-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2022.4265
                           ndpi security update
                              30 August 2022

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           ndpi
Publisher:         Debian
Operating System:  Debian GNU/Linux
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-15476 CVE-2020-15472 

Original Bulletin: 
   https://www.debian.org/lts/security/2022/dla-3084

Comment: CVSS (Max):  9.1 CVE-2020-15472 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)
         CVSS Source: NVD
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-3084-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                         Anton Gladky
August 27, 2022                               https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------

Package        : ndpi
Version        : 2.6-3+deb10u1
CVE ID         : CVE-2020-15472 CVE-2020-15476

Two security issues have been discovered in ndpi: deep packet inspection
library.


CVE-2020-15472

    H.323 dissector is vulnerable to a heap-based buffer over-read in ndpi_search_h323 in lib/protocols/h323.c.

CVE-2020-15476

    Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle.

For Debian 10 buster, these problems have been fixed in version
2.6-3+deb10u1.

We recommend that you upgrade your ndpi packages.

For the detailed security status of ndpi please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ndpi

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmMLOuQACgkQ0+Fzg8+n
/wa5EhAAk2gRn9sJAlealaLCTNtatgM1VNAS6+qans3GFqUd++lzcD5DX1i2e6Tx
lOR55eWNLeMqx3wP6w67Ik+uPvEfmPg6AKk/EiGkcgRfw8A5ZFdAXfg8yT7cC723
X/9qK7FepHR0cB297vzXezrWggV/Mjbsbfx3ZfMyUiS5S4iwSR5sqsNNXdLkudKC
E3AymRsUKhOty6TSCRilNOd5kvORx9eJvUUTJca8Tfo6LwTQBCRWyTX6hU/5gQqP
el5n2K+MZJ5eV0+ckrj8w8dCLT5y3M+/qgZGSosOMdqKSDZrNzDdvuUF8EKSjN6z
4H+ba5u4Fxr6oDCC4V4uCijsSTvbslH+XwGMCKGABxPL3Yq+ldC7H9mZIi5bJEGr
gwu4iEeIAzIlTPdLvyycBqgLPV8S2Dzv7HV5Z1SXp6f38fUBczBTyq0kBSXkivOq
tAH6eKGtqkiW1VXY1JSCl197GaxDrHQkBdFG3bDI+3hX0Kx9MN8qXBc0mShOkGep
788dVF38OL5BtOLVRwTLCsqGX2+mZX1hA1SgvZ8v3wg4Y3gZoIP/p0UYNsa3XFEV
DZ3QamPS/YZlWhLfa05sTC+CaM5+W7SYkTaPT84wpyPd3//XaXYUuK+LUxBnkt7N
t9PCZPXxSc+xlsECEWadAiXvTVDN7Q7iBkjuqps19PcQy4mMQjs=
=ufUV
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBYw1zNMkNZI30y1K9AQhiKw//YlZligVtdSafy53TECH4k/DyegcSMdfF
N8pK841S3kCMKO7QT4tvS2VzXAS7/MUC/2L2OHXEuS2ng6nRhmy0WitHOdE3yYiq
FHxHhL3QEQ0ogrcUwrWCSWWI3zjjlz5TrIcQ6v3oeQecaqkHA+hLTq+Lr54ALxDM
2wrGGf9qBkWVwH1aTwCNuJvYEvEdmPddQncB8MxmmV40weH2+m4NFYqosrjSlLRS
pRnk1O73032ASdhI99j/m0js0NBqb3MTZ0uxkBrPViyobUE8TGvOSSfFfd6bh8CF
WQdxMrJ2YB1H9yJcNoTrt2k136VKxPVKt4+GCem4WlXaClDcgMZtoNmRs16WOGCT
9W7Nwe44ICqyEuWHy0G5rDyhOMeBCzBA2p2oz5RFZXkkm9puTCcg8Z6mW+R2GNMd
Wm6Xfs0apRhQ3QuMu5EoznNcL2vEM4N8XOLaQ/b0tST+PmXzfuJAewPUMEsgTxp/
Oq3FwNebmOjr0bN0XQA129GagEjDHY2GsNLTha0MZBRwoB04Kz9vlq4otLnwYXfE
q/j7JvIJ48tGrMWaPrvPaBHYjFE2Yfy759aDwNQ1ldziV04aB/RLEMB9CPrJAozC
Lp5NLyt4/VTl5a2+VOmeL3VSxvA6UBBu7ek+ap40A95JVjgf0YDAGKBIzdy8NI8z
dM8LJVUiylE=
=FT2D
-----END PGP SIGNATURE-----