• [SECURITY] [DSA 5100-1] nbd security update

    From Moritz Muehlenhoff@21:1/5 to All on Sat Mar 12 17:10:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5100-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    March 12, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : nbd
    CVE ID : CVE-2022-26495 CVE-2022-26496
    Debian Bug : 1003863 1006915

    Two vulnerabilities were discovered in the server for the Network Block
    Device (NBD), which could result in the execution of arbitrary code.

    For the oldstable distribution (buster), these problems have been fixed
    in version 1:3.19-3+deb10u1.

    For the stable distribution (bullseye), these problems have been fixed in version 1:3.21-1+deb11u1.

    We recommend that you upgrade your nbd packages.

    For the detailed security status of nbd please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/nbd

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIsw1YACgkQEMKTtsN8 TjY8EQ//doPYe1GfwDQToibTBSS29D4T2nMX9NXLRgDEC6Vpg2NjlWqcL+B7os3c wGPfIrZXjGN+CqwQdFNAWoSd1IyNIS5KrR4vK50PvQhpefa6ZVv4D2yiG/J0tIK2 T77Hp4CuGrjK2Ej5dGh4TnbLPVhGT2KV6kG1wnqfHe+M+gIVAe4sRm3OSArDGAfu 1wCPS8k+UbqPiRU4fHE1bxW6E9SoePCDUYGS8rbOImsRaEq5ZfDMRLBeDEBm8X7B c3OaZDpYgLA4CdYjqz/WmlIE5pzKIfbJhnzA6EhAYxlP4r+L2gzEWXFkMNyJKmMd aoYTD6RjKYhcGSysq4VsPAEVCo6n3/7ivAlv/b1YuH5RfTXPXuDSlKJwjXMtjPS7 V1U0G3ufP9wOgLY4JFIInNBAmCRcxza8P6sqzCiQznnKwB85nZRXAtz3Jd5R9pb+ 0suLb+Qb/LyferCQEy/tl98A9qqJeyyNXidsQb7XNK2o7K1uMRq3TnI4AFIaBQSM oEJnFXTfyiLPfqNTjImIz9R6/yX66HyJ/Z7dSRINj9UhKufe0rR0+VzIMTg9zDi8 UmKfjgX7UYOKhxmgvGLKN0iUt56A6QAVNWAkdB7rkHyRVaQLsNJz5jaZx6peEgY4 9C6XSg42QgmW25hrVCZbwUzwJ13cb/vNxoDBbeHU6lctJUELPqk=
    =Z+vM
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)