Debian Linux Security Advisory 5626-2 - One of the upstream changes in the update released as DSA 5626 contained a regression in the zoneToCache function. Updated pdns-recursor packages are available to correct this issue.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5626-2                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffMarch 20, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : pdns-recursorOne of the upstream changes in the update released as DSA 5626 containeda regression in the zoneToCache function. Updated pdns-recursor packagesare available to correct this issue.For the stable distribution (bookworm), this problem has been fixed inversion 4.8.7-1.We recommend that you upgrade your pdns-recursor packages.For the detailed security status of pdns-recursor please refer toits security tracker page at:https://security-tracker.debian.org/tracker/pdns-recursorFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmX7NHgACgkQEMKTtsN8TjYmWA/9Giw5BeLyYAgiOstBqROGI0vIGwEIC+0/mQxKLlQ690kcEOcJ6qczMN9lRIspdi5xsLyXJzWNU3TMVNS9v9V+hlg14W3U11Roi9DmkL3haBTCKozFElAqsNTBpYyEVjweac5L72BdFGqVhcpwIz9huj+C+YtHqHzsCpGFaVAZaLjwkBsairmSryFOV4L3wpXtQLWxGEjpY844PSBWQNm5ptRsyJ80jpYSe/0E86QyDafb/keRad8JX1zqi/eF4rGySXXCnnh34dpxoP94RI5+UPF/dcgQBBP60dqUcw3P8QWG7VsEzqL4J6lgRnu5OlanQTVp4JzVtarx+6LAX3VWIR/DD2yTf9W3zcHo+FgphaHnPJbPGDKXpE9HeypWuG/3lc94rIWBh8c6iiE7luOBNOovHJHEZXny91oJQjNqIkb3rc/pGn5IIHnaCankt2CHhVhM3md9S0UsmStu+wtMloR8P1JnbVYjhWEG/LyACIynmf7z6V+eaEcNXVtpuf/lDcP3Muf8Mpfp2HuSzoH4+EdvkrZIW85A2/3hJoFNu50vSAaU2CbkP1K4+WtpqKENkodCl4eyZSSg/CZmjd+PI3DJXLXeRbF9u5+5F3hGyKDFJptA2bUjS3STm6bBp9Yj/sCMdYB2a3NcOQwKu1kSqTpDwzfs6GJHq9nX9CV2YZg==xkb9-----END PGP SIGNATURE-----

Debian Security Advisory 5626-2

Debian Linux Security Advisory 5642-1 - Three security issues were discovered in php-svg-lib, a PHP library to read, parse and export to PDF SVG files, which could result in denial of service, restriction bypass or the execution of arbitrary code.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5642-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffMarch 20, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : php-dompdf-svg-libCVE ID         : CVE-2023-50251 CVE-2023-50252 CVE-2024-25117Three security issues were discovered in php-svg-lib, a PHP library toread, parse and export to PDF SVG files, which could result in denialof service, restriction bypass or the execution of arbitrary code.For the stable distribution (bookworm), these problems have been fixed inversion 0.5.0-3+deb12u1.We recommend that you upgrade your php-dompdf-svg-lib packages.For the detailed security status of php-dompdf-svg-lib please refer toits security tracker page at:https://security-tracker.debian.org/tracker/php-dompdf-svg-libFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmX7NGEACgkQEMKTtsN8TjYo5w/+Pg6R1qOP4p3GoBWg9kiHwZBLx/tkHW2FCGaKd4sDPboHvT73kzX3LEPn5R+hBOGW07jB9VKn5icPte+UH/pTyl+5CKHG/4r8U8wNru83/mHqOmjsyneVBSMy1wX8RLVYQ0vtm2AEF6a97bYydQC206YMnmoiaw90CWNib8k88Uvj3+OL+j8TcL7X1F88/QU/dzHejJ3Qrto9ImOBYryemKIIt/BgRNJ9Dl1yaEgSs8CiYEMDmJ0Wg10mpbH9MUIqmbGlrnJsfILMe0x9x9aut1QXxzFpyY9cEWgnM3khyZsdg2NAuak+VXoL2OIFZKtgqZh8/1SvTMTzr3ayDB3zAACtZGa+ZCXA0FXeEekY9IOmEoIICRX70QOil9/F4RCPv45yaWSRBuG5nJcGogEfdpVEYURWDqs483PzVaQSE/rXCg4+xfaKG3f291h2rp9+tIj4Vrlbu6YDu7hYQARaa1b/SD3aM6iqfxO6c5c0gHgKJmZOjRg6N1ClxsSI+RhDJrw9N9YTZyzyunAV04gpdZVpOdqKH/YWI1NqB/VlpCvsOF0Hd7hh2T7Ri0yUR65f1zZIs3UfdJ3MiNMgnJdi05ZnOIvNWxN9ZzgAOSlyjIl6qRtRDikcUewubpBPzDuaLYPepVr60QIPHap7XNCohdRP0no5ows2pXgMzl3YCQU==OY4q-----END PGP SIGNATURE-----

Debian Security Advisory 5642-1

Debian Linux Security Advisory 5641-1 - It was discovered that fontforge, a font editor, is prone to shell command injection vulnerabilities when processing specially crafted files.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5641-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoMarch 19, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : fontforgeCVE ID         : CVE-2024-25081 CVE-2024-25082Debian Bug     : 1064967It was discovered that fontforge, a font editor, is prone to shell commandinjection vulnerabilities when processing specially crafted files.For the oldstable distribution (bullseye), these problems have been fixedin version 1:20201107~dfsg-4+deb11u1.For the stable distribution (bookworm), these problems have been fixed inversion 1:20230101~dfsg-1.1~deb12u1.We recommend that you upgrade your fontforge packages.For the detailed security status of fontforge please refer toits security tracker page at:https://security-tracker.debian.org/tracker/fontforgeFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmX5+otfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0QM6w/+I599jlPtxJcdadbT6efjRaGYhhj3ICkPG+l3Y+h7hcPAW8VbfdxR3ztPjYbqf1a6R1cb67NAunRLIkouA7uf1o5zix6bGmcLSmuwiqfoqGQOrQXKMZE6fvovYjzWVbQ+W9P+b3fywip7VI+pjC+coliYO/Y+6E0Ylg3GmVq5p/W9SGjefSNI8SKvQmZaUaVnEBVrX+riQ4AncOTKrIrV19mmbwKzZ5FgYLQVvhNrWimNO04RbNi/t+Dcr7rITXc4+e3guBlKjEuOaTdvWtMpwXxxAUU+Tqvgya8OQc10dHHKIIPbvJ1rhi2qk/+vdy6rbde7hwMqgBNUOFoJsIrn5+1bu7BPwU7IDp5C0ibZ/jtisc3JjtxHj5yz61n/d8+/+usRjKcAos/MKZa988KSNXUyqIv0NQ4Xk5l3AxDdBArDtxfMGKLuzYWMsVD7tlFuu7UcuyI7YY1FJcTDygoDb/CunXBq7yjMh9DEPQEMkWu6gFdge1gXWw20s0dko9Ypwtoe3BZ5ucbcyHjcfyAzlk+m2LIVO7TQJ5NvRuNuuE/kr+SDWbx4PIjidr5VslvGp2Nx784163P8fduUTxfSNLktsGdqPZmJI6R4FslQjd9oIgTd+/f1VU6tRTu8OcCqREfkwRVhtYrsTjwVvZ4x1OqAnKoxAGMCCCC7jzdk0JM==0dXN-----END PGP SIGNATURE-----

Debian Security Advisory 5641-1

By Waqas
Another day, another malware threat emerges in a country already at war.
This is a post from HackRead.com Read the original post: New AcidRain Linux Malware Variant “AcidPour” Found Targeting Ukraine

SentinelLabs researchers have discovered “AcidPour,” a variant of the AcidRain Linux malware targeting Linux systems in Ukraine. This new strain expands on its predecessor and poses a risk to users.

Researchers at SentinelLabs have uncovered a new variant of the Acid Rain malware, dubbed “Acid Pour,” which has emerged in Ukraine. The discovery was made over the weekend, with J. A. Guerrero-Saade, AVP of SentinelLabs, sharing insights via X (formally Twitter).

The original AcidRain malware surfaced in March 2022, notably used during the ‘Viasat hack,’ which disrupted KA-SAT Surfbeam2 modems at the onset of the Russian invasion of Ukraine.

> It's been an interesting weekend! Eagle-eyed @TomHegel spotted what appears to be a new variant of AcidRain. Notably this sample was compiled for Linux x86 devices, we are calling it 'AcidPour'. Those of you that analyzed AcidRain will recognize some of the strings. Analysis 🧵 pic.twitter.com/wY3PJKaOwK
> 
> — J. A. Guerrero-Saade (@juanandres\_gs) March 18, 2024

TomHegel, Principal Threat Researcher at SentinelLabs, identified the new variant, compiled specifically for Linux x86 devices. While AcidPour shares similarities with AcidRain in certain strings, it separates significantly in its codebase, compiled for x86 architecture rather than MIPS.

It is worth noting that popular Linux distros for x86 devices include Ubuntu, Mint, Fedora, and Debian. On the other hand, MIPS (Microprocessor without Interlocked Pipelined Stages) is a type of instruction set architecture (ISA), which essentially defines the language a processor understands and uses to execute instructions. Similar to x86, it’s a set of rules and specifications for how a processor operates.

AcidRain operated as a generic wiper, targeting common directories and device paths on embedded Linux distros. AcidPour, however, introduces new elements, referencing Unsorted Block Images (UBI) and virtual block devices associated with Logical Volume Manager (LVM), suggesting a potential expansion of targets beyond previous iterations.

Despite the similarities, there are notable differences, including a distinct wiping logic for devices like LVMs, indicating a potentially evolved strategy by threat actors. The good news is that SentinelLabs has raised awareness of AcidPour among stakeholders in Ukraine, although the specific targets and scope of the operation remain unclear.

The discovery goes on to show how fast malware threats are evolving, with attackers adapting their tactics to exploit vulnerabilities in various systems. From the perspective of an unsuspecting user or an organization in the business, both must keep an eye on cybersecurity threats like AcidRain and AcidPour.

Begin by prioritizing training for yourself and your employees, as phishing attacks act as a primary gateway for malware infection. Consider leveraging AI-powered chatbots such as ChatGPT or Gemini AI to compile a concise yet essential guide outlining preventive measures against phishing, malware, ransomware, and data breaches.

1.  Someone DDoSed Ukraine’s national postal service for 48 hours
2.  DDoS Attack and Data Wiper Malware hit Computers in Ukraine
3.  Hackers Using Old WinRAR Flaw in New Cyberattack on Ukraine
4.  ‘Destructive malware’ fakes ransomware to target Ukrainian orgs
5.  Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

New AcidRain Linux Malware Variant “AcidPour” Found Targeting Ukraine

Debian Linux Security Advisory 5632-1 - It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should have.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5632-1                   security@debian.orghttps://www.debian.org/security/                       Sebastien DelafondFebruary 26, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : composerCVE ID         : CVE-2024-24821Debian Bug     : 1063603It was discovered that composer, a dependency manager for the PHPlanguage, processed files in the local working directory. This couldlead to local privilege escalation or malicious code execution. Due toa technical issue this email was not sent on 2024-02-26 like it shouldhave.For the oldstable distribution (bullseye), this problem has been fixedin version 2.0.9-2+deb11u2.For the stable distribution (bookworm), this problem has been fixed inversion 2.5.5-1+deb12u1.We recommend that you upgrade your composer packages.For the detailed security status of composer please refer toits security tracker page at:https://security-tracker.debian.org/tracker/composerFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAmX0DyUACgkQEL6Jg/PVnWSBoggAmRdaBN8p7agJH0S2fvEJWuF+gFAAY4112EeOzbHwk/Bm6EuTY9VcGTtjHlW8X3t/H1+NW5xejcm1gEaXIE2HHIc1KTaG3ui/kKC2T3ybx0cmnqYWu/TJWmw+nbaneBK74PkXukzFvjuYaOy7a6EgnpNcMhc0b2tc/IqIUOYiePKbg4lio8u6q5rP5uFIJydeqI0IXja6H4N0ub/zOAn6I6C3ToKMa0WnfllmrMaj/JnBbgam3VrT06n63NoW6xZepdMDP3QofOVWWP5HshF/0CH1BGEcKS6AtAaIgARalFMgbP6SU8NDsgNFQ3UCiuR+sTjZc2YA0muIpmBGSPVyAw===y4my-----END PGP SIGNATURE-----

Debian Security Advisory 5632-1

Debian Linux Security Advisory 5640-1 - Two vulnerabilities were discovered in Open vSwitch, a software-based Ethernet virtual switch, which could result in a bypass of OpenFlow rules or denial of service.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5640-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffMarch 14, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : openvswitchCVE ID         : CVE-2023-3966 CVE-2023-5366 Debian Bug     : 1063492Two vulnerabilities were discovered in Open vSwitch, a software-basedEthernet virtual switch, which could result in a bypass of OpenFlowrules or denial of service.For the oldstable distribution (bullseye), these problems have been fixedin version 2.15.0+ds1-2+deb11u5. This update also adresses a memory leaktracked as CVE-2024-22563.For the stable distribution (bookworm), these problems have been fixed inversion 3.1.0-2+deb12u1.We recommend that you upgrade your openvswitch packages.For the detailed security status of openvswitch please refer toits security tracker page at:https://security-tracker.debian.org/tracker/openvswitchFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXy+NgACgkQEMKTtsN8TjasEQ//V4q2/qeHlZk+Sr/73jLvDOA7u6O+FxGGi+LHBiYIoUlD+E2jEq/pAzaK/hlpHCKO1g5bkf7/TcA9TaMyxo498LmT6/TX6SNB+lxOcJQlS8KyT/JtNQt31nk4LND1IU/WFliMdNQoqwYgZVp6innCmb2hTYcxTKeGeQndnaTRIGo/FShxgCBZHwOJKB39eg0hQCDgx1DzfkA0e9u/I7Vq4MKEitV5u1H+Uf9embZaUsfwJCSaeshuxmp4U20r2V9hxXVYrhAeFWYGiDEY+Di4O9fDOVLw2An19ncQjDquLfRYqdys8AMxzi3+Vm0VasMAmZlEhdjcSjtotMI3tjgLcWGOz8BGdBUTAKK0FMtzPHLMhjfJ/cpC6jxZ19ZJcD3OUDIA6nf4CZjW4BOCImukqm9EUJtcQFZAGONdkelNYiz6V5R6IpbAVtLPVkx5yyWWEPXau6eZKhKO0aMcBiAGUYs2LI0rmrmPBdTtQcZJmTx7U+jZiPO6Dx0YP5DMwY23Z8GWPZeDX/2C8HBPqAMKfsWzIOEcXJ0HlAnVyJnC7XGBb+q4W+RFDWhcXYbi40SyyHrDqYBg/ne7WxEnmzfMk3F9cqRCn+owV2lbYxYRKIDZngyg2JK3sdjMUfnFE+5D8QRvxQQMYM9H8q3iBzR1KVEi6cpUUoTZCz6qI5rcH6E==ZEHS-----END PGP SIGNATURE-----

Debian Security Advisory 5640-1

Debian Linux Security Advisory 5639-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5639-1                   security@debian.orghttps://www.debian.org/security/                           Andres SalomonMarch 13, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2024-2400Security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bookworm), this problem has been fixed inversion 122.0.6261.128-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmXx7LIACgkQZF0CR8NudjcWZA/9E8Fv7qz1xdAfgt/f8Iueu24Ct3n2/0yIvZ7GZCEHhyeU7jPaieh3LKL2HIvafH9UWOlU643jHefoX4xQVos3uc8VuXjBAfX0AJrRl0N0JR4am7EpbKJ/WkQjSqpklh9QFbm+0g5iKbhWVA3KI+IZ8wkx/g4QUxYpmF2Pou6xZWIr3RkWX0T2x/Bb4nG9CrVOwQg5BltP6jPln269sU/5Olr6VL3S4KN+1CdBySmXrrhKVsxpbi7qLa9d+czGAjYhAp/2YGCEz67Ib55n/1mhaCL7fqU2cZHBdwqYjTBJqOnsGVJSm8Q7hbJ2i7SaETJkk9oVYIN8XUw2xzdONGS44Xd/rhUesJzsfduYNSD+Yhq+AhqKmxGILshMC+Vz6elNGgG7mKaUwj7/6FtN6VmP0jiVbHMLRpH1ROvph2uENUQYPE/slfkYluNhPTU4BefBnGghyfj6E9HBV3AjWTR/EmsrMUF9+kbs6AEwVlAiVArJorQ63kbRQ5KXFdvJnQ22XDztR+zWwfS5QhQAyEmpdhO/UoFfVyhWnzbfolEUkEmv/MlTFndCoiYWErmqpXLui7Iq66rEgjLJHv2V8s6jJvsT6a75XdjRCaZkCKab/f/pCI6xLZtn2JhL6LkGeY2qpmZOsEwieBbVvsix6ysmmmXIinEmE7Ckf66ENs7TKZw==RmDM-----END PGP SIGNATURE-----

Debian Security Advisory 5639-1

Debian Linux Security Advisory 5638-1 - It was discovered that the uv_getaddrinfo() function in libuv, an asynchronous event notification library, incorrectly truncated certain hostnames, which may result in bypass of security measures on internal APIs or SSRF attacks.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5638-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoMarch 10, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : libuv1CVE ID         : CVE-2024-24806Debian Bug     : 1063484It was discovered that the uv_getaddrinfo() function in libuv, anasynchronous event notification library, incorrectly truncated certainhostnames, which may result in bypass of security measures on internalAPIs or SSRF attacks.For the oldstable distribution (bullseye), this problem has been fixedin version 1.40.0-2+deb11u1.For the stable distribution (bookworm), this problem has been fixed inversion 1.44.2-1+deb12u1.We recommend that you upgrade your libuv1 packages.For the detailed security status of libuv1 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/libuv1Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmXtrrFfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0TOBw//UDY7qqzhavYjzvVxQ6ka9PGfBLJcRXhMjpwH5JxR6T0KOqCQkasoXCxmNTSzczr0zrtU4Hdtv6tb/E5QfemTpdEfMOtuuKxhQ3jrQNjnqtfDD5ouomrckxMcPtB3SsJ0e1BV97ORDEqrym39VQTIaVgxdZwXU5/mcqaboZx8uxv8XjaDURhAU1eYz5PDno6bTg/zL7bSSugTnxSPHwokv4FICxaG8rR6y6drbI7hndsx+LL+sXs426O8xDzro+deanl3i9kdXxQujhTxJA+7vUTeaCl8rLFs7kOyNxDbCVADYc+Cc0h8Z0xnv/xNDYkIMprGcUx2QgW9mwfDgKGxDVtltPwb6oIBsKzrYBF/gVUqM5aym3VquS8n+lL7+uA0ZHKMxeQRrCtHCIoDUAhjVarQPqbxIX92tftSIRHU7e8Qfmyo7PdbPs9UC4zUUwIwQ6UtRR8OWIKE8IFa+BRxL2/3KCDjDvpK60VUfanRqdF7zcvifFQMw9mqJ/s/IIY6Unhvk9/6QSKrNiaLnFBOVBZ4E4A5OU6W1KAKvixlH8bmv0XCgrlDr2fx/7+Xn8wNA86qPAd9/t6DAVzyjdlis+P6LYzAfrAguWQQS0xkDW+5OQqV3wyKvK1m9PRJK4vfmiX5kw+VclGbJM4ToaKOLbSlns/QNhHuRw2RDem0/+s==ai3N-----END PGP SIGNATURE-----

Debian Security Advisory 5638-1

Debian Linux Security Advisory 5637-1 - Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5637-1                   security@debian.org  
https://www.debian.org/security/                          Markus Koschany  
March 08, 2024                        https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : squid  
CVE ID         : CVE-2023-46724 CVE-2023-46846 CVE-2023-46847 CVE-2023-49285  
                 CVE-2023-49286 CVE-2023-50269 CVE-2024-23638 CVE-2024-25617  
                 CVE-2023-46848 CVE-2024-25111  
Debian Bug     : 1055252 1054537 1055250 1055251 1058721

Several security vulnerabilities have been discovered in Squid, a full featured  
web proxy cache. Due to programming errors in Squid's HTTP request parsing,  
remote attackers may be able to execute a denial of service attack by sending  
large X-Forwarded-For header or trigger a stack buffer overflow while  
performing HTTP Digest authentication. Other issues facilitate request  
smuggling past a firewall or a denial of service against Squid's Helper process  
management.

In regard to CVE-2023-46728: Please note that support for the Gopher protocol  
has simply been removed in future Squid versions. There are no plans by the  
upstream developers of Squid to fix this issue. We recommend to reject all  
Gopher URL requests instead.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 4.13-10+deb11u3.

For the stable distribution (bookworm), these problems have been fixed in  
version 5.7-2+deb12u1.

We recommend that you upgrade your squid packages.

For the detailed security status of squid please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/squid

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmXrHBNfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD  
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7  
UeSFng/+JAY5jG6Z/fVFf2M9SsqFhQm8mGT1CgOx39dYirUkdpcFOyADqWopwv+q  
tci90QFuhnreW1DmO1GYRlZro+37iRjiryRKxETpUB1AnpPWs6RnyAA+mrqssDqg  
PxxFkqpJFtpMhZU3VkDDbTkkvK2T0Hwjdn8TND6qA+B56exwW2DEZlm5aqCPiWRf  
pdzPZTOZJEV2fT4UPWduiIN1l94VsLktfZY5Ox0/HmrdkAWJJFXQhj3wZPcbFLbB  
leQ7Nkq6mpuw98UxOSa7hsE0crPm6ctrf7AYMx+qojtWJFcbFE+mUqzcf0aFYp0L  
EfTSVAOVEXvbFytlX/oSWYE5GrZtTrnwProiXFJT7WvDYN2Mbqxgp/jB3jZygmrZ  
rknvF84haHX16ZMXRlBDOlx1E3XSCB+/xRynwbGQe8RPzSRlOKuiFqn+qr3qCtOd  
5Ua2+ZJXDpEP4aUseFb94FwJRfs9onBS+EYPt2xwcxcBGUiMJ/lY9Fj9p5MjQ1bZ  
nCXuRNo2ao6qumLSraK2qPle7AucbuOtiMDsMFi6rGu3H0RVlk7oWGFO4rMRAcvX  
IBYU2bWBIyi7J4IvJd+07QfNgofPvcld9XN7/LDgizmMZpCorpPq39Ta24y7U3e5  
Zv+ye/kOYKuD0ij7M7jkT2hgxq6kKdlSEZbZ/wrlkSILrcjgwqw=  
=qmZY  
-----END PGP SIGNATURE-----

Debian Security Advisory 5637-1

Debian Linux Security Advisory 5636-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5636-1                   security@debian.orghttps://www.debian.org/security/                           Andres SalomonMarch 06, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2024-2173 CVE-2024-2174 CVE-2024-2176Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bookworm), these problems have been fixed inversion 122.0.6261.111-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmXosMMACgkQZF0CR8NudjfyYw//StyDoWGq13uuZo2KfRhbd4IcesNC1Tz/hqlLbf6+BaKQ0it/oBteCcEUmwueWjpqqsxz/hfmhvTxsK+YQEAeSaV7jgVXbEz/eXqdH6VcsY2W2Ec8FiWqDgOX9wDMBUgXnHIQMvxsyEpWZ+gs7wTnfEzXGAVFVUZO+mE6dj/GRJegqTZMJ87+xivC7z+MHcmi8uoCA3jQ2LjHIot5hcVrC5RcaVnvO5W6AY/gMpcRhwPIjHk0DscVuWwv3K/+Av1eYqRpu9udr/UMxr6pLcMNEzV3a+X5WQNZQVr8wOeK/Db4J/F8xR3L+bGADb+rCI1ldwrKM3R8BQ5XU+m7vQuoEGWfS0TRirD/m/akHL9lc6a2cq4cPVCrHWTFVM0XlbKGOAIZq0l47XB2Ytg8zD3tpIAdxJfNCketuZeQ0VBYOLvBPAq975ZGYjTI4ZHgyvreBlKvFr25WSaW5+V6afyD/NjcF9CjpxqtBrlLaMLl7WdOIG4hbI7YpgnPEqzS16TphBfRb5VVmxJmrIqLgzmoBti798v0TjHa4fsRKOTgDlSPACoPu9As6fHepXNoAvs463rIj6xJ5K75Mh3mpt/tLiD9R8YPNNaplKTJGBYIsb2Zr1fAP+RJ9UzWB0jsGyh7i7uBB/gec0oropQb/5NE+cGdydNdLO+61FGXtrdm3FY==OuuM-----END PGP SIGNATURE-----

Tag

#debian