[SECURITY] [DLA 2680-1] nginx security update
- Debian LTS Advisory DLA-2680-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Markus Koschany June 07, 2021 https://wiki.debian.org/LTS - Package: nginx Version: 1.10.3-1+deb9u7 CVE ID : CVE-2017-20005 Jamie Landeg-Jones and Manfred Paul discovered a buffer overflow vulnerability in NGINX, a small, powerful, scalable web/proxy server. NGINX has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered by the autoindex module. For Debian 9 stretch, this problem has been fixed in version 1.10.3-1+deb9u7. We recommend that you upgrade your nginx packages. For the detailed security status of nginx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nginx Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS signature.asc Description: This is a digitally signed message part
[SECURITY] [DLA 2679-1] thunderbird security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian LTS Advisory DLA-2679-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 07, 2021 https://wiki.debian.org/LTS - - Package: thunderbird Version: 1:78.11.0-1~deb9u1 CVE ID : CVE-2021-29956 CVE-2021-29957 CVE-2021-29967 Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. In addition two security issues were addressed in the OpenPGP support. For Debian 9 stretch, these problems have been fixed in version 1:78.11.0-1~deb9u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmC94iwACgkQnUbEiOQ2 gwLfGg//bdym2Z7tUoSC/JX0bqGlj4zB+nJaUzD0BgewQ0ZkWXyxKnGBSUsv5GwZ atpgFatar6LgGDvlZp5dCFEivJGVWJDETSGBDxxYaFFG4lVHYe8kNMjN8dyWnw+E X1B9VXG92VIiPkcCM4AU8xJlBki895T8AYWbXEmVt4kzKhPxWohzetL+F34jyV1y CRHmMjxy7spxzSiZ13s5mjTAq4JE2qVIyzdZyBT9kuDDGaXGN/Ntq+fRPlEvo3kY 00eG7zrLvmoqM09hxEgzDoUbOVaWt0IQI2CpdeAn0c2V/eljMBnrJpCmluQtX2jc 5mnzdz9sSWidYGp1yPYMDld+cQiGtQgMnFmjSQeWNyVIxFCM/PkA4VJbJTI4+a/G aXZby2CAD8/iqDJ7JwyGCfvRDR8cHKluMfQON0EzXIHUS1gaaVYeUtxREzRFcIKy Z9fyW3a8tWRsAFta7fkB1eXH/vY6An0C3xzpDFXTWi6L4vkCbL3LNcuvNxOPUQm8 yDsX8r5GWV4Ewbr8o47HVwr1G8LygQRS4faRAaX+zh6RNME/e+O48jXw9PAlq0yb bob2O1gJFuzwoL+NY+vKxhC+3g+Sd8GNxTCu9k6ZZyIXb2iLdBdNHKDSzrepzNfe M7X6aN2XY6pb6NSVWWse+JUeXMJS/u4EofYVCJOCzYtVYTS3rIw= =QZuX -END PGP SIGNATURE-