Jump to content


NEW UPDATES Debian

debian updates sunrat bruno v.t. eric layton

  • Please log in to reply
1603 replies to this topic

#1601 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,924 posts

Posted 14 July 2019 - 07:03 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4482-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 14, 2019                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2019-9811 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712
                 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11730

Multiple security issues have been found in Thunderbird which could
potentially result in the execution of arbitrary code, cross-site
scripting, spoofing, information disclosure, denial of service or
cross-site request forgery.

CVE-2019-11719 and CVE-2019-11729 are only addressed for stretch, in
buster Thunderbird uses the system-wide copy of NSS which will be updated
separately.

For the oldstable distribution (stretch), these problems have been fixed
in version 1:60.8.0-1~deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 1:60.8.0-1~deb10u1.
registered Linux user number 324659  ||    The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted Image
For the things we have to learn before we can do them, we learn by doing them.

#1602 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,924 posts

Posted 16 July 2019 - 07:37 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4483-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 16, 2019                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libreoffice
CVE ID         : CVE-2019-9848 CVE-2019-9849

Two security issues have been discovered in LibreOffice:

CVE-2019-9848

    Nils Emmerich discovered that malicious documents could execute
    arbitrary Python code via LibreLogo.

CVE-2019-9849

    Matei Badanoiu discovered that the stealth mode did not apply to
    bullet graphics.

For the oldstable distribution (stretch), these problems have been fixed
in version 1:5.2.7-1+deb9u9.

For the stable distribution (buster), these problems have been fixed in
version 1:6.1.5-3+deb10u2.
registered Linux user number 324659  ||    The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted Image
For the things we have to learn before we can do them, we learn by doing them.

#1603 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,924 posts

Posted Yesterday, 09:49 AM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4484-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
July 20, 2019                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2019-13272

Jann Horn discovered that the ptrace subsystem in the Linux kernel
mishandles the management of the credentials of a process that wants to
create a ptrace relationship, allowing a local user to obtain root
privileges under certain scenarios.

For the oldstable distribution (stretch), this problem has been fixed
in version 4.9.168-1+deb9u4.

For the stable distribution (buster), this problem has been fixed in
version 4.19.37-5+deb10u1. This update includes as well a patch for a
regression introduced by the original fix for CVE-2019-11478 (#930904).
registered Linux user number 324659  ||    The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted Image
For the things we have to learn before we can do them, we learn by doing them.

#1604 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,924 posts

Posted Yesterday, 07:15 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4485-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 21, 2019                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openjdk-8
CVE ID         : CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2786
                 CVE-2019-2816 CVE-2019-2842

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
resulting in information disclosure, denial of service or bypass of
sandbox restrictions. In addition the implementation of elliptic curve
cryptography was modernised.

For the oldstable distribution (stretch), these problems have been fixed
in version 8u222-b10-1~deb9u1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4486-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 21, 2019                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openjdk-11
CVE ID         : CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2786
                 CVE-2019-2816 CVE-2019-2818 CVE-2019-2821

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
resulting in information disclosure, denial of service or bypass of
sandbox restrictions. In addition the implementation of elliptic curve
cryptography was modernised.

For the stable distribution (buster), these problems have been fixed in
version 11.0.4+11-1~deb10u1.
registered Linux user number 324659  ||    The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted Image
For the things we have to learn before we can do them, we learn by doing them.





Also tagged with one or more of these keywords: debian, updates, sunrat, bruno, v.t. eric layton

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users