Bastien Roucariès
2024-12-22 10:50:01 UTC
Package: release.debian.org
Severity: normal
Tags: bookworm
User: ***@packages.debian.org
Usertags: pu
X-Debbugs-CC: Pierre Gruet <***@debian.org>
(Please provide enough information to help the release team
to judge the request efficiently. E.g. by filling in the
sections below.)
[Reason]
CVE-2024-47072: stack overflow
[ Impact ]
Remote DoS is likely possible
[ Tests ]
Manual test test does not backport
[ Risks ]
Code is simple.
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
* Team upload
* Fix CVE-2024-47072: XStream is vulnerable to a
Denial of Service attack due to stack overflow
from a manipulated binary input stream.
(Closes: #1087274)
[ Other info ]
pgt will likely review
Severity: normal
Tags: bookworm
User: ***@packages.debian.org
Usertags: pu
X-Debbugs-CC: Pierre Gruet <***@debian.org>
(Please provide enough information to help the release team
to judge the request efficiently. E.g. by filling in the
sections below.)
[Reason]
CVE-2024-47072: stack overflow
[ Impact ]
Remote DoS is likely possible
[ Tests ]
Manual test test does not backport
[ Risks ]
Code is simple.
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
* Team upload
* Fix CVE-2024-47072: XStream is vulnerable to a
Denial of Service attack due to stack overflow
from a manipulated binary input stream.
(Closes: #1087274)
[ Other info ]
pgt will likely review