Source: zoneminder Severity: grave Tags: security Please see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8429 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8428 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8427 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8426 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8425 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8424 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8423 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7352 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7351 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7350 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7348 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7347 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7346 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7345 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7344 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7343 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7342 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7341 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7340 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7339 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7338 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7337 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7336 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7335 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7334 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7333 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7332 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7331 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7330 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7329 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7328 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7327 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7325
We should generally restrict the level of security support to something sensible. A video surveillance systems is obviously something that only should be exposed to trusted parties anyway, so I'd suggest we treat zoneminder similar to e.g. ganglia (#702775), i.e. - add a note to debian-security-support so that it flags the status of it - Add a short README.Debian.security (or similar to document it also within the package) Cheers, Moritz