Forum: >>> Magnum BBS <<<

[SECURITY] [DSA 4756-1] lilypond security update

From Moritz Muehlenhoff@21:1/5 to All on Sat Aug 29 19:50:02 2020

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------- Debian Security Advisory DSA-4756-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 29, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : lilypond
CVE ID : CVE-2020-17353

Faidon Liambotis discovered that Lilypond, a program for typesetting
sheet music, did not restrict the inclusion of Postscript and SVG
commands when operating in safe mode, which could result in the
execution of arbitrary code when rendering a typesheet file with
embedded Postscript code.

For the stable distribution (buster), this problem has been fixed in
version 2.19.81+really-2.18.2-13+deb10u1.

We recommend that you upgrade your lilypond packages.

For the detailed security status of lilypond please refer to
its security tracker page at: https://security-tracker.debian.org/tracker/lilypond

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl9KkNAACgkQEMKTtsN8 TjZpuQ//Xh9/Lsc/+M8vfyad+dqE4xo+fC2DGbY+AOsHExOcRfb8GJiBWSZxYger /gm/04GDAhwmNIpFEImC+rFHFfRpSemwLtWaie6dfngtjgRMehS2j2FSasQ4gUF9 ldfGbjV9Cow55801nXeOaG0RZZCkrdOopqVRjxxzOFNESW/J9GFZLNaV6IOrK5JO 5dzZKr2+9CZwx0kXlsqU7LZ2beyj/JgXKzP2vulwxnqrDRz6CU3sG3Jg0dFQbZym DIpcgYdUf1PgpRSnNyQEyePuwr+PgGRdgZIvnUPMNJ+cVi4M2qW6rcBLtQsHwkoq kTVtNmiqNXEStv4tKovLVVIgVOA4D5Shg5uBTkRe5NPz+pWlCHplBsJa5SvCLrf4 AFMg9KRlVElmZsK7+T6v0Y9QIayec8D+F5nkgz2D1e7JM+WbIjv0xaz3Uc754cHf GLUqPldf0SzWoJ1QEtlfr5O+4Pp6TIx0iS0FJC8zRdbhi+ZAwAD0Ba7qCl1jeHDi MOIgY/MqQExUwhz5aEJU8/rTRey6FhXq8ekmKzk/aPKyZo4d9lyJxLS8Byrh+MQo /YIp7aVWjpXGYjFRENk1hn7gZ3eha60vDaqA2heFMYa6UAGJ4B4Gf/FWr9frIrJ/ De0GqQoBoEKSuMkCaJZ/ABZwRcilCzpuvbcc7aU/rKladPpH3XA=
=cgrt
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online
Recent Visitors
- Gwylbert
  Fri Jan 3 05:27:04 2025
  from Sydney, Nsw via Telnet
- Keyop
  Thu Jan 2 23:23:31 2025
  from Huddersfield, West Yorkshire via SSH
- Guest
  Thu Jan 2 22:34:20 2025
  from /bin/busybox Cat /proc/self/ex via Raw
- Keyop
  Thu Jan 2 21:35:52 2025
  from Huddersfield, West Yorkshire via SSH
- Bob Worm
  Thu Jan 2 21:33:29 2025
  from Wales, Uk via Telnet
- Guest
  Thu Jan 2 21:03:01 2025
  from /bin/busybox Cat /proc/self/ex via Raw
- Ginger1
  Thu Jan 2 20:36:28 2025
  from London via SSH
- Ginger1
  Thu Jan 2 20:24:14 2025
  from London via SSH

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	388
Nodes:	16 (3 / 13)
Uptime:	12:34:53
Calls:	8,222
Calls today:	1
Files:	13,122
Messages:	5,872,819

[SECURITY] [DSA 4756-1] lilypond security update

Who's Online

Recent Visitors

System Info