[SECURITY] [DLA 4295-1] libhtp security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4295-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
September 08, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : libhtp
Version : 1:0.5.36-1+deb11u1
CVE ID : CVE-2024-23837 CVE-2024-45797
Multiple cases of denial of service due to excessive CPU time and memory
utilization have been fixed in LibHTP, a parser for the HTTP protocol
mainly used by the network analysis and threat detection software Suricata.
For Debian 11 bullseye, these problems have been fixed in version
1:0.5.36-1+deb11u1.
We recommend that you upgrade your libhtp packages.
For the detailed security status of libhtp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libhtp
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmi+2Y8ACgkQiNJCh6LY
mLE32Q//fitTBvcbTCUbXoBYKh5mrqldWQBNQVn72O/zV6CWvWDkkdXPpwZQ/d8C
8dALqqOW8c2mLLoHAZSg2NPoPIOxzvg8BwVpfNFReWDHfxWqlMuGqwtnEJkuOHUE
HPf63Zfjrg02RpFJB+KzfxURGP36CbBKZUx0xSF/WSa9f48fph8uyorsONeZm2DB
Z3zuTKVrVW0ULOgXWdzJPN0oYjJVGaCtaUEo1snBUA6AhljWZ3lrBWcvTpxn5Tee
p8F5sXK5oekb4CE8nAGdiU9ENJEHkl1FxxlHqGOW9BdGQfwBxzPK9Z5RhjQh2v2e
tsfNaCBJp3z2g2ngeUNba1DQO8JApTTuby4SIWEff5irxc+X6CiS0x2zxMCiOIZX
kIaQzXRh4LTkgeG8eoBiRPuUsM6CZmGRM+HOJ7HQpI7yDq/itOWnWGMoMCnXHvU0
FL5TtGZQR40fDOdtyUK0D7fy233NLA+ynTn+i4fFIj+3GwCUJkFi6WRYeI4+a7ti
Ro0fRtYyQ8uGo+q5tpCO3BQpall+6g8NeGwb5VK8Lnwxmg3evPVSChFhMHVtlkSW
Vy/RGsAhwJtYlzkt0R/CRPzD3Hd9YzoovAHvFzxD63IdrEydp/bsAH/g1VDJBFpw
H4kLBTojU/IlgKveS1I47yX1GFrPulN0Qk7qZT2tXlYMe4AOK6E=
=oZPK
-----END PGP SIGNATURE-----
Reply to: