[SECURITY] [DSA 5518-1] libvpx security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5518-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 05, 2023 https://www.debian.org/security/faq - - Package: libvpx CVE ID : CVE-2023-44488 It was discovered that missing input sanitising in the encoding support in libvpx, a multimedia library for the VP8 and VP9 video codecs, may result in denial of service. For the oldstable distribution (bullseye), this problem has been fixed in version 1.9.0-1+deb11u2. For the stable distribution (bookworm), this problem has been fixed in version 1.12.0-1+deb12u2. We recommend that you upgrade your libvpx packages. For the detailed security status of libvpx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libvpx Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUfC+hfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0ShFg//d7Jd4qC4wXcyMie8BhtQ+mJWjauimf/INZ3HpuFvJy/dXcewbS54rjX6 bCoA7Ph+eMSrHpB8HT7F36kM7bGGHhgiqRacDgyWhTo2I/ypEEuWj0BK29js7ajr vWokgkDIK4xZFqmqV6fKfD2tEa/3IdGxoreuBvta0VOi0mTe1jcuSyiro+DOGCxk SnFpt5Iyvc/uoc+QP3KbqwLqKH8KNOUZDpeIYu3lDByLRDaseuOBuKYGSQsx2lfG 3P5TmAAHJi4KCDm1vpTJW3ifHo7QJkRWhKSfQv66+Lqz3nLfhZR9D9nD9kExFnxP cNCJZqrSdYjtHDXm8VVD+MY2L8ZRCnJkN6Wp9aQHK7i3jhqTv2nsK1mTEbv9HmHo ngfFmXskzgxlnY/5Ye1MSpRflnYskkC7AG/52vYWE00aXnY9OH0Lb7LIseu/YpeY SrSAPcC5ldWgFLH1xfczXgl43Q7bDVYBoiDFGuA6Z1bP0rexuvbKEBBmiEFAOR/F kLE8HbovvuXhGMvpN2RLWGAl7EuBAAJGR/q1/XcQpcdCPVUdkz0YG//o1uNTlUeQ JkiQSzQFBwfvLF0MwnJ/bi7YIZeinEb0bBki01npLvQizafSz4HFyhAQIiRbrQFy 3sVX4BipmVNdzOktp4L62EtKlYFr7fm8/aBZDVtrcn9Lg0CQfkg= =EqLq -END PGP SIGNATURE-
[SECURITY] [DSA 5517-1] libx11 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5517-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 05, 2023 https://www.debian.org/security/faq - - Package: libx11 CVE ID : CVE-2023-43785 CVE-2023-43786 CVE-2023-43787 Multiple security vulnerabilities were discovered in libx11, the X11 client-side library, which may result in denial of service or the execution of arbitrary code. For the oldstable distribution (bullseye), these problems have been fixed in version 2:1.7.2-1+deb11u2. For the stable distribution (bookworm), these problems have been fixed in version 2:1.8.4-2+deb12u2. We recommend that you upgrade your libx11 packages. For the detailed security status of libx11 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libx11 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmUe/SEACgkQEMKTtsN8 TjYVyw//XICOLb5ZAfQBjWuhJvJkM7SN1pjd2Iulvqz2sNgAzSninvda2n6458BB 41fs6J5dIkCIGVWJ2/4hwBXuMMc4HO7KTTs+BW9WGBJOwd7ZpwTpvxe07M+kOPt2 iqebM5dd5QO+ifh6AHTZ3amPliKfCCUcItYN1aMpolB5N/LJBdMa8j/ebU11pu5T GLreIskc+k4/lrJ/22Nr5SsGj0xTnXYrvBPcB6CX+aX7J1uWLyu6ZP5mBzmgjA+F I9SH5XGzQ3l2F29tp/xJUg9lwYp7Ij+vpNP/DWLo+QC2F5Q6II0ZG9wlEA1KiYR9 l2rf7OVhtBWkaUZoVTyaSX+isj0i1BCZgyic84y/vlfVODuwAMY6K7ggZS9J+Hmd YUvBLk8YTXFTfPZeQzglEw7U9Ia6fkV9dKeOHCrFlLelTz2umBmGfIT/WdOwSk5q czheJsayd9VhcxOExDoqRmhOhdslI5R0p2VMcr5N5qLzPaPnvhTWw3XeirlfKu1+ SeMVGbdXF3+iWIbPtXuqOUBOmxu48HfZ/6/WyondTGN9qpTPdUgdYpHeVielziT8 WYo4q88zyaDMYIEj3Jpo+/9QHD+c60VBjumebW8F3Shat/Xq0qOWHWI4u3J5ZOXN XJTfVGEGgtWxancMQeQxu4oejxyO8zAVbo47uDs3juuUw3kJ58Y= =YNpi -END PGP SIGNATURE-
[SECURITY] [DSA 5516-1] libxpm security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5516-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 05, 2023 https://www.debian.org/security/faq - - Package: libxpm CVE ID : CVE-2023-43788 CVE-2023-43789 Multiple security vulnerabilities were discovered in libxpm, the X11 pixmap library, which may result in denial of service or the execution of arbitrary code. For the oldstable distribution (bullseye), these problems have been fixed in version 1:3.5.12-1.1+deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 1:3.5.12-1.1+deb12u1. We recommend that you upgrade your libxpm packages. For the detailed security status of libxpm please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libxpm Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmUe/VYACgkQEMKTtsN8 TjZ6fw/8DuvSCC62gLDWFxk+u7E0Jw4jJkd+I3LBarfScOGNp5H9DCJhynjmyIYM 9LT2MFWja+QOXEbJWva9G+nUSI/E34+1EgAX8oo4jOVuHJzIFApXvEeYKE5zuEKB bIAXJgtgoDn44l8YbC8Np9LhbjlyJdIkLWpkl8kLQ5DXcZXrKensGnnSYjGZqvIP tC4n/gwFfyrBVGd77yd/y6r38aUd5drJyLfiTDmR75fNz1yLjd51anlP1pBdy8fs xgTJW3T2SEh6iHFIu3EvroJTFz9WrOW1z3RyTMhkkIFzAiKW3aCiWqE0AP6okBMM Pw/QWCIiQrlLGRtStgfL5N+dTa1XWdDkR9EDjtszigXYnxNkqdHzA+R8NkXZorX4 r5R2Thltqd3Et3Jy1DsttU4PfALjcAH2qlGZ9xJBOisREz96XKCSQVMi7gDbZW5l 9vMeXQq15sAHH+HquGjONrS10JpgfE0Jvuff0+10vJskZxBPOBNnNlxMz6NWVrZh cTe7hmOJm//Cdxiy582IkIMNn2IY5tRXPoDeYarAtTvcrDDE495XY8jDhZKgNE5P BqBXcpQnrAUl5L4S3PIUJYF+r9Wnyf46OmwMLH3mR5zf7TgpwAlaRLONBPTK72JT LklBbYTz6coBYrEGGGdwVuRlPjU+zifY3fwGTm5zXd6MLCfXx1U= =nUCe -END PGP SIGNATURE-
