[SECURITY] [DSA 5679-1] less security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5679-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 03, 2024 https://www.debian.org/security/faq - - Package: less CVE ID : CVE-2022-48624 CVE-2024-32487 Debian Bug : 1064293 1068938 1069681 Several vulnerabilities were discovered in less, a file pager, which may result in the execution of arbitrary commands if a file with a specially crafted file name is processed. For the oldstable distribution (bullseye), these problems have been fixed in version 551-2+deb11u2. For the stable distribution (bookworm), these problems have been fixed in version 590-2.1~deb12u2. We recommend that you upgrade your less packages. For the detailed security status of less please refer to its security tracker page at: https://security-tracker.debian.org/tracker/less Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmY1UxpfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Rt9Q//RATJdOip2H457Vmye1lZb/mUKci2CJBtj5/JOE1MVH8B0w/Vv5EIWCCa MaBzfq3Wv9FmkLMIkfLp1IbM1KZ20+tVz9rz2tVHq0vp+fSjw8wurBv4AoFiRyI8 pFwTzXEtwWVPVBhsquvOXLNVuOyNBq4fmAc8ETccvhcm9rODsEh4gxKR/BURJxPF jckpSv2EnEx/EEwSdFCaeJ5mjGDVN+Sd4V1LldyDLGCbRfY0RuC1hzGsX99o5NZ9 IEt2ZNQ+9OVQQCcpC6ayKtOkPFGKcRKTxhWZ2Q2gNl6tb0bYaQygHlxxRhiqok3G li898tnb+nI/ZlksblIn6gUwEzBH2a5P0/LJg4iF/N1htz2fv1C+/C8/AVvE9iBr lTV7RAo1xaIuV4yAgFsv+XJ7YsWtJKSwXkSRHAlcU3OGNmtQUxs6iQUrRJ97ax9L 0O/3wh7dXbmkU42EZlybTxYh7eMi074PzLva7t0im8KwC5sjvH7yLe6jLXCJ2+Kx 4apKfxPwTYn0bBqaeNgBBFHWwlYn+Rkofo4N5VdbFDWaMwctZ2FFLrpn3LQ3Mojn ssgf/uchU1M8Vpjp01H3Jr0S97nz5cCwE+LlFddMNVlqNL/hA1xU8zNkyRLJcFai JQVhtvLmuSFOW+FtvTjBB09T3o8lbPKYHacO1/h8/ZB+TKqlwQo= =tUOa -END PGP SIGNATURE-
[SECURITY] [DSA 5678-1] glibc security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5678-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 03, 2024 https://www.debian.org/security/faq - - Package: glibc CVE ID : CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 Several vulnerabilities were discovered in nscd, the Name Service Cache Daemon in the GNU C library which may lead to denial of service or the execution of arbitrary code. For the oldstable distribution (bullseye), these problems have been fixed in version 2.31-13+deb11u10. For the stable distribution (bookworm), these problems have been fixed in version 2.36-9+deb12u7. We recommend that you upgrade your glibc packages. For the detailed security status of glibc please refer to its security tracker page at: https://security-tracker.debian.org/tracker/glibc Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmY1QD5fFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Ra3hAAlAcmsW7eSdxGVoa90/83MD/hjEl2PF52Fhh2aCbSohifLlz/fnpg+2Fo pRsvva5ZK3o5hzTwaLdaNL3MkS80qSGI5LYB24gP7EU6jTkltHoHumQ7X8cQZ8Hn c0Sp5BK0UI2sfCsL/xtGusk0GnYXzw/SgAvcBSD4bh/xOusZjHa5XA4ox96v+IAN HAunVpepllXW2T0NrGhq+bdPhTOVn35lNCR3HU6/SrpaldeWl1xT+1mEyuG+0jOd bAJAC51fR/VMBqv6r37OGyS+62Vu5KETvQf8dCKPeFGMmpc3kZHVtv2y5VtXOdLn Yl1BdRQRk+AuW+y7MQwdMUxtppzI8y2GJ0cZlprnkFzf0SnC/aCs9gmq6ekrGLlB JVduPWiwxUjrhaIW4jH+FGFoCE4tUP0fCB/3epq647qkAxz2Op9ApDeySzYRVcuL 74g8vb7lMwlLA0qbRguaqWDj8PQLj1SQH4OyVu2EjfcSB6Kxt+zpJB1rw+AldfCz AYKiI1qfgCW5i5NzvCfpVDjlQGUyWS/d7G9Z9IRZUryvQALgnxt67HG48u50KXE2 n0kZ3FWyI2unYkTZS3xrtt4CeAE47j3+obCYJ3ZGDct/3cJ2PAcWqbtf2kIt7jFp xIdCRAGBIuMR/8zbXi6uMsagxQbEUuY4pA2TKrpp37RyN8d+UDY= =E5yF -END PGP SIGNATURE-
[SECURITY] [DSA 5677-1] ruby3.1 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5677-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 03, 2024 https://www.debian.org/security/faq - - Package: ruby3.1 CVE ID : CVE-2024-27280 CVE-2024-27281 CVE-2024-27282 Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in information disclosure, denial of service or the execution of arbitrary code. For the stable distribution (bookworm), these problems have been fixed in version 3.1.2-7+deb12u1. We recommend that you upgrade your ruby3.1 packages. For the detailed security status of ruby3.1 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ruby3.1 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmY1PxYACgkQEMKTtsN8 TjZftBAAoJ8Fvgz0vhJl8HNpozdLc7nyThu/dZ8QCcSLgCt1xJQYModeC+1PnQds wTnEXDjWKTVB4N+xot663SmdnKptCgqqI9zb7ZLZQodo9euZAOyT/cXmaa7+/QPg kULr3rGco8xh2yirKLhoEwpOvVQ7dKePc66Pnj1ni9mnMRCYPRjfXrBsPHkt+KiH 2MAHdeP5Na5rWzlXvKS7W5hRU8siovSnqg5Apc8Zx1MKuOI2ni7dm0i9s9DeWsNT J54Y5Q+6QxqpajzmowL3dQNHJHebyzRbBWhqOhmQojVkyIY2s0WOOHXRD6gS+wwE MJGVnluBTAuUHn8JMXHX5A2I5d8vhDkUq1QZZxSjNbNqU/FXKuyfAGKQNvtedesu 10nfq5StWPoV24aKBp+bMuopO6jVExXNvAmPHTpXC59a2N3WBmUuXOas4tJHBTfJ 6XgP6JX8hom24/LUjrS1xOlfCt5BEKoU6FICVv3Vx3Uc8yeBD2/bSxaY/qbotnN7 EgdZ6MhzAga2OxMzSqJJ7iUZLBg3C2A1AdoQRYfp8i9NFu8vvd3Ra3pjn38ELJUa xQAvpFw6xhuYsY4HyIcHqQ3SnrFRH3DrEHjncD2L9iRZktpKpRJJ5os/Fs1Wd4gJ wfGic7yfmKOyDQYRPrZgWyyezwHsWy1YeffVXATlBJHvvuXiuFY= =+u3s -END PGP SIGNATURE-