-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5481-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 20, 2023                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : fastdds
CVE ID         : CVE-2023-39534 CVE-2023-39945 CVE-2023-39946 CVE-2023-39947 
                 CVE-2023-39948 CVE-2023-39949

Multipe security issues were discovered in Fast DDS, a C++ implementation
of the DDS (Data Distribution Service), which might result in denial of
service or potentially the execution of arbitrary code when processing
malformed RTPS packets.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2.1.0+ds-9+deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 2.9.1+ds-1+deb12u1.

We recommend that you upgrade your fastdds packages.

For the detailed security status of fastdds please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/fastdds

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org