[DLA 3791-1] thunderbird security update
[DSA 5671-1] openjdk-11 security update
[DSA 5670-1] thunderbird security update
[DSA 5669-1] guix security update
[DSA 5672-1] openjdk-17 security update
[DLA 3793-1] openjdk-11 security update
[DLA 3792-1] samba security update
[DLA 3791-1] thunderbird security update
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3791-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
April 22, 2024 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : thunderbird
Version : 1:115.10.1-1~deb10u1
CVE ID : CVE-2024-2609 CVE-2024-3302 CVE-2024-3852 CVE-2024-3854
CVE-2024-3857 CVE-2024-3859 CVE-2024-3861 CVE-2024-3864
Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.
For Debian 10 buster, these problems have been fixed in version
1:115.10.1-1~deb10u1.
We recommend that you upgrade your thunderbird packages.
For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
[DSA 5671-1] openjdk-11 security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5671-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 22, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openjdk-11
CVE ID : CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21085
CVE-2024-21094
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service or information disclosure.
For the oldstable distribution (bullseye), these problems have been fixed
in version 11.0.23+9-1~deb11u1.
We recommend that you upgrade your openjdk-11 packages.
For the detailed security status of openjdk-11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-11
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
[DSA 5670-1] thunderbird security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5670-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 22, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : thunderbird
CVE ID : CVE-2024-2609 CVE-2024-3302 CVE-2024-3852 CVE-2024-3854
CVE-2024-3857 CVE-2024-3859 CVE-2024-3861 CVE-2024-3864
Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.
For the oldstable distribution (bullseye), this problem has been fixed
in version 1:115.10.1-1~deb11u1.
For the stable distribution (bookworm), this problem has been fixed in
version 1:115.10.1-1~deb12u1.
We recommend that you upgrade your thunderbird packages.
For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
[DSA 5669-1] guix security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5669-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 22, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : guix
CVE ID : CVE-2024-27297
It was discovered that insufficient restriction of unix daemon sockets
in the GNU Guix functional package manager could result in sandbox
bypass.
For the oldstable distribution (bullseye), this problem has been fixed
in version 1.2.0-4+deb11u2.
For the stable distribution (bookworm), this problem has been fixed in
version 1.4.0-3+deb12u1.
We recommend that you upgrade your guix packages.
For the detailed security status of guix please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/guix
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
[DSA 5672-1] openjdk-17 security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5672-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 22, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openjdk-17
CVE ID : CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21094
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service or information disclosure.
For the oldstable distribution (bullseye), these problems have been fixed
in version 17.0.11+9-1~deb11u1.
For the stable distribution (bookworm), these problems have been fixed in
version 17.0.11+9-1~deb12u1.
We recommend that you upgrade your openjdk-17 packages.
For the detailed security status of openjdk-17 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-17
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
[DLA 3793-1] openjdk-11 security update
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3793-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
April 22, 2024 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : openjdk-11
Version : 11.0.23+9-1~deb10u1
CVE ID : CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21085
CVE-2024-21094
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service or information disclosure.
For Debian 10 buster, these problems have been fixed in version
11.0.23+9-1~deb10u1.
We recommend that you upgrade your openjdk-11 packages.
For the detailed security status of openjdk-11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-11
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
[DLA 3792-1] samba security update
-------------------------------------------------------------------------
Debian LTS Advisory DLA-3792-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Santiago Ruano Rincón
April 22, 2024 https://wiki.debian.org/LTS
-------------------------------------------------------------------------
Package : samba
Version : 2:4.9.5+dfsg-5+deb10u5
CVE ID : CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 CVE-2022-2127
CVE-2022-3437 CVE-2022-32742 CVE-2023-4091
Several vulnerabilities were discovered in Samba, SMB/CIFS file,
print, and login server for Unix
CVE-2020-14318
Missing handle permissions check in ChangeNotify
CVE-2020-14323
Unprivileged user can crash winbind via invalid lookupsids DoS
CVE-2020-14383
DNS server crash via invalid records resulting from uninitialized
variables
CVE-2022-2127
Out-of-bounds read in winbind AUTH_CRAP
CVE-2022-3437
Heimdal des/des3 heap-based buffer overflow
CVE-2022-32742
Server memory information leak via SMB1
CVE-2023-4091
Client can truncate files even with read-only permissions
For Debian 10 buster, these problems have been fixed in version
2:4.9.5+dfsg-5+deb10u5.
We recommend that you upgrade your samba packages.
For the detailed security status of samba please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/samba
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
