[SECURITY] [DLA 3520-1] libhtmlcleaner-java security update
- Debian LTS Advisory DLA-3520-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Markus Koschany August 07, 2023 https://wiki.debian.org/LTS - Package: libhtmlcleaner-java Version: 2.21-5+deb10u1 CVE ID : CVE-2023-34624 A security vulnerability has been discovered in libhtmlcleaner-java, a Java HTML parser library. An attacker was able to cause a denial of service (StackOverflowError) if the parser runs on user supplied input with deeply nested HTML elements. This update introduces a new nesting depth limit which can be overridden in cleaner properties. For Debian 10 buster, this problem has been fixed in version 2.21-5+deb10u1. We recommend that you upgrade your libhtmlcleaner-java packages. For the detailed security status of libhtmlcleaner-java please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libhtmlcleaner-java Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS signature.asc Description: This is a digitally signed message part
[SECURITY] [DLA 3519-1] ghostscript security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-3519-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk August 07, 2023 https://wiki.debian.org/LTS - - Package: ghostscript Version: 9.27~dfsg-2+deb10u8 CVE ID : CVE-2023-38559 Debian Bug : 1043033 A buffer overflow in devn_pcx_write_rle() has been fixed in Ghostsciprt, an interpreter for the PostScript language and PDF files. For Debian 10 buster, this problem has been fixed in version 9.27~dfsg-2+deb10u8. We recommend that you upgrade your ghostscript packages. For the detailed security status of ghostscript please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ghostscript Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmTQ+k4ACgkQiNJCh6LY mLHlERAAkaqbJpuy0NwqH2wgGu36XLgI7rLmKonC0MaSIFp9GmrQ2kGKnpbOPKeT EBCUyYUmMt56VGCXgE8ajvCVzJpyzVIVjATiYRj5lNK/stNw5Af3dNFAmnjah8Kx 58i7Hrk8tjhdGMxS4il1e1nFpIUTvKSqZ3PaNXP0Ue/r8NeN67VGddG+9xX/YLt+ /cVksGOhQhyBQ+SqwXMDuQSgL+lhq7Ys9uc/eZRhk5QVY3nErodVS2cOG6go4vPj Wg1eeu4rCyWCZfIkS/EDTcROLKvEIGktZ2QXnqbsmXGTRbKI80Uvil4CBLaQfFJK 40mWs/YB/7fdFtWlUf8I6YfH5fGv3PBIt1hAn7VobjuqSlFIxN2xhjFtrkY2lAFg NnCxXTtTbnKRjZqcVHZy7rlm/WkTEz7LONgOHrky5VYG/Mbwk1i/fA7SB7IaiQKi gIZWdHGeMEq+yGf/Hjv8/KVc1PbLCzgeKeeJMsg8G9qJr+8XpSabxUBx0GCg2lke 5iy2MFlGHezGpVbE0cfi7wDozcgkS9e8C2W7babnD5H4cMife4QD6GYQFZ69K5GE 2doNA/FM+cr1dGZuQYdklngOKVh+VuYtB4umqjvmZ/wXoYe0HhNpEjcozrIeZqX7 7kJ3iMRwoxwUsETVM0fG4wpPPCS8JnaOVkjm6mINLsfaU1GLwVI= =LtjG -END PGP SIGNATURE-