APPLE-SA-2019-10-11-1 Swift 5.1.1 for Ubuntu
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2019-10-11-1 Swift 5.1.1 for Ubuntu Swift 5.1.1 for Ubuntu is now available and addresses the following: Foundation Available for: Ubuntu 14.04, 16.04 and 18.04 Impact: Incorrect management of file descriptors in URLSession could lead to inadvertent data disclosure Description: This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0. CVE-2019-8790: Apple Installation note: Swift 5.1.1 for Ubuntu may be obtained from https://swift.org/download/. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 and the Swift announcements section on the forum: https://forums.swift.org/c/general-announce Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -BEGIN PGP SIGNATURE- iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2hATspHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M0vBQ// WZrI2meOwYxLQX/CgzAkS5sBqPH+EVTI7q8UfYuKX/sE1UX01dgPCIDH3nECugPo FTUkLmKKq156/oRx3PzV3u79Aon7V1p1Od28nDg6HeDEgYmfsdEPWncV9ym/ZwdI +94UQwOqgO2plJueVzHqnrvvrmVLU7b7jXJ+RxLM3ql7LAOkYa3nol4yBrls+izI NurfQXMj81iysHWVPTOVVzeuApRImE8Y9FFYsQRao5rr9068THuVwn4jx2V0fVBR /0dEvvNAP/gsV54A93yH5QLAlBrvDmKHq5bRIYY9CHABT5o/mbTWNXCCDg5Ih1ds IgrzVXqd11/CK42t4BJdd5j6vrl9ZojKk41PKMqeAe6S6EPYzwms8mVar+bMWbyM xDV7iOVNTGIkcL+BrC9VAfeQgUUrgRgxBhBZbz5DzkMsNau4xZsGeqFf8yTFuV+1 QKHhlGyqEv9MHCnuCgDOtanc1pgkdTSjktUVk0axRGzRi/k+gdUwbhUpwRRo/NKk WPdjxOWiAtIX4+gm7O/nL163h3hdaIGjVBXxHELYSxBY7NAztmeQwReQKMOf9Pyl aY4W6IeUZi9DQwEzc1H7Q860g8SSbvpC41vR9DkuzbKS3HVePyIJIvU27xYbUN3t Gw404TS2UDXrKGNr8oVDsHhSRbviJXz8HF+c0XJE27A= =rm/M -END PGP SIGNATURE-
[SECURITY] [DSA 4539-3] openssl regression update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4539-3 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 13, 2019 https://www.debian.org/security/faq - - Package: openssl Debian Bug : 941987 The update for openssl released as DSA 4539-1 introduced a regression where AES-CBC-HMAC-SHA ciphers were not enabled. Updated openssl packages are now available to correct this issue. For the stable distribution (buster), this problem has been fixed in version 1.1.1d-0+deb10u2. We recommend that you upgrade your openssl packages. For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl2i1SBfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Qftw//SnbKmK414n/3dPnhaWJKn8sIbcx+sCUc/3sQ5ZJfDrq+fkgbLhzZIlY4 1tumctsArHw313g/bHwGyCkI3su/0otfRCoBxZW6xcJOHc5IAQZ9QplMj+rjMdxW Y7lESG1eU8Se21G7yvFx+Y01dqpsdaqL8RphkIQBVCcqZiwdknGnB/8CuBzIjbP7 zAViB6btkdHkrVXG+2fbec8IvVCVrI6IYeTSSsfo5YxpO5xtOiyYj3owEo5x4pUi FExr+kSzbyZILPFtRA84sG/WOuKy59vFtri3TnaPP2PKPMp/08P9jBXCWAyDX3EP WIUVdWugt6hUVcQ8CuqyVCtnRaWpd8i1Aftxs6y17E1hWajjL7hUF2gTXBhnUK4f VZvBDSHyzP8MVRk7ic2BiApEcPC8p9Z0+ItvnTXHI1GNOquQ5/KLZSeM/eGR6hKo oft3ThptO9aIWD+w8efhe7BMzj7JX89cPfo64RLgLBL4gdVhCRnxI31sxLv5wAO/ c2v/iFBWgoh67b1RsDeHtlKsZVuJzZbp2xFdFy+suUQSBuw+6QnaFbdzoLTYXezU vZrAC1WYvg3msdpJBWW1zHlhL51VJN8QalsvxT7se1nTEYfwAs0sarnnhe2My6Dw ZFRiGUEIyJfb1SJFh7O2wm2xLkyjwZg8hWGfCVatqTverY/yFEM= =2zTK -END PGP SIGNATURE-