The following security updates has been released for Debian GNU/Linux
Debian GNU/Linux 7 LTS:
DLA 1387-1: cups security update
Debian GNU/Linux 9:
DSA 4206-2: gitlab regression update
Debian GNU/Linux 7 LTS:
DLA 1387-1: cups security update
Debian GNU/Linux 9:
DSA 4206-2: gitlab regression update
DLA 1387-1: cups security update
Package : cups
Version : 1.5.3-5+deb7u8
CVE ID : CVE-2017-18248
CVE-2017-18248
It was found that by submitting a print job with an invalid username,
the CUPS server can be crashed, when D-Bus support is enabled (which
is the case for Debian).
For Debian 7 "Wheezy", these problems have been fixed in version
1.5.3-5+deb7u8.
We recommend that you upgrade your cups packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
DSA 4206-2: gitlab regression update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4206-2 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
May 26, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : gitlab
Debian Bug : 900066
The gitlab security update announced as DSA-4206-1 caused regressions
when creating merge requests (returning 500 Internal Server Errors) due
to an issue in the patch to address CVE-2017-0920. Updated packages are
now available to correct this issue.
For the stable distribution (stretch), this problem has been fixed in
version 8.13.11+dfsg1-8+deb9u3.
We recommend that you upgrade your gitlab packages.
For the detailed security status of gitlab please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/gitlab
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
