1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5099-1] tryton-proteus security update

    From Moritz Muehlenhoff@21:1/5 to All on Thu Mar 10 21:30:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5099-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    March 10, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : tryton-proteus
    CVE ID : CVE-2022-26661 CVE-2022-26662

    Jeremy Mousset discovered two XML parsing vulnerabilities in the Tryton application platform, which may result in information disclosure or
    denial of service.

    For the oldstable distribution (buster), these problems have been fixed
    in version 5.0.1-3+deb10u1.

    For the stable distribution (bullseye), these problems have been fixed in version 5.0.8-1+deb11u1.

    We recommend that you upgrade your tryton-proteus packages.

    For the detailed security status of tryton-proteus please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/tryton-proteus

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIqWP4ACgkQEMKTtsN8 TjZWVhAAqtHZf3SUHzH5EYObhB3HsoL57nWto+++EtdnaWcxGGkTAEQDcezCiK3g lJ9AeE+mN2KFJ0KmT/vMrm8ksc9tbYeboPZCVQS7daPUaA6iIEFF7/kQmBxjezU8 1iBUKyr51tMS9ZUev1LTxma5Wb9o3dPcKPXWGGXhoa4rdziRCKSRXT0FFMy9uing +Y+ZyuYRu8sSqvLA7g+/VLqMGu6c1xu/xIyypltXXn2eHSlbocc3uUPFX7w5PZv8 pzRGsr4bJhXZIfuLRhfUII056eQYQatq2dHqSrjAFvQ769zuCxXGqAVMUrP5uJe3 H+sk/bcRtzIYxLVVRK010F4ggG7bl6nnyrel8NZQF5pkjwtZxZhw9iF+zXgJ93d1 SWOU6rrsRfmUMvrIZ8Hxq2dI4j8OGXCQZa38GSShY0NmNVk+U+YNH76GioEeV+Wn sNUHH43scqTAx6bDqX+5EhUN3BlOvP/npc28j/92oqmsKGN/6e/2Ny3KXiq0uGmQ FZ4SUWSGWmaRJC4H3X5IstAU2kXwIqvzK54lIhYD1wonPYdAxlWgfKRhGbPGbm2c OinTNb9yJFM+IgH/UiUxWraYd4bgzhUvhRp3MH+CtTVSLvbusd5Yf62n2DIf6+tl LZN/wL3h+Ro83F+8l+4LIvI+c2S3PDtvDaja2pWLTTvwckMP2ds=
    =BVRd
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)