-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libzypp Version : 14.29.1-2+deb8u1 CVE ID : CVE-2019-18900
It was discovered that there was an issue where incorrect default permissions on a HTTP cookie store could have allowed local attackers to read private credentials. For Debian 8 "Jessie", this issue has been fixed in libzypp version 14.29.1-2+deb8u1. We recommend that you upgrade your libzypp packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl5fEtAACgkQHpU+J9Qx HlhAdg//ffRCqY9gZ3XHXt8JGp+NiL1Ostl9rse/vqmlfBshlJngbXE/ocCJai4X T2n33u3/8FWlYpJJI0mKygP+Bxt4v0SyrBFEaBavlLWJmmHpgfsggPGOdSBA9vW2 tEqrCFToaTRSE57Y8mao418kMIP6DLHNCSobRSN0UinA/uuC4DGwnIF+y0OMLM1M gGthC3G5jlGryUwehWDIFR+NIcfVQk3yTcTiz9p8snzDZZlyoLQSdL42J0cuoea/ dySWbRrJHGbww2W+qQdGMhRvo9fgyl+kDZyCUcyeD0g84rX+ez+hipSWp9jrqeA3 flTWdNwgwmRdnUiWpCehSVl/6GR6UI9DfiQGVUwMzIxxfRq3pW870oHPeo42lKHm UEmx5q+8yFZzHYHgJokf9duEcx6bh6ARSwfOkkQCGwtYdhea0rGGS97rGZGLHSzA x570cZV3R00ho9XCWiknYD7sFjIFzR9IW6cN1kxfMKZHqn6xhXBHBOeE1Pne6DMz 8vNOk6fmAL1AWu3aeCfVNtAdPcuXr2Z9I7FuRBjZSiK2t8kETzP2ur54iWVbWG4l 0mVafpoJzDX4JSza904YoBOO/i3p2QSryWy2nSgiUwlta69aQZBWxR29OKmZ3Yhl tgnOQWfB7JYMTItlbV3egZesikHVq3bn/DB6/Y8/AbS3YFUvV9A= =8WNc -----END PGP SIGNATURE-----