-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 23 Dec 2024 10:30:10 +0100 Source: fastnetmon Architecture: source Version: 1.2.4-2+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: Patrick Matthäi Changed-By: Patrick Matthäi Closes: 1090387 1090388 Changes: fastnetmon (1.2.4-2+deb12u1) bookworm-security; urgency=medium . [ Moritz Mühlenhoff ] * Fixes CVE-2024-56073: Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service (divide-by-zero error and application crash). Closes: #1090387 * Fixes CVE-2024-56072: The sFlow v5 plugin allows remote attackers to cause a denial of service (application crash) via a crafted packet that specifies many sFlow samples. Closes: #1090388 Checksums-Sha1: 83f53634e09f293fcbe0e825aa739adcf1f9f3ad 2322 fastnetmon_1.2.4-2+deb12u1.dsc ac18fdb65c8ca3295b2b8b70494194ccd4eecf46 1056097 fastnetmon_1.2.4.orig.tar.gz 8845c07583c208a8e6079d10da55988882f3f800 12776 fastnetmon_1.2.4-2+deb12u1.debian.tar.xz 98994b1f33cde4ad7fcb7100933d435cea547c12 12550 fastnetmon_1.2.4-2+deb12u1_amd64.buildinfo Checksums-Sha256: 45910deed0e406cd4a128583eb77b323642ba34fc934df379d11507d0832d058 2322 fastnetmon_1.2.4-2+deb12u1.dsc 84cd5db0e270f6c268923592eabd5cb0d1689293d9d9f6f0634af548b29f9bb4 1056097 fastnetmon_1.2.4.orig.tar.gz a1124b5cfd18151a9cf8ca55bace8b4988ffe872765001ddcd3b27fc415a7a39 12776 fastnetmon_1.2.4-2+deb12u1.debian.tar.xz 80a7e047172a9e045c97fcb4112860fd42302c1258730ad68ecbc46bf16dd3fa 12550 fastnetmon_1.2.4-2+deb12u1_amd64.buildinfo Files: c2c33229f52196969c85ca5cf389a419 2322 net optional fastnetmon_1.2.4-2+deb12u1.dsc 0dab1097b5efd6fc2e39fea784bfd3a6 1056097 net optional fastnetmon_1.2.4.orig.tar.gz fe78edb8a569ed0b3768d74ecc72e6ed 12776 net optional fastnetmon_1.2.4-2+deb12u1.debian.tar.xz be6023df89d06bec6bcc66411eadb19f 12550 net optional fastnetmon_1.2.4-2+deb12u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAmdpTh4ACgkQEtmwSpDL 2OSxYg//a6L/LRH1f16JQmvBV/Nc2hT8Yw/zbkUvP0Fkb/dKGKUrz2AUls/vJ6VV PjO80Oh1BCJGSd7gh28AUqGjtZt8aA0ebmyoBuOSKyim8lLhImj0cf4FimObQRfA WYXAoX5IAPzwy1UubokC4pFJHnWuRho03Yo3Lf4dYBtxWArp0JHjLmXbdj4FqQCE XzjAvwdSnSqFZS1QUorgbFiPMBzCweF7OEscLhkXkP/kaOG869GWRB3yy/y/qUey cvPKOzO8LXrG5e8e1Ab0vw9EdaIIKx3B+OEPFg6BIoADkGYwmH+Gci8zuf+t3bC1 rwiJRMLCngofo06LBNP2ETaU788tCNlsascGE4viGmf3z6m8AjY1k6id8hmgtvdk wQkkQ0f/aBZZz1xu/XRS6gvuUH5eUFBmoiMyuntKN0+k3lc6tr0HWRKlT/yo2SGr YKPdaD4v9Jc2tgqV4DrZgJFLD/a6733wfO9/YxQkJ4il2RUwuTwrRNZiCWQf2d4O XhS1slZJ32wT3riL2RoyGUfYmF87JWz9ad/igr1Xh23wwUJw869gTLb2EXnx1Gj+ pD0ODhO7g0BGEMyCERRjOrueKHD8zC0CgczNFp6eANNvtTTTi0KgG40J8p4ptXu+ EnIiFiETzy2YU5Nc60zf65EP5demBe6x/wkvIXHMhuS8yn35t7A= =EwgV -----END PGP SIGNATURE-----