[SECURITY] [DLA 3976-1] tgt security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3976-1] tgt security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sat, 30 Nov 2024 09:30:43 +0000 (UTC)
Message-id: <[🔎] alpine.DEB.2.21.2411300927300.1484@postfach.intern.alteholz.me>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3976-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
November 30, 2024                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : tgt
Version        : 1:1.0.80-1+deb11u1
CVE ID         : CVE-2024-45751

An issue has been found in tgt, Linux SCSI target user-space daemon andtools. The issue was related to using rand() without proper seed,resulting in identical sequences of challenges.



For Debian 11 bullseye, this problem has been fixed in version
1:1.0.80-1+deb11u1.

We recommend that you upgrade your tgt packages.

For the detailed security status of tgt please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tgt

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmdK20NfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEcvaQ/+NnjWE9oZ7qt6ho7Sd8LNn0Ys5aBaBhQ2RAEQvdlZ5PdW9ru7r7lhJptI
DYCVBIlLN6PMKoS7EYPAV2zTKvhMRw9LqrL3/97usq5y7uS7guTZSr20ao5/UFd8
oYwsnKOzTLE28hjCHh2JCTrFT+b9ugyQ/AyDI3S55dz2jOMGE+XhJSBGDkrX8eD5
cFAv+GOkgXxL1GAW0gcPy7R3pvabnk7h72KzJUj6/2om/qc/GtoF3eHi0otJbcKG
ltUpaA/CJ4pmfmTJ8KACUDu2mHs/r5WDP4QBCDTqJobpf6x6hPd0Aqewl2GjDbRq
IXPrlkynfYmGcc5j0hN8U7mOQcFk6sDNy8dIr77QL6j/whuXq7mNc8GYlB5E48JT
3DA6R6X5k1jdNpFLACKRcK50m5/mQY25B8ldMo7KCWo0pPEobB+lUwmlGtGfCI5L
dmxXIR9PEf67oMD3TKpIsWAYDiUzsqGoLxx/Hx+hSwR1OC2KzaUTXMrLqBvCfPN+
rBaoeKIm3Hl87bIuGh/x6V0M7JG8wLtg70bd2YUcovvSAZCSq/BHAH/AnqjA1/1M
ImFpWqqwUz6bwZ6mY4oW/tTv198Nfh6hvL/dKjos55GcRlqTLPV/ev9kusE32JN6
f24+ToESFOpbcQpGb9PGJ4P19dwiyPzKPBEYY5mUEN9AaIpS9ME=
=odU1
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3975-1] proftpd-dfsg security update
Next by Date: [SECURITY] [DLA 3977-1] xfpt security update
Previous by thread: [SECURITY] [DLA 3975-1] proftpd-dfsg security update
Next by thread: [SECURITY] [DLA 3977-1] xfpt security update
Index(es):
- Date
- Thread