[SECURITY] [DLA 2831-1] libntlm security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2831-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk November 28, 2021 https://wiki.debian.org/LTS - - Package: libntlm Version: 1.4-8+deb9u1 CVE ID : CVE-2019-17455 Debian Bug : 942145 Stack-based buffer over-reads for crafted NTLM requests were fixed in libntlm, a library that implements Microsoft's NTLM authentication. For Debian 9 stretch, this problem has been fixed in version 1.4-8+deb9u1. We recommend that you upgrade your libntlm packages. For the detailed security status of libntlm please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libntlm Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmGj1IoACgkQiNJCh6LY mLHQBhAAl02afNlTzguUk/Nsg0T7VplmnKPKmUWhtNaawtjmuhFPNYDpmoyPT0TG +Y5eY2CU7I9752FDCGGVrzG8OQKiUeDNFhAsd/oAFlquDS9CP7Gg0YRAMXU7FApZ CUGOQnLn2XDUWWuvqzoN9DF4g1iRpZ/KWD4iIR8w55olHJT7KufgCeI6lvj+WYot DxYLVa98I8q12mVgYmso8+2gO+hRs1Fn1pWdrOzkgfUYQW+PiYVq40TMjRADEoTB XHXTk1VS9wMeyBFozUWB1ZQWkkIZ83BuTnOHJsVrSL0Qfjmwm+dGRRt7fs9NBX65 uxFQlcv7auIWKvhF7wY2WomPC+2xDk8CeZMf1KU4k9+CTT0C/K5V3YXaRF+FksJR rhBL1x7xzBTHl47GLYWkFKH8XusVJyDGMbM5YddJtUQ/EgN1W6VEcaOtzDv28EH0 ot0ZN/CsVvrUGbBdaSzN4nvfYYN2UtXpQuiHKYi4qy7yAjC4jJwfAQCOrOX2MHDq IcA0fzorryokVFsiIRIeVx7E9kCEO9d8jqcGMNjYL7CS39HKDEsQhoJ14tbjShyj aEGvNhTFBamLtaQFYOG5TtsSKFG+i85gicVz+JFGxezS3aC51RF5328qAs8CG/ii E6rV5AA8AlEY2aXBHEvObmBr98FgTVjMkFW6W7IrFT4Kx7d70Ok= =H+Gs -END PGP SIGNATURE-
[SECURITY] [DLA 2830-1] tar security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2830-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk November 28, 2021 https://wiki.debian.org/LTS - - Package: tar Version: 1.29b-1.1+deb9u1 CVE ID : CVE-2018-20482 Debian Bug : 917377 An infinite loop when --sparse is used with file shrinkage during read access was fixed in the GNU tar archiving utility. For Debian 9 stretch, this problem has been fixed in version 1.29b-1.1+deb9u1. We recommend that you upgrade your tar packages. For the detailed security status of tar please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tar Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmGjeGcACgkQiNJCh6LY mLHSHg/5AXIjprt17Hm8R1Wf6x+jDa70VI2AJjz0lXqIYIPAnipPtpcshz9UJL3L ut8/Jg/W9gcCUNzj9WcQcJ3n3sPGvgUZCfeAsCr/bA8ISaXHmxrNIpJoJ3wiitNn zn3gaEWxLL4puONrZagUiYIKJz/938STCxnV/aqViIgDFwPKyrrYGkoW5+o6PZ41 2Cfk1y4uVwz0CP5rhEDDsq2W5RaR8kCCansIkdKpTDemHibPelpT172X3tynRA7E sWHGNrrkCuWKI0kD9NQB43smWAioQHlLBIaMVDGo/WyeFq0on6Jx6p5FJF22yxNK MInn/IC6tsFpaE+RQjfmUk81CZ8dB5diMjVFfkjt8cWqKchETIeW6oosjy1m4+WW 2uy+TzmfRtwYDfL6ceP0MOVCKCz8BDvftEjTcO3iTXhxxtPNMF4oeuM493TQ7PeQ KUef9mYTNa6ICcSLcxNUUQFMb8OflDOXOiz0Ie6RampkxMofQ/FkYkzWbjPsAu4G 0nmaTgrBNuwfzguoIqCYHJIq49SMwOt/c5dOeAZp1xxa98SaJt2xJ3C7gKJn78AW B7Eg1SnGZzovp2Eg5/ogoW4K9l4n+s+yzLZhdqkr4sPEKvFlkYuNGDqdDapQLMyT BMbDysNKFdeo7fYdS6nB7tDq1zX/9PJrUh4cg5oveD2fPJAcv5c= =YlwR -END PGP SIGNATURE-
