CVE-2023-39534 CVE-2023-39945 CVE-2023-39946 CVE-2023-39947
CVE-2023-39948 CVE-2023-39949

Multipe security issues were discovered in Fast DDS, a C++ implementation
of the DDS (Data Distribution Service), which might result in denial of
service or potentially the execution of arbitrary code when processing
malformed RTPS packets.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2.1.0+ds-9+deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 2.9.1+ds-1+deb12u1.

We recommend that you upgrade your fastdds packages.

For the detailed security status of fastdds please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/fastdds

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/