[SECURITY] [DSA 5028-1] spip security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5028-1 secur...@debian.org https://www.debian.org/security/ Sebastien Delafond December 22, 2021 https://www.debian.org/security/faq - - Package: spip It was discovered that SPIP, a website engine for publishing, would allow a malicious user to perform cross-site scripting and SQL injection attacks, or execute arbitrary code. For the oldstable distribution (buster), this problem has been fixed in version 3.2.4-1+deb10u5. For the stable distribution (bullseye), this problem has been fixed in version 3.2.11-3+deb11u1. We recommend that you upgrade your spip packages. For the detailed security status of spip please refer to its security tracker page at: https://security-tracker.debian.org/tracker/spip Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAmHC17MACgkQEL6Jg/PV nWSTCgf+Nnp2PRp1FvvagyvH02s9aGygJnBFzD4NVvJCpiO9YnXnMm1F1U2LLQCA usXjnMFG5Y45+8FSQQVW3IeQzUVWlHUXmON+F2rT32+JByqNwlsUEjGwNYvgO+EB jYnPqGRgqgq48POx9Csp4rZW/e0/HX7YSrSqgPQnNQh+LJPlIuN6KkJoNwJZiM8/ ZiedEtvNfyUmWSgHXytnpcqsHbb4Nyyquqxr42DEL83cd4++3/nwNtRwHInJYL/2 Jk1GxuOoJr1ogQyepOdsDpmM0Vxeh6uZWIrPaBWWhraLvwQ0f8z7V/V2rU82tz0g R4WR2hk3968GnkNOaRqSDDwquDQtYg== =3W1N -END PGP SIGNATURE-
[SECURITY] [DSA 5027-1] xorg-server security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5027-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 21, 2021 https://www.debian.org/security/faq - - Package: xorg-server CVE ID : CVE-2021-4008 CVE-2021-4009 CVE-2021-4010 CVE-2021-4011 Jan-Niklas Sohn discovered that multiple input validation failures in X server extensions of the X.org X server may result in privilege escalation if the X server is running privileged. For the oldstable distribution (buster), these problems have been fixed in version 2:1.20.4-1+deb10u4. For the stable distribution (bullseye), these problems have been fixed in version 2:1.20.11-1+deb11u1. We recommend that you upgrade your xorg-server packages. For the detailed security status of xorg-server please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xorg-server Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmHCMkdfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SyaQ/+IqrFtIKc28FNMS1XFM/qm2s2bCRwLCSomrlXF7gI+1ODI3fpIzrux05M lSoZvZIDhfNZ72uRhQl5tWTSZkbvrDxiqpGjQsMbE2JnyuBoY63yXrgoJs2IgE8I Av7doScJmisKn7QqRtd2i3lIK3i00vSfRebVHqrOcggxhHu3SQJqzJt4C8KmKUl5 8Nt3GRxftR7X2zvKv6ZhQ2ShRacoxy0FL554Q8C8L4U+fURsVxda2HP18jEp3CSt MybSeNLhI4msD2nMarV4kF3TyTDjy9NeLCr937Ab1SegYP1ecnkPhLa2uayXFUWZ bAFMDWL7DZ/seNHD/vFpFnkksMysK4VbtgV7o6HCScv1D6NB5YG7axxePuE2YFY2 XHf3HnyPV7UQ0/lqEcGDfilgpujvEVajFMELA2Fc5RUnB5a3Yk8z0zkEGJmCCwVV Bi5U1dzR0vfastfdl8AIANtgLAPWNhI1TnUwGN92KVJ1Q/gUNiK706muqVk57mm1 vxkacIRIlCTr4cwytzOxbZ2NdDDCjPXrZhiUIVWPLd9D3K0P3/GDsWymdAEnXkTr RbOkZytzi0PjKjAW8qt22E7K0e6UTPrHi2RjrirLFdnRU7/R4gOK6xlxlJZZv5o4 /KU7fRjnAnUX0swN+NODzZrZwCHPZfm9DWKEr1xsH4NGi1nEbO0= =M+0O -END PGP SIGNATURE-