-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3343-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk February 24, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : mono Version : 5.18.0.240+dfsg-3+deb10u1 CVE ID : CVE-2023-26314 Debian Bug : 972146 Triggering arbitrary code execution was possible due to .desktop files registered as application/x-ms-dos-executable MIME handlers in the open source .NET framework Mono. For Debian 10 buster, this problem has been fixed in version 5.18.0.240+dfsg-3+deb10u1. We recommend that you upgrade your mono packages. For the detailed security status of mono please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mono Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmP51+cACgkQiNJCh6LY mLEVUg//SxvSPQUHmgCUSDx48KWq4dvQ/HdQsyKmo/3uUOhoU9+BmeK+dj0Spv+7 YVPMfKe+9aYG29ufKIh3O1Yk07eRtii4z3b0WnffUnhIbV58AziqutlKzhr6k4r/ NIB0zzg1+7XLUlViBJW3TV9JpytR+hObvRQnsSTEA70EEYPoRqmjql5RbC5gS+wU ed6ZamPQoVvgbAng6j3rzsjYsfAkMM1rRukAeyPnJ6BRKUEsUsluLBsCX6OrBCRR CaebbNo4d7sxUy2GoRMKNd+NJV0Tr0JjZ4oZpXD2sdxmkJ2UGaXVheOY428UDHNW zeEFSq3dNu1GFSrjJE2YNcuIxJnB6J6k1/CaJbDLP/pls+5bgANcPiw089gRm1tq WxjXEn3FAqQCwawGWJe5NTNXRRLZFC+CoHlS8YGzjWJI51n3LECJSbGxnWXfS7Nz Rt/qbuCY6RtdJJOkTsI+itEdJEer8txfqAakEVFs6TWCX9MXMVy+f6N3V8BN9wHZ nCc7GyL1h27Zx+p8Ie1QkfA588B8LDkfuPRQrHZKrr/aTJlkUUYm6e0uBRc55pDG G5ZrsIuIC67hmrLa8T0EJsoh5GoJ5xixTR7kFbI2dc4Wu+HQIO6Rf7AdxKZPVmSO tbCQF+g20q7yBW3iJi2mDxqidrH4/wIxIBpF+O0wLTDKF2CP1kY= =A9BJ -----END PGP SIGNATURE-----