External check
CVE-2008-6176: missing from list CVE-2008-6218: missing from list CVE-2008-6235: missing from list CVE-2020-14366: TODO: check CVE-2020-25697: RESERVED -- The output might be a bit terse, but the above ids are known elsewhere, check the references in the tracker. The second part indicates the status of that id in the tracker at the moment the script was run.
[SECURITY] [DSA 4787-1] moin security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4787-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 09, 2020 https://www.debian.org/security/faq - - Package: moin CVE ID : CVE-2020-15275 CVE-2020-25074 Two vulnerabilities were discovered in moin, a Python clone of WikiWiki. CVE-2020-15275 Catarina Leite discovered that moin is prone to a stored XSS vulnerability via SVG attachments. CVE-2020-25074 Michael Chapman discovered that moin is prone to a remote code execution vulnerability via the cache action. For the stable distribution (buster), these problems have been fixed in version 1.9.9-1+deb10u1. We recommend that you upgrade your moin packages. For the detailed security status of moin please refer to its security tracker page at: https://security-tracker.debian.org/tracker/moin Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl+ppgtfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RqpQ/9F4gKbiSU8XQGuaJXB8cxAXS4x1F2FBgvJb3BzbfpYrPeqcLqL0W04Mh/ yP7qp35IuC2omy56+FMg3iXL1iEJmTZwUjY0HpUdbA8ye9HllNmloPex15h12wde 5MX9AZlWLiPfzPLEx9dcNjDtoKn0u3GRKRU9sN3/NBg4Y+NKDuec0YmnOMDekjp5 +99e35l27E1CquBVt9PSTXbJ4npGcc7CFBKyIyrbsLKPa3+nKhKYdS3PDhtoODdl OnuNtqYjk/MBR1q/oyuYtlPUhn7hiU25LUnpWnkGbpaDF83L2xCuGiqMfGarxfGI R3hZJ6/y/03EUTHVjRDj1OHhu38JE6kI7dtuBWSSs5+SKMW7OBNhHKRxHbDj9aeE fIkq0WDqYHsO8dkQnmA4TCNVCTMxveeUlIfErIaGI5zYptjkrdf6mLXBs0vw7ZQP eSNzcmJHB866oUTZTugZ78MuglaFiHXrdxHfmCmC3hUfMeEGFccIDP2kO6D12yYK /mKY8hid/+OKoGNz2q6eL/GbJ2RZaPgm4vsacIomacuGzOsVkcVYYD1BJLefR1LW fmgiJR3KypAhGf4KKYQDCn2IMyzdF84P3hjS7VQUndw4C8T/6O+90XIM8me24xuv /WNjNvobnNeC9NbqdUx1sWeswmtdHVM9MDw0ppLfxBdyoZluIJo= =gS1D -END PGP SIGNATURE-
OSDFCon 2020
Hello team, I take the opportunity to publicize the 11th Annual Open Source Digital Forensics Conference (OSDFCon), will be entirely virtual and will take place on November 18th, All details can be found at https://www.osdfcon.org. Regards, -- Francisco Vilmar Cardoso Ruviaro 4096R: 1B8C F656 EF3B 8447 2F48 F0E7 82FB F706 0B2F 7D00
Re: Is chromium updated?
Hi Georgi Guninski, what is your opinion, what should Linux users use for their daily work? Firefox becomes more and more buggier, Chromium project doesn't provide binaries for any OS. Kind regards Georgi On 11/8/20 7:50 PM, Georgi Guninski wrote: > https://www.theregister.com/2020/11/04/google_chrome_critical_updates/ > > Wed 4 Nov 2020 > If you're an update laggard, buck up: Chrome zero-days are being > exploited in the wild > > Desktop and Android versions both at risk > > On Sat, Oct 17, 2020 at 9:31 PM wrote: >> >> Hi, >> >> 17 oct. 2020 à 14:28 de ggunin...@gmail.com: >> >>> On Debian stable, I have chromium Version: 83.0.4103.116-1~deb10u3 >>> >>> >From Arch advisory on 2020-10-10: >>> The package chromium before version 86.0.4240.75-1 is vulnerable to >>> multiple issues including arbitrary code execution, access restriction >>> bypass, information disclosure and insufficient validation. >>> https://lists.archlinux.org/pipermail/arch-security/2020-October/001608.html >>> >>> Is Debian's chromium vulnerable now? >>> >> I would say yes for the time being indeed: >> https://security-tracker.debian.org/tracker/source-package/chromium >> See "vulnerable" in 2nd column for CVE-2020-15967 to CVE-2020-15992 + >> CVE-2020-6557 >> >> Best regards, >> l0f4r0 >> >
