• [SECURITY] [DSA 5169-1] openssl security update

    From Moritz Muehlenhoff@21:1/5 to All on Sun Jun 26 20:30:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5169-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    June 26, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : openssl
    CVE ID : CVE-2022-2068

    It was discovered that the c_rehash script included in OpenSSL did not
    sanitise shell meta characters which could result in the execution of
    arbitrary commands.

    For the oldstable distribution (buster), this problem has been fixed
    in version 1.1.1n-0+deb10u3.

    For the stable distribution (bullseye), this problem has been fixed in
    version 1.1.1n-0+deb11u3.

    We recommend that you upgrade your openssl packages.

    For the detailed security status of openssl please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/openssl

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmK4pF0ACgkQEMKTtsN8 TjYP5g//SyfB1W/vUNmgeSp2kKu3vt9CPwoXMK8nhTcA7iYhkxIJTFxAWDpn+4S7 W4kYyxMRFSIHKv4FLiLgi/Vzn4g1kB1UvKv05CFhEJqpWMyyRj6FdmebLlkLG0eE IGsZoQl9be+lRJ+E4oMMkrRkbJV5II7s69vdxFDh4893Ndx05GWWvXT5Doc5gFMi NoNabBH47GFU6aGDwVJU+xooBT6s4QMOrgVKYbxhM5PO98HQzk0zv0Z6YRx7FzKD hYMN/t6A8qj4zMQqJqM+44q9zpDryyolGLewvgOit1HFFnLlBf4wsdBvE7AGhvGs Lam5OXLhlwlQT6gBNd4XFAShdEZGLVF2DCgKzMh5cG5r2W10ewfHHyOR4CnkMQQP ePA8YvhVwSH3I5jOTS75A18LXpoRJKRXQuQ7v9di2C8qRZ0qnM95h0KzH9/UKyUc TmF09MTKWoFCkCtyzucdPnoyUPhdScJc08jcGJ37MCb8uKI4F5jVImLnHC6qS6Oc Gab3OPIDzS8I1rro0J1k8RJE1E8XvfCxgVAOoebn0mst8qT+38hqsTFykG+uq3dN sfhwI+E8iOeVOapyDVzxz8DfIkyBdnFsM4cg9VxDPOOllN+BknySqvzxu+aYpMFz K/D6g421XIIXPXD+sP/w1ENPV7LFobRR7KXUWvjS5l/Ir8dhPdQ=
    =tiWq
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)