[SECURITY] [DLA 2800-1] cups security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2800-1debian-...@lists.debian.org https://www.debian.org/lts/security/Thorsten Alteholz October 30, 2021 https://wiki.debian.org/LTS - - Package: cups Version: 2.2.1-8+deb9u7 CVE ID : CVE-2020-10001 An issue has been found in cups, the Common UNIX Printing System. Due to an input validation issue a malicious application might be allowed to read restricted memory. For Debian 9 stretch, this problem has been fixed in version 2.2.1-8+deb9u7. We recommend that you upgrade your cups packages. For the detailed security status of cups please refer to its security tracker page at: https://security-tracker.debian.org/tracker/cups Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmF8hkNfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEcrBBAApEZLp9u5HYY6b6H6KP2KE++5Y8EqJdH0ZVzZhbstc+XJhL8oPuFVXt3l DcEfz+I0N0+pKhK+7cobf+yGl8oZVUPTW3Uoj7FsKqRV9xDo8D7J8JDqCSa8r99D h3qTS1rr/LYLl5/O8gxISlcqXjGmIBMqMPsa6Ie/IVN3TUjQ07A7qr5dS2iLpTRG fgSPbXoutuDtzVseJeG1scN88laGIGF5w8zIzwHZvnr30Jo+k+Y1Jxq6eY2jjkKV H5PhiPjKsrFsIM8NFw1ITjXmICeZ9GLQ90AM7GTqdMOs+pghsunzk+9hBnjng5Ca dVofUiCeIi8M7Hzx2NI0qmjqdxnBsKjPWEUT1lKSWS0i9HJMz5ZaGvdVcDVPlfP/ r2RybBAzKYebXi9uy1NcR0MESvUtt9KhNXtv1StZpo443eddUucv8F1Fu+S+pYAX niCOj3P7gdc3pFOh3R3m7PslgkJtWB+1FlkhMctM1y1sbpToeZsMB0+i3GmnV7fw JuUc6RzuXi9cB+SW4Pwa5v+KrruvMxhcW5GE6ayP4RcMp2yQEgb7Am9Tqg0dNcm8 wlr45Boku0pJdzBATjT52XvP0R+9vRQV08L14feYrJcrpjz2E65afqw4GQnR+hiN E2bQd2nNfQe71xXt160gZdibLNRoBPArQtvvMIcgrSw8k+RIDek= =DInt -END PGP SIGNATURE-
[SECURITY] [DLA 2798-1] libdatetime-timezone-perl new upstream version
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2798-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 29, 2021 https://wiki.debian.org/LTS - - Package: libdatetime-timezone-perl Version: 1:2.09-1+2021e This update includes the changes in tzdata 2021e for the Perl bindings. For the list of changes, see DLA-2797-1. For Debian 9 stretch, this problem has been fixed in version 1:2.09-1+2021e. We recommend that you upgrade your libdatetime-timezone-perl packages. For the detailed security status of libdatetime-timezone-perl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libdatetime-timezone-perl Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmF7xgcACgkQnUbEiOQ2 gwJryA/+IsEX/XQpph+MwZX0qwDTlnVbF7H63LlAkPoPf41tUIoCoIv+Ju8wh0Mr aA/4HJVV+EZEFhFfCj6ychy+rrNZrJ9mbmTKZzHvrPj4XGcJ5hNEE6AR5fNDbeSy 3pbDUqIX2u16g7uyLSiQhiOwF/01h143HqByej4W2C1W+bgbeghmzhjpRwumhqqf /e7JDY89/a4aj4o+FcvdmNAaccXPMIvBorAZbxjyHTv7uIlbcemtyNBKp7/qtEAE gvUxvwPkvG+9J+fgyVl2aVH2ebjWVHxe/XdaoNitPhWXgpbn5vijB7JvvWLFJPnA /F8d8faK0GqZOyBc7OgbCSQoendlUN/Nd5nBcfzzlXo6szZ4EeGk2gpceoUMFUIZ Oti2oURz5KQcSHsDBAzPWo9az4xZ1LdNYgx80TrqaG6XJiqUjnijBV+K+lQjXGhe 9fEaMxwWE+8TibbmiIPDcFTI9vJdziw0/8A/NAHqcsPA+sQLQWbxRJheQofK8AAz yCTY5NG2Oa1lnclQwpkOOimhDxKHV747kO74HzLLEVzSCAAQRoqnpqdd+GPIfwJH 7v0raIyTsn5Ld7H+zz21MOHM//9yegxcdyvAKr8bml3t+8CxsjvN1Zi3Ef+HjEmm 4a+8rhgXB8AMkrekYscJHhFFw41oxfeuor5bTMHACxrx1FWnksg= =P+O4 -END PGP SIGNATURE-
[SECURITY] [DLA 2797-1] tzdata new upstream version
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2797-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 29, 2021 https://wiki.debian.org/LTS - - Package: tzdata Version: 2021a-0+deb9u2 This update includes the changes in tzdata 2021e. Notable changes are: - - Fiji suspends DST for the 2021/2022 season. - - Palestine falls back 2021-10-29 (not 2021-10-30) at 01:00. For Debian 9 stretch, this problem has been fixed in version 2021a-0+deb9u2. We recommend that you upgrade your tzdata packages. For the detailed security status of tzdata please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tzdata Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmF7xU0ACgkQnUbEiOQ2 gwJKyA/7BNmiClTvWZ3ISNQCuANaM+Z29KNcjyQ/7TpGHyONsuuqzrFPu0XNqJ7J mbIMhJO+9QIKJu86jpOo8BAq/UlZI8qWjaeQBJ5H5XtRsHGu/BzX1jaUtxXFZqQQ DDE7zpjKV/xjSxovlz8ZYTbQSVT910zonjfqG9FKD/0FWkNe5bFPTk1ekCQZehuV L3jOMhdrHsOL/VdXEQ/PabNS0iiRNPDEAYqfHGmCRXVirsJfb+KjyCM7pbHnWJVR prJWVXA7DiUp6b5CkgDCsDm9ZC0SyH378hGkqjxkrftJY09KTM8KtVFdfTEOg80b XBKrOtV4NsmmCr6IFbTELVBy8BbJhVfpa4kABu6x40wqnODdGrIexlq6iGih0jJq C9Lzehvq9lOvee6Otva1/i8xfVzx7jzhX8pv9h3OpFKW1ZP6RFATMDGWwUyRuP9P leiU3rVo8VG+Nn8tG1xB18k3TfPQPByUVDpbSZ+Uv8E/yKk9pwI9dYEicNoJBpdb jmQSPQnv6TkGsYETbrwt04Co7FB3rWPi7vyjR/uGaDmd4lYZeK6AgoFZeWhk8Z6k 7ii1LjvjbacIsKuceac/GH9kmdi5JuBPGVK4Nf9CT3QUVfbBqEFnRKU6NdJhkalj +iz1I6J9S0RPm1ILTkhlIOElcuzuHDYSiksMV66QqmeCYFfR6aA= =pW79 -END PGP SIGNATURE-
[SECURITY] [DLA 2795-1] gpsd security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2795-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk October 29, 2021 https://wiki.debian.org/LTS - - Package: gpsd Version: 3.16-4+deb9u1 CVE ID : CVE-2018-17937 Debian Bug : 925327 A security vulnerability was discovered in gpsd, the Global Positioning System daemon. A stack-based buffer overflow may allow remote attackers to execute arbitrary code via traffic on port 2947/TCP or crafted JSON inputs. For Debian 9 stretch, this problem has been fixed in version 3.16-4+deb9u1. We recommend that you upgrade your gpsd packages. For the detailed security status of gpsd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gpsd Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmF7qtIACgkQiNJCh6LY mLHbiA/+OQ0sO2C7Kw3+6DrZ3YGnORgeHrj3WuZ3I1T1RyuLbOUB8i9dqZpP9ZQH 7Hsv64/IF/60bsnUsVqmkLLQhrq0Fs+eeFr+nujhsrtXdUzD3V8/6QdXEq+Ll7qG BrFsbrT/jpEd5JjYeZszYOAEeYI4aUe7AqGD7Ig0/rh33L+wFaQwuEdUfL3qzEi3 y/e+W8rRsVXOAk2zpZ6cUUajsRqb/uxszmjV+q8Nc8hNib7dKjXcnLll1y12FjHa zapX9j+r110nJMXy9h/5G9tH2pElJwVzevZGO4++4xw5bo1HAD5yThOAGJ7miqxE xy2Y+3SAS35j3eKEJ76JDt1aBOSx6zYatBVCk+ojBNrAH77r9bAfoN/Vmrtqhq4K +9nM+CUvIfxFpPN9nF2Sbr/DMtuaJCLl+lqtrphVVkmVaipD+JivGEJO8fTtmKDN 9IA5Xq0PyIDqDAwL+Qtlxq9az0PnzHVp4cIkCKYy7dFRnIfxqKbqaCT/Ph3NB1yF Pfj2wjNgNsLFEG9ZN091IA9Xlaq88GvPLSWDOEP1Qq1uST8sA2M12NmLjWQK1+fD EgcaR6J0lCEI42JpTBTQ+08mYMbaWGp1TNf5s68h+yYnszZusm/KdEJwbTJHFrAc jEaFlFP8VrxgNhlplxvJascfa0j2IW7cDD2VuZodSDdPJk43PXU= =QfLe -END PGP SIGNATURE-