[SECURITY] [DLA 2452-2] libdatetime-timezone-perl regression update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2452-2debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk November 17, 2020 https://wiki.debian.org/LTS - - Package: libdatetime-timezone-perl Version: 2.09-1+2020d+1 Debian Bug : 974899 2.09-1+2020d accidentally did omit changes to some files, resulting in warnings. For Debian 9 stretch, this problem has been fixed in version 2.09-1+2020d+1. We recommend that you upgrade your libdatetime-timezone-perl packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl+y/10ACgkQiNJCh6LY mLGG/g/+JI792cq+qWhZxM9fvEfnb+I1kjpbg6n0B2uYQDsZ5ofh1/S5lws3hmN3 prAi1DCF5eLtLc6YRp29mKxQEDvXaPdyyFIYeb2JzYsxpmKe/Aky7wKiWrFBDUb7 DlPBENR0U22grxDFsORJ2B3Pw5fXodQuU6RhLCraur4Nh0tyKdBvVgBlxrZbpHUb t1/GNdJa5eTLqLMKeai30aXZcRHc/hl4tlKyVdWkjrphyg2s9tDOm6idqVBFhkpw YVhAg13uIv1xTyiF12t/2+bb1+IHB/0200ApIam7VMCdZIYlWG0DPqpwtK1Joh32 5fotdeweDvaBL1ljQkxhAlBOK6dXCQ2NQZb47V9TUAHlQTufHQ9yZfVwzV80AtCl s3gybTwPz8dB472AC2ST5PtnlyE0S7q6IWgSYKKzqyzPrUISQtcDELJCt0agZ2OL pD9s6tn0siZTdRY9xpFqMXoF7xzj5ZpnGmtNklmFpfa6Vz3Np35oJqGu49w+zChT Ggj9NUsR4pWik52EdYY8oOhFojsdcD8VfX6wv/QfVN6dbQ2bGla+mZA1iPkdnsHW xb0G1ifpyqLOqQhdhoq8z611KN3e6ZCJpnCZg0Wo/RXpyHM5ET4n6OQnlyoVK6sf lDn0CI8YY/CqQUCu47nFWwpnBYogTnxhEalipMbTw+xwrJzSjeI= =XeVd -END PGP SIGNATURE-
[SECURITY] [DLA 2453-1] restic security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2453-1debian-...@lists.debian.org https://www.debian.org/lts/security/Brian May November 17, 2020 https://wiki.debian.org/LTS - - Package: restic Version: 0.3.3-1+deb9u1 CVE ID : CVE-2020-9283 golang-go.crypto was recently updated with a fix for CVE-2020-9283. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix. CVE-2020-9283 SSH signature verification could cause Panic when given invalid Public key. For Debian 9 stretch, this problem has been fixed in version 0.3.3-1+deb9u1. We recommend that you upgrade your restic packages. For the detailed security status of restic please refer to its security tracker page at: https://security-tracker.debian.org/tracker/restic Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEKpwfR8DOwu5vyB4TKpJZkldkSvoFAl+y89sACgkQKpJZkldk Svo/mQ//byuAryq/R2DPP8Jps6jsNp61xH7gDU4+5MUofps/OgoD0POzOlHyVtOr 4DyNx2ihe7dWqQt4zoZoBFx3BJP37oKjA73uP3zlucvwxMvWduI2b2PuR0rbiFrY WDAe/2g13qBzKCxrBIKTerfeIdiqVk3rfiDxCeQ4oBmeNi3AFYJZoBb8CCJDqIez 3Nl7ETqJzby5me+M4jD5pY/7bYHpqGFF+AmOyJt4jonHfNxi20k5WumdOlyUq8BN SOGu4qg+h5gruKhyYISDQnS3FjTJwWEBaJwWEgwPkdmnqTdc6gyf6M1Zsr6vLeu9 5Sq3JstomgnN6fNwZhAzJR34vvEEbanwbn92lQJMkuP5+LOaSD3qVvoVcXIEYPeo NjQzzgbvfcMwPqamgAENbftu9ovxyMO3FxqXY9uchASHhj8aoZZaP2ztK9u9WE7f A6pRfOreu8hTSW8A3Ypwf0RBij8NDrNE645ZSES54TrIAu/bliHZrHO7vTMYqLR2 oVcdAJn3UFYBxG4xJkd8Sl40sS5eALGoa4hQKisYepVV3WC6hptV5lTBoUvVHLHx D7fh1cyDvgdd7sLnT17SvfKZriReqb6rQdOHmbVTIELoAF3KS16RySIxs7HjNmT1 a5Uf5oaRlyNzLZZbVnEvnRpKUazmCIMeH01cNdgiZ1RM+XOFbX8= =NL89 -END PGP SIGNATURE-