diff options
| author | Carsten Schoenert <c.schoenert@t-online.de> | 2020-12-07 19:23:01 +0100 |
|---|---|---|
| committer | Carsten Schoenert <c.schoenert@t-online.de> | 2020-12-07 19:23:01 +0100 |
| commit | ddcf938f5db5b77d23319c8636e559014937e7d3 (patch) | |
| tree | f7d51b0a5a922cff5b7ed92cc0e61d04bc478df5 /english | |
| parent | 8367893a36a2e89c533a302fc65d9b0150ed63f3 (diff) | |
| parent | d1d26e022f264d93d9f34532b24cd2d5a9a14ade (diff) | |
Merge branch 'master' into new-homepage
Diffstat (limited to 'english')
277 files changed, 5919 insertions, 1085 deletions
diff --git a/english/CD/Makefile b/english/CD/Makefile index d8b7c7f0b04..4948227ee25 100644 --- a/english/CD/Makefile +++ b/english/CD/Makefile @@ -3,7 +3,7 @@ WMLBASE=.. CUR_DIR=CD -SUBS=artwork faq http-ftp jigdo-cd torrent-cd mirroring netinst live releases vendors +SUBS=artwork faq http-ftp jigdo-cd torrent-cd mirroring netinst live vendors GETTEXTFILES += cdimage.mo @@ -23,13 +23,7 @@ endif %.$(LANGUAGE).html: %.wml $(EXTRAWMLDEP) | $(VCSREVCACHE) $(WML) $(<F) -ifneq "$(sort $(wildcard releases/index.wml))" "" -RELEASESDEP := releases/index.wml -else -RELEASESDEP := $(ENGLISHDIR)/CD/releases/index.wml -endif - -index.$(LANGUAGE).html: index.wml $(TEMPLDIR)/cdimage.wml $(TEMPLDIR)/release_info.wml $(RELEASESDEP) $(GETTEXTDEP) +index.$(LANGUAGE).html: index.wml $(TEMPLDIR)/cdimage.wml $(TEMPLDIR)/release_info.wml $(GETTEXTDEP) $(WML) $(<F) -I $(ENGLISHDIR)/CD/ misc.$(LANGUAGE).html: misc.wml $(TEMPLDIR)/cdimage.wml $(GETTEXTDEP) diff --git a/english/CD/index.wml b/english/CD/index.wml index 9fbcecb7b43..399c1292a67 100644 --- a/english/CD/index.wml +++ b/english/CD/index.wml @@ -60,11 +60,6 @@ href="artwork/">artwork for covers of Debian discs</a>.</p> <br><small>(Snapshots of the "testing" distribution are created weekly.)</small></div> -# <release-notes> is used in releases/index.wml, sets variables -{#releases#: -#include "releases/index.wml" -:##} - <p>Information about known installation issues can be found on the <a href="$(HOME)/releases/stable/debian-installer/">installation information</a> page.<br> diff --git a/english/CD/misc.wml b/english/CD/misc.wml index 4e13592b13f..6a999239d01 100644 --- a/english/CD/misc.wml +++ b/english/CD/misc.wml @@ -12,6 +12,4 @@ bar at the top of each page:</p> <li><a href="mirroring/rsync-mirrors">List of rsync mirrors for Debian CD images</a></li> - <li><a href="releases/">Release information about CD images</a></li> - </ul> diff --git a/english/CD/releases/Makefile b/english/CD/releases/Makefile deleted file mode 100644 index 7035a0a2ce8..00000000000 --- a/english/CD/releases/Makefile +++ /dev/null @@ -1,17 +0,0 @@ -# If this makefile is not generic enough to support a translation, -# please contact debian-www. - -WMLBASE=../.. -CUR_DIR=CD/releases -SUBS= - -NOGENERICDEP := true - -include $(WMLBASE)/Make.lang - -# The "| $(VCSREVCACHE)" here is an order-only prerequisite - always -# check that the prerequisite exists and is up to date, but don't -# rebuild everything whenever it's updated - see -# https://www.gnu.org/software/make/manual/html_node/Prerequisite-Types.html -%.$(LANGUAGE).html: %.wml $(WMLRCDEP) $(GETTEXTDEP) $(TEMPLDIR)/cdimage.wml | $(VCSREVCACHE) - $(WML) $(<F) diff --git a/english/CD/releases/index.wml b/english/CD/releases/index.wml deleted file mode 100644 index 6a3c315ccb9..00000000000 --- a/english/CD/releases/index.wml +++ /dev/null @@ -1,309 +0,0 @@ -#use wml::debian::cdimage title="Release information about Debian CD images" BARETITLE=true - -<p>This page contains historic last-minute information regarding official -Debian CD images.</p> - -<p>Information on installation issues for releases after those listed below -is available from the <q>installation information</q> page for each release. -For the current stable release, this information can be found -<a href="$(HOME)/releases/stable/debian-installer/">here</a>.</p> - -<p> -<strong>The list below is no longer being maintained.</strong> -</p> - -<hrline /> - -<dl> -# ------------------------------------------------------------ - <release-notes title="Official Debian 4.0 rev2" version="4.0 rev2"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 4.0 rev1" version="4.0 rev1"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 4.0 rev0" version="4.0 rev0"> - - <p>If you install from CD-ROM or DVD and also choose to use a network - mirror during the installation, there is a possibility that after the - installation there will be lines referring to <q>sarge</q> instead - of <q>etch</q> in the file <tt>/etc/apt/sources.list</tt>.<br /> - This can only happen if the mirror you selected is not up-to-date - and still has sarge as the stable release. Users installing etch - from CD/DVD shortly after the release are recommended to check their - <tt>sources.list</tt> file after the installation and replace - <q>sarge</q> with <q>etch</q> if needed.</p> - - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.1 rev6a" version="3.1 rev6a"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.1 rev6" version="3.1 rev6"> - <p>A bug was discovered in the 3.1r6 installation CD/DVD images: - installations would fail immediately due to a missing <q>oldstable</q> - symbolic link. However, the update CD/DVD images work correctly.</p> - <p>This issue was resolved in the 3.1r6a images.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.1 rev5" version="3.1 rev5"> - - <p>During installations for the architectures i386, hppa, ia64 and - s390, the installer may select an incorrect kernel for your system.<br /> - You can work around this issue by booting the installer with the parameter - <tt>debconf/priority=medium</tt>. This will result in a full list of - available kernels being shown, from which you can manually select the flavor - that is appropriate for your system.</p> - - <p>Apologies for any inconvenience this may cause; we expect to fix - this issue for r6.</p> - - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.1 rev4" version="3.1 rev4"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.1 rev3" version="3.1 rev3"> - - <p>CD#1 contains extra files that should have been deleted, but - were missed when releasing 3.1r3. This causes two problems:</p> - - <ul> - <li>The kernel installed using these images will, in some cases, - not be the latest kernel on the CD, but rather the previous - version. Update the kernel specifically after installation and - all should be fine.</li> - - <li>As the extra files on CD#1 take up extra space, some of the - normal installation tasks will no longer fit there. If you want - to install all the tasks from CD only, you will need to use CD#2 - as well.</li> - </ul> - - <p>Apologies for any hassle this may cause; we expect to fix this - issue for r4. DVD images and network installs should not be - affected.</p> - - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.1 rev2" version="3.1 rev2"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.1 rev1" version="3.1 rev1"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.1 rev0a" version="3.1 rev0a"> - <p>The CD's README states that the CD is an unofficial beta. The - README is wrong, it <em>is</em> the official CD release. Sorry for - the confusion.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.1 rev0" version="3.1 rev0"> - <p>Installations from these images will - <a href="https://lists.debian.org/debian-devel-announce/2005/06/msg00003.html"> - install an incorrect line for security updates in - /etc/apt/sources.list</a>.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.0 rev6" version="3.0 rev6"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.0 rev5" version="3.0 rev5"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.0 rev4" version="3.0 rev4"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.0 rev3" version="3.0 rev3"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.0 rev2" version="3.0 rev2"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.0 rev1" version="3.0 rev1"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 3.0 rev0" version="3.0 rev0"> - <p>The CD's README states that the CD is an unofficial beta. The - README is wrong, it <em>is</em> the official CD release. Sorry for - the confusion.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 2.2 rev7" version="2.2 rev7"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 2.2 rev6" version="2.2 rev6"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <release-notes title="Official Debian 2.2 rev5" version="2.2 rev5"> - <p>No known problems.</p> - </release-notes> - -# ------------------------------------------------------------ - <dt><strong>Official Debian 2.2 rev4 and rev4.1</strong></dt> - <dd>\ - <p>The original 2.2rev4 CDs for the powerpc architecture - were not bootable. They were regenerated - the resulting - 2.2rev4.1 release does not differ from 2.2rev4 except on - powerpc.</p>\ - </dd> -# ------------------------------------------------------------ - <dt><strong>Official Debian 2.2 rev3</strong></dt> - <dd> - <p>Toshiba laptops are reported to have problems booting off the CDs - because their BIOS - <a href="https://lists.debian.org/debian-devel-0104/msg01326.html">cannot - handle</a> 2.88MB boot images. The easiest way to start installing - Debian on these machines is by running <tt>boot.bat</tt> from the - <tt>install/</tt> directory of the Binary-1 CD.</p> - - <p>Not all packages from section <q>contrib</q> are included on the CDs, - since they depend on non-free packages that are also not on the CDs.</p> - - <p>The problems with the <tt>gpm</tt> text-mode mouse driver have still - not been resolved. See in the <q>2.2 rev0</q> section below for more - info.</p> - - </dd> -# ------------------------------------------------------------ - - <dt><strong>Official Debian 2.2 rev2</strong></dt> - <dd> - <p>Not all packages from section <q>contrib</q> are included on - the CDs, since they depend on non-free packages that are - also not on the CDs.</p> - - <p>The problems with the <tt>gpm</tt> text-mode mouse - driver have still not been resolved. See in the <q>2.2 rev0</q> - section below for more info.</p> - </dd> -# ------------------------------------------------------------ - - <dt><strong>Official Debian 2.2 rev1</strong></dt> - <dd><p>No CD images were created for the 2.2 rev1 - release.</p></dd> -# ------------------------------------------------------------ - - <dt><strong>Official Debian 2.2 rev0</strong></dt> - <dd> - <p>Not all packages from section <q>contrib</q> are included on the CDs, - since they depend on non-free packages that are also not on the CDs.</p> - - <p><strong>i386</strong>: There are some issues with the <tt>gpm</tt> - text-mode mouse driver while running the X Window System. The easiest - solution is to remove the line - <tt>repeat_type=<em><something></em></tt> from - <tt>/etc/gpm.conf</tt>, running <q><tt>/etc/init.d/gpm restart</tt></q> - and then restart X. Other solutions are possible, ask the - <a href="mailto:gpm@packages.debian.org">gpm maintainer</a> to supply - more documentation.</p> - - <p><strong>i386</strong>: The previously available Binary-2 CD image had - a one-bit problem that prevented the package <q><tt>pdksh</tt></q> from being - installed. Repairing your own image is very easy with the - <a href="https://cdimage.debian.org/~costar/correct_cds/correct-i386-2.c">correct-i386-2.c</a> - program.</p> - - <p>Thanks to <a href="mailto:kteague@sprocket.dhis.net">Ken Teague</a> - we also have a precompiled - <a href="https://cdimage.debian.org/~costar/correct_cds/correct-i386-2.zip">Windows - version</a>; usage: extract the <tt>.zip</tt> in the dir where the - <tt>binary-i386-2.iso</tt> file is sitting, then in a DOS box change to - that directory and give the command <q><tt>correct-i386-2 - binary-i386-2.iso</tt></q>.</p> - - <p>If you have a CD-ROM, which you obviously cannot repair, the easiest - option to get <tt>pdksh</tt> is to - <a href="http://archive.debian.org/debian/dists/potato/main/binary-i386/shells/pdksh_5.2.14-1.deb">download - it</a> (212 kB) and install with <q><tt>dpkg -i pdksh_5.2.14-1.deb</tt></q>. - But you can also copy the file from the CD to a temporary directory and - use the same - <a href="https://cdimage.debian.org/~costar/correct_cds/correct-i386-2.c">correct-i386-2.c</a> - program, but then you should modify it so that <tt>POS</tt> is - <tt>0x64de</tt>.</p> - - <p><strong>PowerPC</strong>: The powerpc Binary-1_NONUS and Binary-3 CD - images are also plagued by a one-bit problem, preventing - <q><tt>smbfs</tt></q> and <q><tt>gimp-manual</tt></q> respectively from being - installed. Repaired versions are (slowly) propagating to the mirrors, - but you can repair your own images very easily with the - <a href="https://cdimage.debian.org/~costar/correct_cds/correct-powerpc-1_NONUS.c">correct-powerpc-1_NONUS.c</a> - and - <a href="https://cdimage.debian.org/~costar/correct_cds/correct-powerpc-3.c">correct-powerpc-3.c</a> - programs. These also contain information on repairing the affected - packages individually when copied from CD (which is especially useful - for the 15MB-sized <q><tt>gimp-manual</tt></q>).</p> - - <p><strong>Sparc</strong>: The 2.2 rev0 CDs have a problem when booting - from the Binary-1 CD. This has been solved in the 2.2 rev0a (or - 2.2_rev0_CDa) version of the sparc CDs.</p> - - <p>Sparc: If X does not start correctly, and the error message mentions - the mouse, and you are <em>not</em> running the <tt>gpm</tt> text-mode - mouse driver, <q><tt>rm -f /dev/gpmdata</tt></q> might help.</p> - - <p><strong>Alpha</strong>: The 2.2 rev0 CDs may prove problematic when - booting from the Binary-1 CD. To solve that, boot with <q><tt>-flags - i</tt></q>, then enter at the aboot prompt: - <br /> - <tt> aboot> b /linux - initrd=/boot/root.bin root=/dev/ram</tt> - <br /> - This problem has been corrected in the 2.2 rev0a (or 2.2_rev0_CDa) - version of the alpha CDs.</p> - </dd> -# ------------------------------------------------------------ - - <dt><strong>Potato test-cycle-3</strong></dt> - <dd><p>The <tt>gpm</tt> text-mode mouse driver has some problems. You - should <strong>not</strong> run the <tt>mouse-test</tt> program, and you - will have to do <q><tt>/etc/init.d/gpm stop</tt></q> before you can use - the mouse in X.</p></dd> -# ------------------------------------------------------------ - - <dt><strong>Potato test-cycle-2</strong></dt> - <dd><p>The <tt>gpm</tt> text-mode mouse driver has some problems. You - should <strong>not</strong> run the <tt>mouse-test</tt> program, and you - will have to do <q><tt>/etc/init.d/gpm stop</tt></q> before you can use - the mouse in X.</p></dd> -# ------------------------------------------------------------ - - <dt><strong>Potato test-cycle-1</strong></dt> - <dd><p>No relevant information</p></dd> - -</dl> diff --git a/english/News/2020/20201205.wml b/english/News/2020/20201205.wml new file mode 100644 index 00000000000..b592634b5dd --- /dev/null +++ b/english/News/2020/20201205.wml @@ -0,0 +1,229 @@ +<define-tag pagetitle>Updated Debian 10: 10.7 released</define-tag> +<define-tag release_date>2020-12-05</define-tag> +#use wml::debian::news +# $Id: + +<define-tag release>10</define-tag> +<define-tag codename>buster</define-tag> +<define-tag revision>10.7</define-tag> + +<define-tag dsa> + <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td> + <td align="center"><: + my @p = (); + for my $p (split (/,\s*/, "%2")) { + push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p)); + } + print join (", ", @p); +:></td></tr> +</define-tag> + +<define-tag correction> + <tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr> +</define-tag> + +<define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag> + +<p>The Debian project is pleased to announce the seventh update of its +stable distribution Debian <release> (codename <q><codename></q>). +This point release mainly adds corrections for security issues, +along with a few adjustments for serious problems. Security advisories +have already been published separately and are referenced where available.</p> + +<p>Please note that the point release does not constitute a new version of Debian +<release> but only updates some of the packages included. There is +no need to throw away old <q><codename></q> media. After installation, +packages can be upgraded to the current versions using an up-to-date Debian +mirror.</p> + +<p>Those who frequently install updates from security.debian.org won't have +to update many packages, and most such updates are +included in the point release.</p> + +<p>New installation images will be available soon at the regular locations.</p> + +<p>Upgrading an existing installation to this revision can be achieved by +pointing the package management system at one of Debian's many HTTP mirrors. +A comprehensive list of mirrors is available at:</p> + +<div class="center"> + <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a> +</div> + + + + +<h2>Miscellaneous Bugfixes</h2> + +<p>This stable update adds a few important corrections to the following packages:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction base-files "Update for the point release"> +<correction choose-mirror "Update mirror list"> +<correction cups "Fix 'printer-alert' invalid free"> +<correction dav4tbsync "New upstream release, compatible with newer Thunderbird versions"> +<correction debian-installer "Use 4.19.0-13 Linux kernel ABI; add grub2 to Built-Using"> +<correction debian-installer-netboot-images "Rebuild against proposed-updates"> +<correction distro-info-data "Add Ubuntu 21.04, Hirsute Hippo"> +<correction dpdk "New upstream stable release; fix remote code execution issue [CVE-2020-14374], TOCTOU issues [CVE-2020-14375], buffer overflow [CVE-2020-14376], buffer over read [CVE-2020-14377] and integer underflow [CVE-2020-14377]; fix armhf build with NEON"> +<correction eas4tbsync "New upstream release, compatible with newer Thunderbird versions"> +<correction edk2 "Fix integer overflow in DxeImageVerificationHandler [CVE-2019-14562]"> +<correction efivar "Add support for nvme-fabrics and nvme-subsystem devices; fix uninitialized variable in parse_acpi_root, avoiding possible segfault"> +<correction enigmail "Introduce migration assistant to Thunderbird's built-in GPG support"> +<correction espeak "Fix using espeak with mbrola-fr4 when mbrola-fr1 is not installed"> +<correction fastd "Fix memory leak when receiving too many invalid packets [CVE-2020-27638]"> +<correction fish "Ensure TTY options are restored on exit"> +<correction freecol "Fix XML External Entity vulnerability [CVE-2018-1000825]"> +<correction gajim-omemo "Use 12-byte IV, for better compatibility with iOS clients"> +<correction glances "Listen only on localhost by default"> +<correction iptables-persistent "Don't force-load kernel modules; improve rule flushing logic"> +<correction lacme "Use upstream certificate chain instead of an hardcoded one, easing support for new Let's Encrypt root and intermediate certificates"> +<correction libdatetime-timezone-perl "Update included data to tzdata 2020d"> +<correction libimobiledevice "Add partial support for iOS 14"> +<correction libjpeg-turbo "Fix denial of service [CVE-2018-1152], buffer over read [CVE-2018-14498], possible remote code execution [CVE-2019-2201], buffer over read [CVE-2020-13790]"> +<correction libxml2 "Fix denial of service [CVE-2017-18258], NULL pointer dereference [CVE-2018-14404], infinite loop [CVE-2018-14567], memory leak [CVE-2019-19956 CVE-2019-20388], infinite loop [CVE-2020-7595]"> +<correction linux "New upstream stable release"> +<correction linux-latest "Update for 4.19.0-13 kernel ABI"> +<correction linux-signed-amd64 "New upstream stable release"> +<correction linux-signed-arm64 "New upstream stable release"> +<correction linux-signed-i386 "New upstream stable release"> +<correction lmod "Change architecture to <q>any</q> - required due to LUA_PATH and LUA_CPATH being determined at build time"> +<correction mariadb-10.3 "New upstream stable release; security fixes [CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 CVE-2020-28912]"> +<correction mutt "Ensure IMAP connection is closed after a connection error [CVE-2020-28896]"> +<correction neomutt "Ensure IMAP connection is closed after a connection error [CVE-2020-28896]"> +<correction node-object-path "Fix prototype pollution in set() [CVE-2020-15256]"> +<correction node-pathval "Fix prototype pollution [CVE-2020-7751]"> +<correction okular "Fix code execution via action link [CVE-2020-9359]"> +<correction openjdk-11 "New upstream release; fix JVM crash"> +<correction partman-auto "Increase /boot sizes in most recipes to between 512 and 768M, to better handle kernel ABI changes and larger initramfses; cap RAM size as used for swap partition calculations, resolving issues on machines with more RAM than disk space"> +<correction pcaudiolib "Cap cancellation latency to 10ms"> +<correction plinth "Apache: Disable mod_status [CVE-2020-25073]"> +<correction puma "Fix HTTP injection and HTTP smuggling issues [CVE-2020-5247 CVE-2020-5249 CVE-2020-11076 CVE-2020-11077]"> +<correction ros-ros-comm "Fix integer overflow [CVE-2020-16124]"> +<correction ruby2.5 "Fix potential HTTP request smuggling vulnerability in WEBrick [CVE-2020-25613]"> +<correction sleuthkit "Fix stack buffer overflow in yaffsfs_istat [CVE-2020-10232]"> +<correction sqlite3 "Fix division by zero [CVE-2019-16168], NULL pointer dereference [CVE-2019-19923], mishandling of NULL pathname during an update of a ZIP archive [CVE-2019-19925], mishandling of embedded NULs in filenames [CVE-2019-19959], possible crash (unwinding WITH stack) [CVE-2019-20218], integer overflow [CVE-2020-13434], segmentation fault [CVE-2020-13435], use-after-free issue [CVE-2020-13630], NULL pointer dereference [CVE-2020-13632], heap overflow [CVE-2020-15358]"> +<correction systemd "Basic/cap-list: parse/print numerical capabilities; recognise new capabilities from Linux kernel 5.8; networkd: do not generate MAC for bridge device"> +<correction tbsync "New upstream release, compatible with newer Thunderbird versions"> +<correction tcpdump "Fix untrusted input issue in the PPP printer [CVE-2020-8037]"> +<correction tigervnc "Properly store certificate exceptions in native and java VNC viewer [CVE-2020-26117]"> +<correction tor "New upstream stable release; multiple security, usability, portability, and reliability fixes"> +<correction transmission "Fix memory leak"> +<correction tzdata "New upstream release"> +<correction ublock-origin "New upstream version; split plugin to browser-specific packages"> +<correction vips "Fix use of uninitialised variable [CVE-2020-20739]"> +</table> + + +<h2>Security Updates</h2> + + +<p>This revision adds the following security updates to the stable release. +The Security Team has already released an advisory for each of these +updates:</p> + +<table border=0> +<tr><th>Advisory ID</th> <th>Package</th></tr> +<dsa 2020 4766 rails> +<dsa 2020 4767 mediawiki> +<dsa 2020 4768 firefox-esr> +<dsa 2020 4769 xen> +<dsa 2020 4770 thunderbird> +<dsa 2020 4771 spice> +<dsa 2020 4772 httpcomponents-client> +<dsa 2020 4773 yaws> +<dsa 2020 4774 linux-latest> +<dsa 2020 4774 linux-signed-amd64> +<dsa 2020 4774 linux-signed-arm64> +<dsa 2020 4774 linux-signed-i386> +<dsa 2020 4774 linux> +<dsa 2020 4775 python-flask-cors> +<dsa 2020 4776 mariadb-10.3> +<dsa 2020 4777 freetype> +<dsa 2020 4778 firefox-esr> +<dsa 2020 4779 openjdk-11> +<dsa 2020 4780 thunderbird> +<dsa 2020 4781 blueman> +<dsa 2020 4782 openldap> +<dsa 2020 4783 sddm> +<dsa 2020 4784 wordpress> +<dsa 2020 4785 raptor2> +<dsa 2020 4786 libexif> +<dsa 2020 4787 moin> +<dsa 2020 4788 firefox-esr> +<dsa 2020 4789 codemirror-js> +<dsa 2020 4790 thunderbird> +<dsa 2020 4791 pacemaker> +<dsa 2020 4792 openldap> +<dsa 2020 4793 firefox-esr> +<dsa 2020 4794 mupdf> +<dsa 2020 4795 krb5> +<dsa 2020 4796 thunderbird> +<dsa 2020 4798 spip> +<dsa 2020 4799 x11vnc> +<dsa 2020 4800 libproxy> +</table> + + +<h2>Removed packages</h2> + +<p>The following packages were removed due to circumstances beyond our control:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction freshplayerplugin "Unsupported by browsers; discontinued upstream"> +<correction nostalgy "Incompatible with newer Thunderbird versions"> +<correction sieve-extension "Incompatible with newer Thunderbird versions"> + +</table> + +<h2>Debian Installer</h2> +<p>The installer has been updated to include the fixes incorporated +into stable by the point release.</p> + +<h2>URLs</h2> + +<p>The complete lists of packages that have changed with this revision:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog"> +</div> + +<p>The current stable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/stable/"> +</div> + +<p>Proposed updates to the stable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/proposed-updates"> +</div> + +<p>stable distribution information (release notes, errata etc.):</p> + +<div class="center"> + <a + href="$(HOME)/releases/stable/">https://www.debian.org/releases/stable/</a> +</div> + +<p>Security announcements and information:</p> + +<div class="center"> + <a href="$(HOME)/security/">https://www.debian.org/security/</a> +</div> + +<h2>About Debian</h2> + +<p>The Debian Project is an association of Free Software developers who +volunteer their time and effort in order to produce the completely +free operating system Debian.</p> + +<h2>Contact Information</h2> + +<p>For further information, please visit the Debian web pages at +<a href="$(HOME)/">https://www.debian.org/</a>, send mail to +<press@debian.org>, or contact the stable release team at +<debian-release@lists.debian.org>.</p> diff --git a/english/Pics/debconf12.png b/english/Pics/debconf12.png Binary files differdeleted file mode 100644 index 3cc1e856251..00000000000 --- a/english/Pics/debconf12.png +++ /dev/null diff --git a/english/consultants/consultant.data b/english/consultants/consultant.data index 58c048f3698..98dffa4b830 100644 --- a/english/consultants/consultant.data +++ b/english/consultants/consultant.data @@ -556,6 +556,17 @@ negotiated rates available. Min charge: 15 mins BH, 30 mins AH, <rates Negotiable.> </p> +# Consultant: AU +# Added on 2020-11-29 +<p> +<company CICT SOLUTIONS> +<address 11/201 New South Head Rd, Edgecliff, NSW 2027, <country-name AU>> +<phone 1300 06 06 01> +<email info+debian@cict.solutions> +# <url "https://cict.solutions"> +<rates Please contact Us.> +</p> + <h1><a name="AT"><country-name AT>:</a></h1> @@ -3890,17 +3901,6 @@ Jakarta Timur, <country-name ID>> </p> # Consultant: IT -# mail sent to check status: 2013-04-13 holger-guest. Result: still active, entry updated. -<p> -<name Paolo Lulli> -<address Via Gallicano-Colonna 18, 00039 Zagarolo (RM), <country-name IT>> -<phone +39(0)328-6685449> -<email paolo@lulli.net> -<URL "http://www.lulli.net/paolo"> -<rates Feel free to contact me for a quote.> -</p> - -# Consultant: IT # data updated: 2013-07-29 <p> <name Mattia Zanoni> @@ -5118,6 +5118,31 @@ and volume we can change it.> <rates Negotiable.> </p> +# Consultant: SE +# mail sent to check status: 2013-04-13 holger-guest. Result: still active, entry updated. +# +# Moved from IT to SE + data updated. 2020-11-29 holgerw +<p> +<name Paolo Lulli> +<company Kevwe Technology AB> +<address Lärargatan 9, 52151 Floby, <country-name SE>> +<phone +46 76544 97 48> +<email paolo@lulli.net> +<rates 800 SEK/h or fixed price.> +</p> + + +<h1><a name="RS"><country-name RS>:</a></h1> + +# Consultant: RS +# added on 2020-11-29 +<p> +<name Stevan Nestorović> +<address Belgrade, <country-name RS>> +<email nestorovicstevan@keemail.me> +<rates Depends on project.> +</p> + <h1><a name="CH"><country-name CH>:</a></h1> @@ -5683,6 +5708,18 @@ projects negotiable.> <rates Vary according to work, discounts may be offered to charities.> </p> +# Consultant: GB +# added on 2020-11-29 +<p> +<name Gordan Bobic> +<company Shattered Silicon> +<address Camberley, Surrey, <country-name GB>> +<phone +44 7740 195136> +<email gordan.bobic@shatteredsilicon.net> +<URL "https://shatteredsilicon.net/linux-consulting/"> +<rates Negotiable> +</p> + <h1><a name="US"><country-name US>:</a></h1> @@ -5877,11 +5914,12 @@ projects negotiable.> # Consultant: US # mail sent to check status: 2013-07-16 holger-guest. Result: still active. +# Data updated. 2020-11-29 holgerw <p> <name Daniel A. Hoffman> <company Afinitech> -<address Chicago, Illinois 60666, <country-name US>> -<phone +1-312-498-4820> +<address 55 9th St, San Francisco, CA 94103, <country-name US>> +<phone 650-336-0630> <email dh@afinitech.net scramble="yes"> #<URL "http://afinitech.net/"> <rates Call.> @@ -5964,12 +6002,12 @@ projects negotiable.> </p> # Consultant: US -# data updated on 2013-02-27 +# data updated on 2020-12-03, myon <p> -<name Oscar Herrera> -<company credativ NA LLC> -<address 580 Harrison Avenue, Boston, MA 02118, <country-name US>> -<phone +1-617-477-8501> +<name Robert Treat> +<company credativ LLC> +<address 5305 Village Center Dr, Suite #254, Columbia, MD 21044, <country-name US>> +<phone +1 888-GOPGSQL> <email info@credativ.us> <URL "https://www.credativ.com"> <rates Call for rates.> @@ -6238,6 +6276,16 @@ Discounts to bona fide, non-profits negotiable.> <rates Please contact for rates.> </p> +# Consultant: US +# added on 2020-11-29 +<p> +<name Matthew Tanner> +<company Tanner & Associates LLC> +<address <country-name US>> +<email matthew@tldus.us> +# <URL "www.tldus.com"> +</p> + # <h1><a name="AE"><country-name AE>:</a></h1> diff --git a/english/devel/Makefile b/english/devel/Makefile index e3911c704fe..b1ccd777c36 100644 --- a/english/devel/Makefile +++ b/english/devel/Makefile @@ -4,7 +4,7 @@ WMLBASE=.. CUR_DIR=devel SUBS=website join misc wnpp \ - debian-jr debian-med debian-desktop debian-lex \ + debian-jr debian-med debian-desktop \ debian-installer debian-accessibility buildd \ debian-live @@ -12,11 +12,5 @@ include $(WMLBASE)/Make.lang leader.$(LANGUAGE).html: leader.wml $(TEMPLDIR)/template.wml \ $(ENGLISHSRCDIR)/devel/leader.data -people.$(LANGUAGE).html: people.wml $(TEMPLDIR)/template.wml \ - $(ENGLISHSRCDIR)/devel/people.names +people.$(LANGUAGE).html: people.wml $(TEMPLDIR)/template.wml index.$(LANGUAGE).html: index.wml $(TEMPLDIR)/template.wml - -ifeq ($(USE_SAMPLE_FILES),1) -$(ENGLISHSRCDIR)/devel/people.names: $(ENGLISHSRCDIR)/devel/people.names.sample - if [ ! -f $@ ]; then cp $< $@; else touch $@; fi -endif diff --git a/english/devel/debian-installer/News/2020/20201206.wml b/english/devel/debian-installer/News/2020/20201206.wml new file mode 100644 index 00000000000..d6e05c2b830 --- /dev/null +++ b/english/devel/debian-installer/News/2020/20201206.wml @@ -0,0 +1,272 @@ +<define-tag pagetitle>Debian Installer Bullseye Alpha 3 release</define-tag> +<define-tag release_date>2020-12-06</define-tag> +#use wml::debian::news + +<p> +The Debian Installer <a +href="https://wiki.debian.org/DebianInstaller/Team">team</a> is pleased to +announce the third release candidate of the installer for Debian 11 +<q>Bullseye</q>. +</p> + + +<h2>Improvements in this release</h2> + +<ul> + <li>apt-setup: + <ul> + <li>Remove mention of volatile repo from generated sources.list + file (<a href="https://bugs.debian.org/954460">#954460</a>).</li> + </ul> + </li> + <li>base-installer: + <ul> + <li>Improve test architecture, adding support for Linux 5.x + versions.</li> + </ul> + </li> + <li>brltty: + <ul> + <li>Improve hardware detection and driver support.</li> + </ul> + </li> + <li>cdebconf: + <ul> + <li>Make text interface report progress more accurately: from + the very beginning, and also as soon as an answer to a + question has been given.</li> + </ul> + </li> + <li>choose-mirror: + <ul> + <li>Update Mirrors.masterlist.</li> + </ul> + </li> + <li>console-setup: + <ul> + <li>Improve support for box-drawing characters (<a href="https://bugs.debian.org/965029">#965029</a>).</li> + <li>Sync Terminus font with the xfonts-terminus package.</li> + <li>Fix Lithuanian layout (<a href="https://bugs.debian.org/951387">#951387</a>).</li> + </ul> + </li> + <li>debian-cd: + <ul> + <li>Only include Linux udebs for the latest ABI, making small + installation images more useful.</li> + </ul> + </li> + <li>debian-installer: + <ul> + <li>Bump Linux kernel ABI to 5.9.0-4</li> + <li>Drop fontconfig tweaks introduced in the Debian Installer + Buster Alpha 1 release (See: <a href="https://bugs.debian.org/873462">#873462</a>).</li> + <li>Install kmod-udeb instead of libkmod2-udeb.</li> + <li>Mimick libgcc1 handling, for libgcc-s1.</li> + <li>Clean up the list of fake packages.</li> + <li>Replace the mklibs library reduction pass with a hack, + copying libgcc_s.so.[124] from the host filesystem for the + time being.</li> + <li>Add explicit build-depends on fdisk on arm64, amd64 and i386 + now that util-linux doesn't depend on it anymore.</li> + <li>Add grub2 to built-using (<a href="https://bugs.debian.org/968998">#968998</a>).</li> + <li>Fix FTBFS with fakeroot by adjusting the /dev/console check + (see <a href="https://bugs.debian.org/940056">#940056</a>).</li> + </ul> + </li> + <li>debian-installer-utils: + <ul> + <li>Adjust fetch-url's use of file descriptors for recent udev + versions (<a href="https://bugs.debian.org/967546">#967546</a>).</li> + </ul> + </li> + <li>debootstrap: + <ul> + <li>Only install apt-transport-https on stretch and earlier, + HTTPS support was merged into the core apt package for buster + (<a href="https://bugs.debian.org/920255">#920255</a>, <a href="https://bugs.debian.org/879755">#879755</a>).</li> + </ul> + </li> + <li>finish-install: + <ul> + <li>Drop upstart support entirely (<a href="https://bugs.debian.org/923845">#923845</a>).</li> + </ul> + </li> + <li>fonts-noto: + <ul> + <li>Fix Sinhala support in the installer (<a href="https://bugs.debian.org/954948">#954948</a>).</li> + </ul> + </li> + <li>grub-installer: + <ul> + <li>Update templates, to make them fit for UEFI systems and new + kind of system storage media (<a href="https://bugs.debian.org/954718">#954718</a>).</li> + </ul> + </li> + <li>kmod: + <ul> + <li>Split kmod-udeb off of libkmod2-udeb and actually ship the + libraries in libkmod2-udeb (<a href="https://bugs.debian.org/953952">#953952</a>).</li> + </ul> + </li> + <li>locale-chooser: + <ul> + <li>Activate new languages: Kabyle, Occitan.</li> + </ul> + </li> + <li>partman-auto: + <ul> + <li>Bump /boot sizes in most recipes from between 128 and 256M + to between 512 and 768M (<a href="https://bugs.debian.org/893886">#893886</a>, <a href="https://bugs.debian.org/951709">#951709</a>).</li> + <li>Import partman-auto/cap-ram support from Ubuntu, to allow + capping RAM size as used for swap partition calculations + (<a href="https://bugs.debian.org/949651">#949651</a>, <a href="https://bugs.debian.org/950344">#950344</a>). This allows us to cap the minimum size of + swap partitions size to 1*CAP, and their maximum size to a + maximum of 2 or 3*CAP depending on architecture. Default is + set to 1024, thus capping swap partitions to between 1 and + 3GB.</li> + </ul> + </li> + <li>partman-efi: + <ul> + <li>Remount /cdrom read-write if it also happens to be used as + /boot/efi (<a href="https://bugs.debian.org/967918">#967918</a>).</li> + <li>Remove usage of the efivars module, and stop looking for + /proc/efi. efivarfs is the current interface, and /proc/efi + went away a long time ago.</li> + </ul> + </li> + <li>partman-partitioning: + <ul> + <li>Include ntfs-3g-udeb on arm64.</li> + </ul> + </li> + <li>partman-target: + <ul> + <li>Add a hint to the new fstab about using <code>systemctl daemon-reload</code> + after changing /etc/fstab (<a href="https://bugs.debian.org/963573">#963573</a>).</li> + </ul> + </li> + <li>systemd: + <ul> + <li>Install 60-block.rules in udev-udeb (<a href="https://bugs.debian.org/958397">#958397</a>). The block + device rules were split out from 60-persistent-storage.rules + in v220. This fixes a longstanding bug where UUIDs would not + be used for filesystems on initial installation.</li> + </ul> + </li> + <li>util-linux: + <ul> + <li>Take over eject-udeb (<a href="https://bugs.debian.org/737658">#737658</a>).</li> + </ul> + </li> + <li>win32-loader: + <ul> + <li>Introduce UEFI boot manager and Secure Boot support + (<a href="https://bugs.debian.org/918863">#918863</a>).</li> + </ul> + </li> +</ul> + + +<h2>Hardware support changes</h2> + +<ul> + <li>debian-cd: + <ul> + <li>Enable graphical installer for arm64.</li> + <li>Exclude lilo-installer and elilo-installer udebs for all + archs.</li> + <li>Stop making XFCE single CD images.</li> + <li>Stop making DVD ISO images 2 and 3 for amd64/i386 (they are + still available via jigdo).</li> + </ul> + </li> + <li>debian-installer: + <ul> + <li>Update Firefly-RK3288 image for new u-boot version.</li> + <li>[arm64] Add support for firefly-rk3399, pinebook-pro-rk3399, + rockpro64-rk3399, rock64-rk3328 and rock-pi-4-rk3399 to u-boot + images and netboot SD card images.</li> + <li>[arm64] Make all netboot sdcard images start at offset + 32768, for compatibility with rockchip platforms.</li> + <li>Add OLPC XO-1.75 laptop support (<a href="https://bugs.debian.org/949306">#949306</a>).</li> + <li>Enable GTK build for arm64.</li> + <li>Add support for NanoPi NEO Air (<a href="https://bugs.debian.org/928863">#928863</a>).</li> + <li>Add wireless-regdb-udeb to Linux builds that include + nic-wireless-modules.</li> + <li>efi-image: Improve sizing calculation to reduce wasted + space.</li> + <li>efi-image: Include DTB files in the ESP for armhf and arm64 + systems. This should make U-Boot based systems work better + when booting via UEFI.</li> + </ul> + </li> + <li>flash-kernel: + <ul> + <li>Add FriendlyARM NanoPi NEO Plus2 (<a href="https://bugs.debian.org/955374">#955374</a>).</li> + <li>Add Pinebook (<a href="https://bugs.debian.org/930098">#930098</a>).</li> + <li>Add Pinebook Pro.</li> + <li>Add Olimex A64-Olinuxino and A64-Olinuxino-eMMC + (<a href="https://bugs.debian.org/931195">#931195</a>).</li> + <li>Add SolidRun LX2160A Honeycomb and Clearfog CX + (<a href="https://bugs.debian.org/958023">#958023</a>).</li> + <li>Add SolidRun Cubox-i Solo/DualLite variants (<a href="https://bugs.debian.org/939261">#939261</a>).</li> + <li>Add Turris MOX (<a href="https://bugs.debian.org/961303">#961303</a>).</li> + </ul> + </li> + <li>linux: + <ul> + <li>Move any compression modules to kernel-image udeb; drop + compress-modules udeb.</li> + <li>Make input-modules udeb depend on crc-modules.</li> + <li>[arm64] Add i2c_mv64xxx to i2c-modules udeb.</li> + <li>[arm64] Add drivers/pinctrl to kernel-image udeb.</li> + <li>[arm64] Add analogix-anx6345, pwm-sun4i, sun4i-drm and + sun8i-mixer to fb-modules udeb.</li> + <li>[arm64] Add pwm-sun4i to fb-modules udeb.</li> + <li>[arm64] Add armada_37xx_wdt to kernel-image udeb + (<a href="https://bugs.debian.org/961086">#961086</a>).</li> + <li>[mips*] Drop hfs-modules udeb.</li> + <li>[x86] Add crc32_pclmul to crc-modules udeb.</li> + <li>Add crc32_generic to crc-modules udeb.</li> + <li>Reverse order of cdrom-core and isofs/udf udebs: the latter + ones now require the former.</li> + <li>Drop zlib-modules udeb (zlib_deflate is now always built-in).</li> + <li>Add f2fs-modules udeb.</li> + </ul> + </li> +</ul> + + +<h2>Localization status</h2> + +<ul> + <li>78 languages are supported in this release.</li> + <li>New languages: Kabyle, Occitan.</li> + <li>Full translation for 16 of them.</li> +</ul> + + +<h2>Known issues in this release</h2> + +<p> +See the <a href="$(DEVEL)/debian-installer/errata">errata</a> for +details and a full list of known issues. +</p> + + +<h2>Feedback for this release</h2> + +<p> +We need your help to find bugs and further improve the installer, so please +try it. Installer CDs, other media and everything else you will need are +available at our <a href="$(DEVEL)/debian-installer">web site</a>. +</p> + + +<h2>Thanks</h2> + +<p> +The Debian Installer team thanks everybody who has contributed to this +release. +</p> diff --git a/english/devel/debian-installer/images.data b/english/devel/debian-installer/images.data index 10575cec7da..4adb28dafb7 100644 --- a/english/devel/debian-installer/images.data +++ b/english/devel/debian-installer/images.data @@ -8,9 +8,9 @@ # Release name <define-tag release-name>bullseye</define-tag> # Version -<define-tag version>alpha2</define-tag> -<define-tag shortversion>alpha2</define-tag> -<define-tag humanversion>Bullseye Alpha 2</define-tag> +<define-tag version>alpha3</define-tag> +<define-tag shortversion>alpha3</define-tag> +<define-tag humanversion>Bullseye Alpha 3</define-tag> # If arches are added here, then also comment them out for the # devel-other-images tag below diff --git a/english/devel/debian-lex/Makefile b/english/devel/debian-lex/Makefile deleted file mode 100644 index 98d987966b4..00000000000 --- a/english/devel/debian-lex/Makefile +++ /dev/null @@ -1,11 +0,0 @@ -# If this makefile is not generic enough to support a translation, -# please contact debian-www. - -WMLBASE=../.. -CUR_DIR=devel/debian-lex - -include $(WMLBASE)/Make.lang - -index.$(LANGUAGE).html: index.wml $(TEMPLDIR)/template.wml \ - $(TEMPLDIR)/recent_list.wml - diff --git a/english/devel/debian-lex/debian-lex.png b/english/devel/debian-lex/debian-lex.png Binary files differdeleted file mode 100644 index 9807653fc9f..00000000000 --- a/english/devel/debian-lex/debian-lex.png +++ /dev/null diff --git a/english/devel/debian-lex/debian-lex.xcf b/english/devel/debian-lex/debian-lex.xcf Binary files differdeleted file mode 100644 index 60e2721263b..00000000000 --- a/english/devel/debian-lex/debian-lex.xcf +++ /dev/null diff --git a/english/devel/debian-lex/index.wml b/english/devel/debian-lex/index.wml deleted file mode 100644 index eea7cfd387d..00000000000 --- a/english/devel/debian-lex/index.wml +++ /dev/null @@ -1,113 +0,0 @@ -#use wml::debian::template title="Debian-Lex" -#use wml::debian::recent_list - -<h2>Project description</h2> - -<p>Debian-Lex is an internal project to develop Debian into an operating - system that is particularly well fit for the requirements for legal - offices. - The goal of Debian-Lex is a complete system for all - tasks in legal practice which is built completely on free software. -</p> - -<p>The general idea for this kind of project was adopted from the - <a href="$(HOME)/devel/debian-jr/">Debian Junior</a> and - <a href="$(HOME)/devel/debian-med/">Debian-Med</a> projects, - with the majority of the content of this Web site shamelessly pilfered - from the latter. -</p> - -<p>Debian-Lex will contain a set of meta packages that declare dependencies on - other Debian packages, and that way the complete system is prepared for - solving particular tasks. We hope that there will soon be a framework for - <a href="https://lists.debian.org/debian-vote/2003/debian-vote-200303/msg00014.html"> - flavours of Debian</a> on which Debian-Lex will be based. -</p> - -<p>We also envisage that Debian-Lex will add value to existing packages by - providing customised templates for lawyers. For example, templates would - be provided for OpenOffice.org, SQL-Ledger and a sample database schema - for PostgreSQL. -</p> - -<h2><a id="news" name="news">News</a></h2> - -<p><tt>[23 August 2005]</tt> <strong>Debian Lex is looking for a new co-ordinator.</strong><br> -<tt>[11 August 2003]</tt> <strong><a href="https://alioth.debian.org/projects/debian-lex">Our CVS server is up with initial versions of Debian-Lex packages</a></strong><br> -<tt>[2 May 2003]</tt> <strong><a href="http://www.theage.com.au/articles/2003/05/02/1051382077620.html">Press: <em>Aussie leads development of open source O-S for lawyers</em></a></strong><br> -<tt>[23 Apr 2003]</tt> <strong><a href="$(HOME)/News/weekly/2003/16/">Debian-Lex makes DWN!</a></strong><br> -<tt>[19 Apr 2003]</tt> <strong><a href="https://lists.debian.org/debian-project/2003/debian-project-200304/msg00067.html">Initial proposal to developers</a></strong> -</p> - -<!--<p>For older news items see the <a href="$(HOME)/devel/debian-lex/News/">Debian-Lex News Page</a>.</p>--> - -<h2><a id="email-list" name="email-list">Email List</a></h2> - -<p>The Debian-Lex mailing list is now available. You can subscribe to and -unsubscribe from it using -<a href="https://lists.debian.org/debian-lex/">the list web page</a>, -and also read the -<a href="https://lists.debian.org/debian-lex/">list archives</a>.</p> - -<h2><a id="projects" name="projects">Software projects to include</a></h2> - -<p>The first attempt to put the projects into categories might be not - the best. Send any suggestions for improvements to the mailing list. -</p> - -<ul> - <li><a href="software#administration">Legal office administration</a></li> - <li><a href="software#court">Court administration</a></li> - <li><a href="software#desktop">Legal desktop</a></li> - <li><a href="software#research">Legal research</a></li> - <li><a href="software#server">Legal office server</a></li> - <li><a href="software#other">Other</a></li> -</ul> - -<h2><a id="goals" name="goals">Project goals</a></h2> - -<ul> - <li>Build a solid software base for legal practice with emphasis on easy - installation, easy maintenance and security.</li> - <li>Bring authors of different projects with similar goals together.</li> - <li>Test suite for easy evaluation of the quality of legal software.</li> - <li>Provide information and documentation of legal software.</li> - <li>Help upstream authors to get their products packaged for - Debian.</li> - <li>Show commercial software companies the strengths of a solid base - system and make them consider to port their software to Linux or - even to switch to Open Source.</li> -</ul> - -<h2><a id="talks" name="talks">Talks about Debian-Lex</a></h2> - -We will add any talks about Debian-Lex here as source and preformatted -slides. It might be a good idea to check these pages to get some interesting -information about the project. - -<h2><a id="help" name="help">What can I do to help?</a></h2> - -<ul> - <li>Work on enhancing and translating these web pages.</li> - <li>Create a logo (here is an <a href="debian-lex.png">example</a>, - also in <a href="debian-lex.xcf">GIMP format</a>, and here is - the <a href="legaltux.png">legal TuX</a> on which it is based).</li> - <li>Packaging the above-mentioned software projects for Debian.</li> - <li>Building meta packages for different tasks.</li> - <li>Documentation and translation.</li> - <li>Internationalization (which is more than just translating - because of the different legal systems).</li> - <li>Building a live CD (perhaps based on <a - href="http://www.knoppix.de">Knoppix</a>).</li> -</ul> - -<h2><a id="marketing" name="marketing">Marketing & PR</a></h2> - -<p>Once we have something to show for this project, and indeed even in - the formative stages of this project, we are being watched by the - eyes of the world. We will necessarily want to work with - press@debian.org to get the word out and to help give Debian and - this project the kind of exposure we want. For this purpose we will - build a collection of slides of talks about Debian-Lex. -</p> - diff --git a/english/devel/debian-lex/legaltux.png b/english/devel/debian-lex/legaltux.png Binary files differdeleted file mode 100644 index 2931078c4a1..00000000000 --- a/english/devel/debian-lex/legaltux.png +++ /dev/null diff --git a/english/devel/debian-lex/software.wml b/english/devel/debian-lex/software.wml deleted file mode 100644 index 961d85afa47..00000000000 --- a/english/devel/debian-lex/software.wml +++ /dev/null @@ -1,209 +0,0 @@ -#use wml::debian::template title="Debian-Lex - Legal Software" - -<h2><a id="administration" name="administration">Legal office administration</a></h2> -<h3><a href="http://lcm.ngo-bg.org/">Legal Case Management System</a></h3> -<p> - The legal case management system is aimed for use by not-for-profit legal - advice centres in order to make better follow-ups of their cases, including - client consultations and court events, reporting, etc. -</p> -<p> - Licence: GPL -</p> -<h3><a href="http://sourceforge.net/projects/elawmanager/">eLawOffice</a></h3> -<p> - eLawOffice is a full crossplatform and language-extensible java suite, for - workflow and data management of Law Firms (plus data sharing with customers). - It works in a intranet/extranet environment, with a client-server and - servlet+jsp application. -</p> -<p> - Licence: GPL -</p> -<h3><a href="http://sourceforge.net/projects/virtualaw/">VirtuaLaw</a></h3> -<p> - VirtuaLaw is a flexible open-source legal case management system for KDE, - currently under development. -</p> -<p> - Licence: GPL -</p> -<h3><a href="http://sourceforge.net/projects/etude/">Etude</a></h3> -<p> - Etude exists to help lawyers (or other self employed persons) to manage their - clients, timesheet, cash flow, etc. It provides a time-sheet system, and offers - the ability to make facturation and register payments. The program is in - French and uses PHP. -</p> -<p> - Licence: GPL -</p> -<h3><a href="http://www.sql-ledger.org">SQL Ledger</a></h3> -<p> - SQL Ledger is a professional quality Web-based double-entry bookkeeping - system. Features include automatic invoicing (including PDF format bills to - send by email), and completely customisable templates and reports. -</p> -<p> - Licence: GPL -</p> -<h2><a id="desktop" name="desktop">Legal desktop</a></h2> -<h3><a href="http://jinterview.sourceforge.net/default.htm">JInterView</a></h3> -<p> - JInterView is a client (swing) as well as a servlet (web based) application - for document assembly. -</p> -<p> - Licence: GPL -</p> -<h3><a href="http://conflictfinder.sourceforge.net/">Conflict Finder</a></h3> -<p> - ConflictFinder is an open source tool, under development, for helping legal - professionals to avoid conflicts of interest. -</p> -<p> - Licence: Artistic -</p> -<h3><a href="http://sourceforge.net/projects/chancery/">Chancery</a></h3> -<p> - Chancery will become a software suite for tax counselors and attorneys. - The software will be mainly adapted for European tax laws. -</p> -<p> - Licence: GPL -</p> -<h3><a href="https://packages.debian.org/unstable/editors/openoffice.org">OpenOffice.org</a></h3> -<p> - OpenOffice.org 1.0 is a full-featured office productivity suite that provides - a near drop-in replacement for Microsoft(R) Office. Users report that little - or no training is required for people migrating from other office suites - - everything works the way people expect. -</p> -<p> - Licence: GPL/LGPL or Sun Industry Standards Source License -</p> -<h3><a href="https://packages.debian.org/stable/mail/evolution">Evolution</a></h3> -<p> - Evolution is the integrated mail, calendar and address book distributed suite from Ximian, Inc. -</p> -<p> - Licence: GPL -</p> -<h3><a href="http://gttr.sourceforge.net">GnoTime</a></h3> -<p> - GnoTime is the GNOME Time Tracker, a program which allows you to track the - time you spend on any number of tasks and projects. GnoTime also allows you - to generate customised reports and annotated logs of these times. -</p> -<p> - Licence: GPL -</p> -<h3><a href="http://www.dcjent.com/casereporter/">Case Reporter</a></h3> -<p> - Case Reporter is a PHP-based information management system for law firms. - The primary focus of this project is to provide a comprehensive yet - functional information management information system with an emphasis - on the client-case model. -</p> -<p> - Licence: GPL -</p> -<h3><a href="http://www.enterpriseheart.com/site/modules/mydownloads/viewcat.php?cid=2">Enterprise Timesheet</a></h3> -<p> - Enterprise Timesheet is a PHP-based timesheet recording system for small - to medium size enterprises. -</p> -<p> - Licence: GPL -</p> -<h3><a href="http://mozart.sourceforge.net">Mozart</a></h3> -<p> - Mozart is a contact, calendar and case/project management system. Each user - can have his/her own address book, calendar and any number of cases/projects. - You can also track multiple cases/projects for each contact. Additionally, - by viewing a case/project, you can see every contact associated with that - case. -</p> -<p> - Licence: GPL -</p> -<h2><a id="court" name="court">Court administration</a></h2> -<h3><a href="http://openefm.sourceforge.net/">OpenEFM</a></h3> -<p> - OpenEFM is an open source Filing Manager designed to process LegalXML filings. -</p> -<p> - Licence: MPL 1.1 -</p> -<h2><a id="research" name="research">Legal research</a></h2> -<h3><a href="http://sourceforge.net/projects/lawoffice/">Law Office</a></h3> -<p> - Law Office is a "Concordance" killer. Concordance is client software designed - for legal staff. With it, you can upload transcripts from court hearings and - depositions, perform full-text searches, enter notes on transcripts for a - certain line of text, etc. PHP-based. -</p> -<p> - Licence: LGPL -</p> -<h3><a href="http://www.brownsite.net/docsearch.htm">DocSearcher</a></h3> -<p> - DocSearcher is a search tool for indexing and searching files on a personal - computer. It uses API's to provide search functionality - for common document formats (currently Word, Excel, PDF, Open / Star Office, - rtf, text, and HTML). -</p> -<p> - Licence: Apache -</p> -<h3><a href="http://www.ilaw.com.au/lawyers/">DocManage</a></h3> -<p> - DocManage is a unique CGI-based system which enables you to extract - information from legal pleadings. You can present the pleadings and generate - reports and searches from them in a myriad of useful ways. -</p> -<p> - Licence: GPL -</p> -<h3><a href="http://sourceforge.net/projects/legalindex/">The Legal Index Project</a></h3> -<p> - Most federal and many state courts post their court opinions on their - respective web sites. The purpose of this project is to build a system which - will automatically download and catalog this information into one central - system. -</p> -<p> - Licence: LGPL -</p> -<h3><a href="http://sourceforge.net/projects/cyberdiritto/">Cyberdiritto</a></h3> -<p> - Cyberdiritto is the first Web Legal Portal based on the famous Open Source - Php-Nuke web portal system. On Cyberdiritto we can find: articles, surveys, - news on the legal world. -</p> -<p> - Licence: Unknown -</p> -<h2><a id="server" name="server">Legal office server</a></h2> -<h3><a href="https://packages.debian.org/stable/misc/postgresql">PostgreSQL</a></h3> -<p> - PostgreSQL is an object-relational database, which supports a large part - of SQL-92. It is under continuous development and each release implements - more of the SQL standard, to the extent that it is now probably more compliant - than many commercial databases. It also supports some object-oriented - features. -</p> -<p> - Licence: BSD -</p> -<h2><a id="other" name="other">Other</a></h2> -<h3><a href="https://www.openevidence.org/">OpenEvidence</a></h3> -<p> - OpenEvidence produces technology for evidence creation and evidence validation - in a context of electronic or dematerialised documents and activities, based - on current and emerging technologies for digital signatures, key management, - time stamping, archiving and notary systems and standardised document formats. -</p> -<p> - Licence: BSD-like -</p> diff --git a/english/devel/people.names.sample b/english/devel/people.names.sample deleted file mode 100644 index da7987793c7..00000000000 --- a/english/devel/people.names.sample +++ /dev/null @@ -1,16 +0,0 @@ -<dl> -<dt><strong><a name="MAINT_3-D_printer_team">3-D printer team</a></strong> <a href="mailto:3dprinter-general@lists.alioth.debian.org"><3dprinter-general@lists.alioth.debian.org></a> - (<a href="https://qa.debian.org/developer.php?login=3dprinter-general@lists.alioth.debian.org">QA page</a>) -<dd><strong>main:</strong> arduino-mighty-1284p, cura-engine, libpolyclipping-dev, libpolyclipping16, libpolyclipping22, python-power, python3-power, sfact, skeinforge -<dt><strong><a name="MAINT_Aide_Maintainers">Aide Maintainers</a></strong> <a href="mailto:pkg-aide-maintainers@lists.alioth.debian.org"><pkg-aide-maintainers@lists.alioth.debian.org></a> - (<a href="https://qa.debian.org/developer.php?login=pkg-aide-maintainers@lists.alioth.debian.org">QA page</a>) -<dd><strong>main:</strong> aide, aide-common, aide-dynamic, aide-xen -<dt><strong><a name="MAINT_Android_tools_Maintainer">Android tools Maintainer</a></strong> <a href="mailto:android-tools-devel@lists.alioth.debian.org"><android-tools-devel@lists.alioth.debian.org></a> - (<a href="https://qa.debian.org/developer.php?login=android-tools-devel@lists.alioth.debian.org">QA page</a>) -<dd><strong>main:</strong> aapt, android-libandroidfw, android-libandroidfw-dev, android-libcutils, android-libcutils-dev, android-libhost, android-libhost-dev, android-liblog, android-liblog-dev, android-libutils, android-libutils-dev, android-libzipfile, android-libzipfile-dev, android-system-dev, android-tools-adb, android-tools-fastboot, android-tools-fsutils, dummydroid, enjarify, zipalign -<dd><strong>contrib:</strong> google-android-build-tools-17-installer, google-android-build-tools-18-installer, google-android-build-tools-19-installer, google-android-build-tools-20-installer, google-android-build-tools-21-installer, google-android-build-tools-22-installer, google-android-build-tools-23-installer, google-android-build-tools-24-installer, google-android-build-tools-installer, google-android-m2repository-installer, google-android-ndk-installer, google-android-platform-10-installer, google-android-platform-11-installer, google-android-platform-12-installer, google-android-platform-13-installer, google-android-platform-14-installer, google-android-platform-15-installer, google-android-platform-16-installer, google-android-platform-17-installer, google-android-platform-18-installer, google-android-platform-19-installer, google-android-platform-2-installer, google-android-platform-20-installer, google-android-platform-21-installer, google-android-platform-22-installer, google-android-platform-23-installer, google-android-platform-24-installer, google-android-platform-3-installer, google-android-platform-4-installer, google-android-platform-5-installer, google-android-platform-6-installer, google-android-platform-7-installer, google-android-platform-8-installer, google-android-platform-9-installer, google-android-sdk-docs-installer, repo -<dt><strong><a name="MAINT_wouter"></a><a name="MAINT_Verhelst">Verhelst</a>, Wouter</strong> <a href="mailto:wouter@debian.org"><wouter@debian.org></a> - (<a href="https://qa.debian.org/developer.php?login=wouter@debian.org">QA page</a>) - (<a href="http://www.grep.be/">home page</a>) -<dd><strong>main:</strong> aspic, fdpowermon, fdpowermon-icons, libnet-ssh-authorizedkeysfile-perl*, libola-dev, libola1, logtool, nbd-client, nbd-client-udeb, nbd-server, ola, ola-python, ola-rdm-tests, partman-nbd*, pmw, pmw-doc, sreview-common, sreview-detect, sreview-encoder, sreview-master, sreview-web -</dl> diff --git a/english/devel/people.wml b/english/devel/people.wml index 97d669e2f65..7cd6bf43fef 100644 --- a/english/devel/people.wml +++ b/english/devel/people.wml @@ -1,24 +1,16 @@ #use wml::debian::template title="Project Participants" GEN_TIME="yes" ## This page is redirected to by qa.d.o/developer.php?all=1 +## translators: this paragraph is taken from /intro/about + +<p>The complete list of official Debian members can be found on +<a href="https://nm.debian.org/members">nm.debian.org</a>, where membership is +managed. A broader list of Debian contributors can be found on +<a href="https://contributors.debian.org">contributors.debian.org</a>.</p> + <P>GPG/PGP keys of package maintainers can be downloaded from <A HREF="http://ftp.debian.org/debian/pool/main/d/debian-keyring/">here</A>. <p>If you would like to see a map of the world showing the location of many maintainers, take a look at the <a href="developers.loc">World Map of Debian Developers</a>. - -<p>There are a number of groups that maintain particularly important -or difficult packages. Of special note is Debian Quality Assurance -(QA) group, which maintains orphaned packages. - -<p>If a person is a co-maintainer (or uploader) for the package and not its -primary maintainer, this will be indicated by an asterisk (*) behind the -package name. This is often the case for group-maintained packages. - -# people.names is not in CVS because it is generated dynamically. -# Simply 'touch ../../english/devel/people.names' if you want to run wml -# on this file at home. -<protect pass=2-9> -#include '../../english/devel/people.names' IPP_NOSYNCLINES -</protect> diff --git a/english/devel/website/validation.data b/english/devel/website/validation.data index 69ad4780471..229e8ba69e3 100644 --- a/english/devel/website/validation.data +++ b/english/devel/website/validation.data @@ -6,6 +6,7 @@ ar Mohammed Adnène Trojette <adn+deb@diwi.org>, Med. Amine <medeb@protonmail.co bg Rumen Krasstev <rkrastev@obs.bg>, Damyan Ivanov <dmn@debian.org> ca Jordi Mallach <jordi@debian.org> cz Miroslav Kure <kurem@upcase.inf.upol.cz>, Juraj Kubelka <Juraj.Kubelka@email.cz> +cs Debian L10n Czech <debian-l10n-czech@lists.debian.org> da Kåre Thor Olsen <kaare@nightcall.dk> de Holger Wansing <hwansing@mailbox.org> el George Papamichelakis <debian-l10n-greek@lists.debian.org> diff --git a/english/distrib/archive.wml b/english/distrib/archive.wml index a01a60cc81f..d71b780feda 100644 --- a/english/distrib/archive.wml +++ b/english/distrib/archive.wml @@ -15,6 +15,8 @@ Archives</a>, <tt>http://archive.debian.org/debian/</tt>.</p> <p>Releases are stored by their codenames under the dists/ directory.</p> <ul> + <li><a href="../releases/jessie/">jessie</a> is Debian 8.0</li> + <li><a href="../releases/wheezy/">wheezy</a> is Debian 7.0</li> <li><a href="../releases/squeeze/">squeeze</a> is Debian 6.0</li> <li><a href="../releases/lenny/">lenny</a> is Debian 5.0</li> <li><a href="../releases/etch/">etch</a> is Debian 4.0</li> diff --git a/english/distrib/pre-installed.data b/english/distrib/pre-installed.data index ddb78454802..7c29b998719 100644 --- a/english/distrib/pre-installed.data +++ b/english/distrib/pre-installed.data @@ -659,6 +659,19 @@ TKD Road, Marappalam<br /> Pattom P. O., Trivandrum<br /> Kerala - 695004, <country-name IN>" /> +<vendor name="NaveenGanesan.com" + country="in" + URL="https://naveenganesan.com/computing/" + email="cs@naveenganesan.com" + phone="+919003730008" + ship="yes" + smail="Naveenkumar Ganesan<br /> + 13, 50 Feet Rd,<br /> + Krishnaswamy Nagar,<br /> + Sowripalayam Pirivu,<br /> + Ramanathapuram,<br /> + Tamil Nadu - 641045, <country-name IN>" /> + </country> diff --git a/english/events/material.wml b/english/events/material.wml index 3ab4e4c3612..5452f336e5a 100644 --- a/english/events/material.wml +++ b/english/events/material.wml @@ -186,8 +186,8 @@ to edit the <tt>card.tex</tt> file with the personal data and simply run <p>If you have to hurriedly hold a talk about “What is the Debian Project?” do not worry. You can <a href="materials/slides/debian_mgp_slides.tar.gz">\ retrieve</a> the slides or <a href="materials/slides/">browse the source</a> -for ideas. You can also take look at the <a href="talks">list of -talks</a> given by various people which cover Debian or some aspects +for ideas. You can also take look at the <a href="https://wiki.debian.org/Presentations"> +list of talks</a> given by various people which cover Debian or some aspects of the project. Joey also set up a general <a href="https://www.infodrom.org/Debian/events/talk-general.html">framework</a> for a Debian related talk that you may want to base your talk upon.</p> @@ -235,6 +235,10 @@ license of the software.</p> <p>A good source of ideas and images for use in Debian merchandising is <a href="http://gnuart.onshore.com/">http://gnuart.onshore.com/</a>.</p> +<p>Others printables advertising like the <q>Reference Card</q> or the +<q>Debian cheat cube</q> are available on +<a href="https://wiki.debian.org/Promote/PrintAdvertising">Print Advertising wiki page</a>.</p> + <p><Strong>Note:</Strong> Some of the sources (like flyers, pamphlets or slides) may have become out of date since they were prepared. If you use them for a new event be sure to check that the information is up-to-date and update them diff --git a/english/intro/community-team-pubkey.txt b/english/intro/community-team-pubkey.txt index 0c468e18668..15e2ce67ab5 100644 --- a/english/intro/community-team-pubkey.txt +++ b/english/intro/community-team-pubkey.txt @@ -80,29 +80,41 @@ X1HLSIOeXJtKsuBSpJSugXKKLa0i1Re65YQ/ZNjIxvc0yh1l4SnXufN0u+lIa/qD L+Z21l1rUy+j9wY3WxcvZv4Uqcy6tH88QFXiOuPQ8a5dWwiHm4w0l6TSKX9gKD2G 9N12Ufh3Wn7bg5bGyQhxzQH+o2lb0EQg6yy/hWDH76nGBDbc13ClkZqbcNTJJPqU bmB5rWD5LtMQWL0BWDWksnq7lE0GVW1oCWORVj63NJOPlQKXc6cCQDRruukxD0kR -Vc5fdvrYBMC1p+50uSoNtyA55zAno1561+Ryq0ISAOJ2OOC5Ag0EXy/cXQEQAKyJ -lFFxx+NGxZU+qaUYYaEvO/dyMLCMX73fY9IdD/zLaepwGNbsvZLlA7Tq/aXuq2lg -kY7JdF5ZBiTckygXQHW7ZrdXvXU8rsoAnLnFzoCXHmowJQuHF85RPiM8SzFlZHCF -U7Fx6tUV699oBMzMqJVMq0REXiGEPhZWP8lts+AYh/Sjxue7JhbO8gHGoYQuIphf -4GokcKzUDeYdbCOi88IGJxQgufeEHDtMak0LPXuWow+I+rEDOJ1BR5/9S2rHq5Dc -pQuKs3OZ4T0JYQhrfNHWyLh6vxl8fkb2puQFN2cLqGD9lth9YsYEP7+6NGRYkXDd -NxkOOVT4h3GknyhF+1Th2whAiQnQfnQzv9hIro3raNMo/2vo4/4BKuZS1j54MDWT -UIC4wmoTSKO08LDyujBaKCeacpSYcFv+8rqzV31pFWlOHmAb54UtECpA0C6Iraz+ -Pl8CrkeGCLlShWzihWhksjnvmlI1leimJkkTZi6irAmcETEGzQ++vhw1O+chxTg0 -iIZL46XC/JamXn7Td9FYWKwl5+AHPEmsUt8fAVPr1pA4khc2ZRnzSbNOscvKlvOO -lPq10ggbYM9ktBsYl8pDjed1pAYWjpNe5wDZ91/vAtYjerHkOLwNKvfJ1KFws5p2 -Hu4ouwfDjmr4PINiT3+/ehtI794uJywKywocZ5U9ABEBAAGJAjwEGAEIACYWIQSB -fa5h4v5Moo4bd2KonE0FJ8TIaQUCXy/cXQIbDAUJCWYBgAAKCRConE0FJ8TIaZn+ -EAC2Fh7RygbR8Av50GxiQv83zhAWc7LTtzHdojRQlUYtUU83Q2sDYODtpabLg8qH -Y25tb8ABuP+ZpulNixwIYsj6wKRQz/LlZskV41QnuO2Q1ZwS58d5+T1Z3Qcfx51W -a7i8FAj7xXFnxgptGmIcgaI3wZKRsoLVl1wLYM9Z9wacM38A8PvVhxicCTf2L+aH -DPBhTtLLC+iSwBMn+ax7XWvy9LW960HTGuDNGyoy3Q8iHbE1TWjSEVLTGwZleUS0 -yyINAG1TZfn1fw4RCf9dvfLLcDj/yJN+tc7tH2032tNa4OXrG6cYYrXaHeivC8tx -R/zTbLWtONjpBez3X/6oeAtgKY7fyXNFpI2nKr4tbhIGJCTBfpSGJ/8ORYUAQrLF -CvoVb2ples0Hw8h0CcNeoNvZTlTXMIPwsY/r5vvcoDKic6j4gIG9RJ8tRIYpJMk2 -+86K/JLmRcvf/fYjOv0nWJNNEjy+rfaUc/BzDHSfQMlZqyt9foF5UxqpA/A/sTht -edUUI/W28N9jENsR9+BzfbTZYZlmmAQy6tq8j9+RZutGoqf3Yozk+Fwl/WLDfiYd -pUE2bf42htBWISIWa3ePqWFQXCpbmbFEpEbPGIVEUdnvu/gCUAObkiiIDtfUWwxb -ufFumnMYVMY0M4U4Cnkgr3jsVdMUexBRT7B+2iYqn827gg== -=CgGM +Vc5fdvrYBMC1p+50uSoNtyA55zAno1561+Ryq0ISAOJ2OOCJAjMEEAEIAB0WIQRV +ll45k+BuK1ulzYRKqPwkIu8fDwUCX7wbywAKCRBKqPwkIu8fD3UOD/9uwsosTYyD +8tRn+rdYQ6ftr0xXYLZHIAmSMTlUyng+ZX9rrDDqktB0lgUOOZAyTeMjPRyAlHVG +u3vjte9gAaClsktvyyY6z+fZDXzlx/+hdx/BYyPYTX1M6HHxXRZ0DwfM/GhXKSSC +WU1mmy0DPPvApnaXvwX03OydHkHevbT8mOy6VyxesPLyrYVbZ4D8ASbev/SfIDTo +sbZ+zlD3PAvVYu0jEUrNcbyYGerFOaihgSycVw66RDzrY5CjFmwiFM5K+O7l4pEr +raZneA4WKo5A4UaMganXiCAy99wFgtZctmHK7cp88xFWAm91fU9B7gTOuKmvbfWX +4MXcs0KMkscEP82FwZ/L8K9bVs2Iw9CZgytd6aHEVmNcidg5qkijn0Pw/MQJvtEY +jL1pYxRDZ5jAvc+I2izWMizSPbPZPXnFK4IxLRLvwLSc0sMs9iCJbFLJU9/ts+Os +lhxNuBXzOBanR4QS5NwV3fnwNetPgXx1IQ99RFByqaknCnxi8bvRBgsnuPdC4Axf +9o241SlEyyxtSWK8kUBh3s2WC4yJ050/5n+cnwvAHJW2651CyhsQwC/UfOf1M7XR +KxVUNcDfxYItyNSTlUo3bk37OQ3YzvMkVJtpW1Es0SyvvIcJ4WeaJnVzy0LVeV5o +f6p3SRQgjBUXloDmIsst51anzURExQJ5BbkCDQRfL9xdARAArImUUXHH40bFlT6p +pRhhoS8793IwsIxfvd9j0h0P/Mtp6nAY1uy9kuUDtOr9pe6raWCRjsl0XlkGJNyT +KBdAdbtmt1e9dTyuygCcucXOgJceajAlC4cXzlE+IzxLMWVkcIVTsXHq1RXr32gE +zMyolUyrREReIYQ+FlY/yW2z4BiH9KPG57smFs7yAcahhC4imF/gaiRwrNQN5h1s +I6LzwgYnFCC594QcO0xqTQs9e5ajD4j6sQM4nUFHn/1LaserkNylC4qzc5nhPQlh +CGt80dbIuHq/GXx+Rvam5AU3ZwuoYP2W2H1ixgQ/v7o0ZFiRcN03GQ45VPiHcaSf +KEX7VOHbCECJCdB+dDO/2Eiujeto0yj/a+jj/gEq5lLWPngwNZNQgLjCahNIo7Tw +sPK6MFooJ5pylJhwW/7yurNXfWkVaU4eYBvnhS0QKkDQLoitrP4+XwKuR4YIuVKF +bOKFaGSyOe+aUjWV6KYmSRNmLqKsCZwRMQbND76+HDU75yHFODSIhkvjpcL8lqZe +ftN30VhYrCXn4Ac8SaxS3x8BU+vWkDiSFzZlGfNJs06xy8qW846U+rXSCBtgz2S0 +GxiXykON53WkBhaOk17nANn3X+8C1iN6seQ4vA0q98nUoXCzmnYe7ii7B8OOavg8 +g2JPf796G0jv3i4nLArLChxnlT0AEQEAAYkCPAQYAQgAJhYhBIF9rmHi/kyijht3 +YqicTQUnxMhpBQJfL9xdAhsMBQkJZgGAAAoJEKicTQUnxMhpmf4QALYWHtHKBtHw +C/nQbGJC/zfOEBZzstO3Md2iNFCVRi1RTzdDawNg4O2lpsuDyodjbm1vwAG4/5mm +6U2LHAhiyPrApFDP8uVmyRXjVCe47ZDVnBLnx3n5PVndBx/HnVZruLwUCPvFcWfG +Cm0aYhyBojfBkpGygtWXXAtgz1n3BpwzfwDw+9WHGJwJN/Yv5ocM8GFO0ssL6JLA +Eyf5rHtda/L0tb3rQdMa4M0bKjLdDyIdsTVNaNIRUtMbBmV5RLTLIg0AbVNl+fV/ +DhEJ/1298stwOP/Ik361zu0fbTfa01rg5esbpxhitdod6K8Ly3FH/NNsta042OkF +7Pdf/qh4C2Apjt/Jc0Wkjacqvi1uEgYkJMF+lIYn/w5FhQBCssUK+hVvamV6zQfD +yHQJw16g29lOVNcwg/Cxj+vm+9ygMqJzqPiAgb1Eny1EhikkyTb7zor8kuZFy9/9 +9iM6/SdYk00SPL6t9pRz8HMMdJ9AyVmrK31+gXlTGqkD8D+xOG151RQj9bbw32MQ +2xH34HN9tNlhmWaYBDLq2ryP35Fm60aip/dijOT4XCX9YsN+Jh2lQTZt/jaG0FYh +IhZrd4+pYVBcKluZsUSkRs8YhURR2e+7+AJQA5uSKIgO19RbDFu58W6acxhUxjQz +hTgKeSCveOxV0xR7EFFPsH7aJiqfzbuC +=I/yA -----END PGP PUBLIC KEY BLOCK----- diff --git a/english/intro/organization.data b/english/intro/organization.data index d5a0171c63f..b84c05204bc 100644 --- a/english/intro/organization.data +++ b/english/intro/organization.data @@ -212,6 +212,7 @@ transitional (elected or appointed with a certain expiration date).</gettext> <job <a name="data-protection"><gettext domain="organization">Data Protection team</gettext></a>> <genericemail data-protection@debian.org> <delegationmail 1528227688.412908.1397547576.57703279@webmail.messagingengine.com> <member>Jonathan McDowell<delegate_male> <member>Tollef Fog Heen<delegate_male> + <member>Matthew Vernon<delegate_male> <job <a name="publicity" href="https://wiki.debian.org/Teams/Publicity"><gettext domain="organization">Publicity team</gettext></a>> <genericemail debian-publicity@lists.debian.org> <delegationmail 1527454813.1668886.1387370912.1CCDF411@webmail.messagingengine.com> <member>Laura Arjona Reina<delegate_female> diff --git a/english/lts/security/2020/dla-2379-3.data b/english/lts/security/2020/dla-2379-3.data new file mode 100644 index 00000000000..d0c268d7eb5 --- /dev/null +++ b/english/lts/security/2020/dla-2379-3.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2379-3 mediawiki</define-tag> +<define-tag report_date>2020-11-21</define-tag> +<define-tag packages>mediawiki</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2379-3.wml b/english/lts/security/2020/dla-2379-3.wml new file mode 100644 index 00000000000..bd22637f635 --- /dev/null +++ b/english/lts/security/2020/dla-2379-3.wml @@ -0,0 +1,24 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>The update of mediawiki released as DLA-2379-2 contained a defect in the +patch for <a href="https://security-tracker.debian.org/tracker/CVE-2020-25827">CVE-2020-25827</a> which resulted from a possible use of an +uninitialized variable. Updated mediawiki packages are now available to +correct this issue.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1:1.27.7-1~deb9u6.</p> + +<p>We recommend that you upgrade your mediawiki packages.</p> + +<p>For the detailed security status of mediawiki please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/mediawiki">https://security-tracker.debian.org/tracker/mediawiki</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2379-3.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2408.data b/english/lts/security/2020/dla-2408.data new file mode 100644 index 00000000000..135a908ff6e --- /dev/null +++ b/english/lts/security/2020/dla-2408.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2408-1 thunderbird</define-tag> +<define-tag report_date>2020-10-17</define-tag> +<define-tag secrefs>CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678</define-tag> +<define-tag packages>thunderbird</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2408.wml b/english/lts/security/2020/dla-2408.wml new file mode 100644 index 00000000000..37a488665d6 --- /dev/null +++ b/english/lts/security/2020/dla-2408.wml @@ -0,0 +1,32 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple security issues have been found in Thunderbird, which may lead +to the execution of arbitrary code or denial of service.</p> + +<p>Debian follows the Thunderbird upstream releases. Support for the 68.x +series has ended, so starting with this update we're now following +the 78.x releases.</p> + +<p>The 78.x series discontinues support for some addons. Also, starting +with 78, Thunderbird supports OpenPGP natively. If you are currently +using the Enigmail addon for PGP, please refer to the included NEWS +and README.Debian.gz files for information on how to migrate your +keys.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +1:78.3.1-2~deb9u1.</p> + +<p>We recommend that you upgrade your thunderbird packages.</p> + +<p>For the detailed security status of thunderbird please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/thunderbird">https://security-tracker.debian.org/tracker/thunderbird</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2408.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2409.data b/english/lts/security/2020/dla-2409.data new file mode 100644 index 00000000000..4ad79197b57 --- /dev/null +++ b/english/lts/security/2020/dla-2409.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2409-1 mariadb-10.1</define-tag> +<define-tag report_date>2020-10-21</define-tag> +<define-tag secrefs>CVE-2020-15180</define-tag> +<define-tag packages>mariadb-10.1</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2409.wml b/english/lts/security/2020/dla-2409.wml new file mode 100644 index 00000000000..4c2b05d460e --- /dev/null +++ b/english/lts/security/2020/dla-2409.wml @@ -0,0 +1,21 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>A security issue was discovered in the MariaDB database server.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +10.1.47-0+deb9u1.</p> + +<p>We recommend that you upgrade your mariadb-10.1 packages.</p> + +<p>For the detailed security status of mariadb-10.1 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/mariadb-10.1">https://security-tracker.debian.org/tracker/mariadb-10.1</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2409.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2410.data b/english/lts/security/2020/dla-2410.data new file mode 100644 index 00000000000..010f7db8693 --- /dev/null +++ b/english/lts/security/2020/dla-2410.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2410-1 bluez</define-tag> +<define-tag report_date>2020-10-21</define-tag> +<define-tag secrefs>CVE-2020-27153</define-tag> +<define-tag packages>bluez</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security diff --git a/english/lts/security/2020/dla-2410.wml b/english/lts/security/2020/dla-2410.wml new file mode 100644 index 00000000000..92c6dc19468 --- /dev/null +++ b/english/lts/security/2020/dla-2410.wml @@ -0,0 +1,30 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>It was discovered that there was a double-free vulnerability in BlueZ, a +suite of Bluetooth tools, utilities and daemons.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-27153">CVE-2020-27153</a> + + <p>In BlueZ before 5.55, a double free was found in the gatttool + disconnect_cb() routine from shared/att.c. A remote attacker could + potentially cause a denial of service or code execution, during service + discovery, due to a redundant disconnect MGMT event.</p></li> + +</ul> + +<p>For Debian 9 <q>Stretch</q>, these problems have been fixed in version +5.43-2+deb9u3.</p> + +<p>We recommend that you upgrade your bluez packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2410.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2411.data b/english/lts/security/2020/dla-2411.data new file mode 100644 index 00000000000..b0b170d3a1d --- /dev/null +++ b/english/lts/security/2020/dla-2411.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2411-1 firefox-esr</define-tag> +<define-tag report_date>2020-10-21</define-tag> +<define-tag secrefs>CVE-2020-15683 CVE-2020-15969</define-tag> +<define-tag packages>firefox-esr</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2411.wml b/english/lts/security/2020/dla-2411.wml new file mode 100644 index 00000000000..c2b9153a56a --- /dev/null +++ b/english/lts/security/2020/dla-2411.wml @@ -0,0 +1,23 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple security issues have been found in the Mozilla Firefox web +browser, which could potentially result in the execution of arbitrary +code.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +78.4.0esr-1~deb9u1.</p> + +<p>We recommend that you upgrade your firefox-esr packages.</p> + +<p>For the detailed security status of firefox-esr please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/firefox-esr">https://security-tracker.debian.org/tracker/firefox-esr</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2411.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2412.data b/english/lts/security/2020/dla-2412.data new file mode 100644 index 00000000000..97bcf5ee53c --- /dev/null +++ b/english/lts/security/2020/dla-2412.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2412-1 openjdk-8</define-tag> +<define-tag report_date>2020-10-23</define-tag> +<define-tag secrefs>CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803</define-tag> +<define-tag packages>openjdk-8</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2412.wml b/english/lts/security/2020/dla-2412.wml new file mode 100644 index 00000000000..442e20791c5 --- /dev/null +++ b/english/lts/security/2020/dla-2412.wml @@ -0,0 +1,23 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities have been discovered in the OpenJDK Java runtime, +resulting in denial of service, bypass of sandbox restrictions or +information disclosure.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +8u272-b10-0+deb9u1.</p> + +<p>We recommend that you upgrade your openjdk-8 packages.</p> + +<p>For the detailed security status of openjdk-8 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/openjdk-8">https://security-tracker.debian.org/tracker/openjdk-8</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2412.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2413.data b/english/lts/security/2020/dla-2413.data new file mode 100644 index 00000000000..24b0520b582 --- /dev/null +++ b/english/lts/security/2020/dla-2413.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2413-1 phpmyadmin</define-tag> +<define-tag report_date>2020-10-26</define-tag> +<define-tag secrefs>CVE-2019-19617 CVE-2020-26934 CVE-2020-26935 Bug#971999 Bug#972000</define-tag> +<define-tag packages>phpmyadmin</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2413.wml b/english/lts/security/2020/dla-2413.wml new file mode 100644 index 00000000000..ae53d6e1b86 --- /dev/null +++ b/english/lts/security/2020/dla-2413.wml @@ -0,0 +1,46 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities were found in package phpmyadmin.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-19617">CVE-2019-19617</a> + + <p>phpMyAdmin does not escape certain Git information, related to + libraries/classes/Display/GitRevision.php and libraries/classes + /Footer.php.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-26934">CVE-2020-26934</a> + + <p>A vulnerability was discovered where an attacker can cause an XSS + attack through the transformation feature.</p> + + <p>If an attacker sends a crafted link to the victim with the malicious + JavaScript, when the victim clicks on the link, the JavaScript will run + and complete the instructions made by the attacker.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-26935">CVE-2020-26935</a> + + <p>An SQL injection vulnerability was discovered in how phpMyAdmin + processes SQL statements in the search feature. An attacker could use + this flaw to inject malicious SQL in to a query.</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +4.6.6-4+deb9u2.</p> + +<p>We recommend that you upgrade your phpmyadmin packages.</p> + +<p>For the detailed security status of phpmyadmin please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/phpmyadmin">https://security-tracker.debian.org/tracker/phpmyadmin</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2413.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2414.data b/english/lts/security/2020/dla-2414.data new file mode 100644 index 00000000000..bcc0ee33c15 --- /dev/null +++ b/english/lts/security/2020/dla-2414.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2414-1 fastd</define-tag> +<define-tag report_date>2020-10-25</define-tag> +<define-tag secrefs>CVE-2020-27638 Bug#972521</define-tag> +<define-tag packages>fastd</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2414.wml b/english/lts/security/2020/dla-2414.wml new file mode 100644 index 00000000000..9222e428b84 --- /dev/null +++ b/english/lts/security/2020/dla-2414.wml @@ -0,0 +1,23 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>In fastd, a fast and secure tunnelling daemon, a receive buffer +handling problem was discovered which allows a denial of service +(memory exhaustion) when receiving packets with an invalid type code.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +18-2+deb9u1.</p> + +<p>We recommend that you upgrade your fastd packages.</p> + +<p>For the detailed security status of fastd please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/fastd">https://security-tracker.debian.org/tracker/fastd</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2414.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2415.data b/english/lts/security/2020/dla-2415.data new file mode 100644 index 00000000000..d0c53e2b0b8 --- /dev/null +++ b/english/lts/security/2020/dla-2415.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2415-1 freetype</define-tag> +<define-tag report_date>2020-10-25</define-tag> +<define-tag secrefs>CVE-2020-15999</define-tag> +<define-tag packages>freetype</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2415.wml b/english/lts/security/2020/dla-2415.wml new file mode 100644 index 00000000000..0d6f633264a --- /dev/null +++ b/english/lts/security/2020/dla-2415.wml @@ -0,0 +1,25 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Sergei Glazunov discovered a heap-based buffer overflow vulnerability in +the handling of embedded PNG bitmaps in FreeType. Opening malformed fonts +may result in denial of service or the execution of arbitrary code.</p> + + +<p>For Debian 9 stretch, this problem has been fixed in version +2.6.3-3.2+deb9u2.</p> + +<p>We recommend that you upgrade your freetype packages.</p> + +<p>For the detailed security status of freetype please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/freetype">https://security-tracker.debian.org/tracker/freetype</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2415.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2416.data b/english/lts/security/2020/dla-2416.data new file mode 100644 index 00000000000..66b08e28a41 --- /dev/null +++ b/english/lts/security/2020/dla-2416.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2416-1 thunderbird</define-tag> +<define-tag report_date>2020-10-27</define-tag> +<define-tag secrefs>CVE-2020-15683 CVE-2020-15969</define-tag> +<define-tag packages>thunderbird</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2416.wml b/english/lts/security/2020/dla-2416.wml new file mode 100644 index 00000000000..65406928763 --- /dev/null +++ b/english/lts/security/2020/dla-2416.wml @@ -0,0 +1,22 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple security issues have been found in Thunderbird, which may lead +to the execution of arbitrary code or denial of service.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +1:78.4.0-1~deb9u1.</p> + +<p>We recommend that you upgrade your thunderbird packages.</p> + +<p>For the detailed security status of thunderbird please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/thunderbird">https://security-tracker.debian.org/tracker/thunderbird</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2416.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2417.data b/english/lts/security/2020/dla-2417.data new file mode 100644 index 00000000000..21c0532f90f --- /dev/null +++ b/english/lts/security/2020/dla-2417.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2417-1 linux-4.19</define-tag> +<define-tag report_date>2020-10-28</define-tag> +<define-tag secrefs>CVE-2020-12351 CVE-2020-12352 CVE-2020-25211 CVE-2020-25643 CVE-2020-25645 Bug#908712</define-tag> +<define-tag packages>linux-4.19</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2417.wml b/english/lts/security/2020/dla-2417.wml new file mode 100644 index 00000000000..5bcdc7aaeed --- /dev/null +++ b/english/lts/security/2020/dla-2417.wml @@ -0,0 +1,63 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities have been discovered in the Linux kernel that +may lead to the execution of arbitrary code, privilege escalation, +denial of service or information leaks.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12351">CVE-2020-12351</a> + + <p>Andy Nguyen discovered a flaw in the Bluetooth implementation in the + way L2CAP packets with A2MP CID are handled. A remote attacker in + short distance knowing the victim's Bluetooth device address can + send a malicious l2cap packet and cause a denial of service or + possibly arbitrary code execution with kernel privileges.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12352">CVE-2020-12352</a> + + <p>Andy Nguyen discovered a flaw in the Bluetooth implementation. Stack + memory is not properly initialised when handling certain AMP + packets. A remote attacker in short distance knowing the victim's + Bluetooth device address address can retrieve kernel stack + information.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25211">CVE-2020-25211</a> + + <p>A flaw was discovered in netfilter subsystem. A local attacker + able to inject conntrack Netlink configuration can cause a denial + of service.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25643">CVE-2020-25643</a> + + <p>ChenNan Of Chaitin Security Research Lab discovered a flaw in the + hdlc_ppp module. Improper input validation in the ppp_cp_parse_cr() + function may lead to memory corruption and information disclosure.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25645">CVE-2020-25645</a> + + <p>A flaw was discovered in the interface driver for GENEVE + encapsulated traffic when combined with IPsec. If IPsec is + configured to encrypt traffic for the specific UDP port used by the + GENEVE tunnel, tunneled data isn't correctly routed over the + encrypted link and sent unencrypted instead.</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +4.19.152-1~deb9u1.</p> + +<p>We recommend that you upgrade your linux-4.19 packages.</p> + +<p>For the detailed security status of linux-4.19 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/linux-4.19">https://security-tracker.debian.org/tracker/linux-4.19</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2417.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2418.data b/english/lts/security/2020/dla-2418.data new file mode 100644 index 00000000000..ea3b368f992 --- /dev/null +++ b/english/lts/security/2020/dla-2418.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2418-1 libsndfile</define-tag> +<define-tag report_date>2020-10-29</define-tag> +<define-tag secrefs>CVE-2017-6892 CVE-2017-14245 CVE-2017-14246 CVE-2017-14634 CVE-2018-19661 CVE-2018-19662 CVE-2018-19758 CVE-2019-3832</define-tag> +<define-tag packages>libsndfile</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2418.wml b/english/lts/security/2020/dla-2418.wml new file mode 100644 index 00000000000..acd71b7cd2e --- /dev/null +++ b/english/lts/security/2020/dla-2418.wml @@ -0,0 +1,26 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Several issues have been found in libsndfile, a library for +reading/writing audio files. +All issues are basically divide by zero errors, heap read overflows or +other buffer overlow errors.</p> + + +<p>For Debian 9 stretch, these problems have been fixed in version +1.0.27-3+deb9u1.</p> + +<p>We recommend that you upgrade your libsndfile packages.</p> + +<p>For the detailed security status of libsndfile please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/libsndfile">https://security-tracker.debian.org/tracker/libsndfile</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2418.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2419.data b/english/lts/security/2020/dla-2419.data new file mode 100644 index 00000000000..a25cdd4369f --- /dev/null +++ b/english/lts/security/2020/dla-2419.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2419-1 dompurify.js</define-tag> +<define-tag report_date>2020-10-29</define-tag> +<define-tag secrefs>CVE-2019-16728 CVE-2020-26870</define-tag> +<define-tag packages>dompurify.js</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2419.wml b/english/lts/security/2020/dla-2419.wml new file mode 100644 index 00000000000..05d13ba2741 --- /dev/null +++ b/english/lts/security/2020/dla-2419.wml @@ -0,0 +1,25 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Two issues have been found in dompurify.js, an XSS sanitizer for HTML, +MathML and SVG. +Both issues are related to mXSS issues in SVG- or MATH-elements.</p> + + +<p>For Debian 9 stretch, these problems have been fixed in version +0.8.2~dfsg1-1+deb9u1.</p> + +<p>We recommend that you upgrade your dompurify.js packages.</p> + +<p>For the detailed security status of dompurify.js please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/dompurify.js">https://security-tracker.debian.org/tracker/dompurify.js</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2419.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2420-2.data b/english/lts/security/2020/dla-2420-2.data new file mode 100644 index 00000000000..bbf0ff47f88 --- /dev/null +++ b/english/lts/security/2020/dla-2420-2.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2420-2 linux</define-tag> +<define-tag report_date>2020-10-31</define-tag> +<define-tag secrefs>CVE-2019-9445 CVE-2019-19073 CVE-2019-19074 CVE-2019-19448 CVE-2020-12351 CVE-2020-12352 CVE-2020-12655 CVE-2020-12771 CVE-2020-12888 CVE-2020-14305 CVE-2020-14314 CVE-2020-14331 CVE-2020-14356 CVE-2020-14386 CVE-2020-14390 CVE-2020-15393 CVE-2020-16166 CVE-2020-24490 CVE-2020-25211 CVE-2020-25212 CVE-2020-25220 CVE-2020-25284 CVE-2020-25285 CVE-2020-25641 CVE-2020-25643 CVE-2020-26088</define-tag> +<define-tag packages>linux</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2420-2.wml b/english/lts/security/2020/dla-2420-2.wml new file mode 100644 index 00000000000..dad16f81962 --- /dev/null +++ b/english/lts/security/2020/dla-2420-2.wml @@ -0,0 +1,212 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>This update corrects a regression in some Xen virtual machine +environments. For reference the original advisory text follows.</p> + +<p>Several vulnerabilities have been discovered in the Linux kernel that +may lead to the execution of arbitrary code, privilege escalation, +denial of service or information leaks.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-9445">CVE-2019-9445</a> + + <p>A potential out-of-bounds read was discovered in the F2FS + implementation. A user permitted to mount and access arbitrary + filesystems could potentially use this to cause a denial of + service (crash) or to read sensitive information.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-19073">CVE-2019-19073</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2019-19074">CVE-2019-19074</a> + + <p>Navid Emamdoost discovered potential memory leaks in the ath9k and + ath9k_htc drivers. The security impact of these is unclear.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-19448">CVE-2019-19448</a> + + <p><q>Team bobfuzzer</q> reported a bug in Btrfs that could lead to a + use-after-free, and could be triggered by crafted filesystem + images. A user permitted to mount and access arbitrary + filesystems could use this to cause a denial of service (crash or + memory corruption) or possibly for privilege escalation.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12351">CVE-2020-12351</a> + + <p>Andy Nguyen discovered a flaw in the Bluetooth implementation in + the way L2CAP packets with A2MP CID are handled. A remote attacker + within a short distance, knowing the victim's Bluetooth device + address, can send a malicious l2cap packet and cause a denial of + service or possibly arbitrary code execution with kernel + privileges.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12352">CVE-2020-12352</a> + + <p>Andy Nguyen discovered a flaw in the Bluetooth implementation. + Stack memory is not properly initialised when handling certain AMP + packets. A remote attacker within a short distance, knowing the + victim's Bluetooth device address address, can retrieve kernel + stack information.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12655">CVE-2020-12655</a> + + <p>Zheng Bin reported that crafted XFS volumes could trigger a system + hang. An attacker able to mount such a volume could use this to + cause a denial of service.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12771">CVE-2020-12771</a> + + <p>Zhiqiang Liu reported a bug in the bcache block driver that could + lead to a system hang. The security impact of this is unclear.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12888">CVE-2020-12888</a> + + <p>It was discovered that the PCIe Virtual Function I/O (vfio-pci) + driver allowed users to disable a device's memory space while it + was still mapped into a process. On some hardware platforms, + local users or guest virtual machines permitted to access PCIe + Virtual Functions could use this to cause a denial of service + (hardware error and crash).</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14305">CVE-2020-14305</a> + + <p>Vasily Averin of Virtuozzo discovered a potential heap buffer + overflow in the netfilter nf_contrack_h323 module. When this + module is used to perform connection tracking for TCP/IPv6, a + remote attacker could use this to cause a denial of service (crash + or memory corruption) or possibly for remote code execution with + kernel privilege.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14314">CVE-2020-14314</a> + + <p>A bug was discovered in the ext4 filesystem that could lead to an + out-of-bound read. A local user permitted to mount and access + arbitrary filesystem images could use this to cause a denial of + service (crash).</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14331">CVE-2020-14331</a> + + <p>A bug was discovered in the VGA console driver's soft-scrollback + feature that could lead to a heap buffer overflow. On a system + with a custom kernel that has CONFIG_VGACON_SOFT_SCROLLBACK + enabled, a local user with access to a console could use this to + cause a denial of service (crash or memory corruption) or possibly + for privilege escalation.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14356">CVE-2020-14356</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2020-25220">CVE-2020-25220</a> + + <p>A bug was discovered in the cgroup subsystem's handling of socket + references to cgroups. In some cgroup configurations, this could + lead to a use-after-free. A local user might be able to use this + to cause a denial of service (crash or memory corruption) or + possibly for privilege escalation.</p> + + <p>The original fix for this bug introudced a new security issue, + which is also addressed in this update.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14386">CVE-2020-14386</a> + + <p>Or Cohen discovered a bug in the packet socket (AF_PACKET) + implementation which could lead to a heap buffer overflow. A + local user with the CAP_NET_RAW capability (in any user namespace) + could use this to cause a denial of service (crash or memory + corruption) or possibly for privilege escalation.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14390">CVE-2020-14390</a> + + <p>Minh Yuan discovered a bug in the framebuffer console driver's + scrollback feature that could lead to a heap buffer overflow. On + a system using framebuffer consoles, a local user with access to a + console could use this to cause a denial of service (crash or + memory corruption) or possibly for privilege escalation.</p> + + <p>The scrollback feature has been disabled for now, as no other fix + was available for this issue.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-15393">CVE-2020-15393</a> + + <p>Kyungtae Kim reported a memory leak in the usbtest driver. The + security impact of this is unclear.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-16166">CVE-2020-16166</a> + + <p>Amit Klein reported that the random number generator used by the + network stack might not be re-seeded for long periods of time, + making e.g. client port number allocations more predictable. This + made it easier for remote attackers to carry out some network based attacks such as DNS cache poisoning or device tracking.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-24490">CVE-2020-24490</a> + + <p>Andy Nguyen discovered a flaw in the Bluetooth implementation that + can lead to a heap buffer overflow. On systems with a Bluetooth 5 + hardware interface, a remote attacker within a short distance can + use this to cause a denial of service (crash or memory corruption) + or possibly for remote code execution with kernel privilege.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25211">CVE-2020-25211</a> + + <p>A flaw was discovered in netfilter subsystem. A local attacker + able to inject conntrack Netlink configuration can cause a denial + of service.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25212">CVE-2020-25212</a> + + <p>A bug was discovered in the NFSv4 client implementation that could + lead to a heap buffer overflow. A malicious NFS server could use + this to cause a denial of service (crash or memory corruption) or + possibly to execute arbitrary code on the client.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25284">CVE-2020-25284</a> + + <p>It was discovered that the Rados block device (rbd) driver allowed + tasks running as uid 0 to add and remove rbd devices, even if they + dropped capabilities. On a system with the rbd driver loaded, + this might allow privilege escalation from a container with a task + running as root.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25285">CVE-2020-25285</a> + + <p>A race condition was discovered in the hugetlb filesystem's sysctl + handlers, that could lead to stack corruption. A local user + permitted to write to hugepages sysctls could use this to cause a + denial of service (crash or memory corruption) or possibly for + privilege escalation. By default only the root user can do this.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25641">CVE-2020-25641</a> + + <p>The syzbot tool found a bug in the block layer that could lead to + an infinite loop. A local user with access to a raw block device + could use this to cause a denial of service (unbounded CPU use and + possible system hang).</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25643">CVE-2020-25643</a> + + <p>ChenNan Of Chaitin Security Research Lab discovered a flaw in the + hdlc_ppp module. Improper input validation in the ppp_cp_parse_cr() + function may lead to memory corruption and information disclosure.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-26088">CVE-2020-26088</a> + + <p>It was discovered that the NFC (Near Field Communication) socket + implementation allowed any user to create raw sockets. On a + system with an NFC interface, this allowed local users to evade + local network security policy.</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +4.9.240-1. This update additionally includes many more bug fixes from +stable updates 4.9.229-4.9.240 inclusive.</p> + +<p>We recommend that you upgrade your linux packages.</p> + +<p>For the detailed security status of linux please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/linux">https://security-tracker.debian.org/tracker/linux</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2420-2.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2420.data b/english/lts/security/2020/dla-2420.data new file mode 100644 index 00000000000..4b35cf35532 --- /dev/null +++ b/english/lts/security/2020/dla-2420.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2420-1 linux</define-tag> +<define-tag report_date>2020-10-30</define-tag> +<define-tag secrefs>CVE-2019-9445 CVE-2019-19073 CVE-2019-19074 CVE-2019-19448 CVE-2020-12351 CVE-2020-12352 CVE-2020-12655 CVE-2020-12771 CVE-2020-12888 CVE-2020-14305 CVE-2020-14314 CVE-2020-14331 CVE-2020-14356 CVE-2020-14386 CVE-2020-14390 CVE-2020-15393 CVE-2020-16166 CVE-2020-24490 CVE-2020-25211 CVE-2020-25212 CVE-2020-25220 CVE-2020-25284 CVE-2020-25285 CVE-2020-25641 CVE-2020-25643 CVE-2020-26088</define-tag> +<define-tag packages>linux</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2420.wml b/english/lts/security/2020/dla-2420.wml new file mode 100644 index 00000000000..39f55947f24 --- /dev/null +++ b/english/lts/security/2020/dla-2420.wml @@ -0,0 +1,209 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities have been discovered in the Linux kernel that +may lead to the execution of arbitrary code, privilege escalation, +denial of service or information leaks.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-9445">CVE-2019-9445</a> + + <p>A potential out-of-bounds read was discovered in the F2FS + implementation. A user permitted to mount and access arbitrary + filesystems could potentially use this to cause a denial of + service (crash) or to read sensitive information.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-19073">CVE-2019-19073</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2019-19074">CVE-2019-19074</a> + + <p>Navid Emamdoost discovered potential memory leaks in the ath9k and + ath9k_htc drivers. The security impact of these is unclear.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-19448">CVE-2019-19448</a> + + <p><q>Team bobfuzzer</q> reported a bug in Btrfs that could lead to a + use-after-free, and could be triggered by crafted filesystem + images. A user permitted to mount and access arbitrary + filesystems could use this to cause a denial of service (crash or + memory corruption) or possibly for privilege escalation.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12351">CVE-2020-12351</a> + + <p>Andy Nguyen discovered a flaw in the Bluetooth implementation in + the way L2CAP packets with A2MP CID are handled. A remote attacker + within a short distance, knowing the victim's Bluetooth device + address, can send a malicious l2cap packet and cause a denial of + service or possibly arbitrary code execution with kernel + privileges.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12352">CVE-2020-12352</a> + + <p>Andy Nguyen discovered a flaw in the Bluetooth implementation. + Stack memory is not properly initialised when handling certain AMP + packets. A remote attacker within a short distance, knowing the + victim's Bluetooth device address address, can retrieve kernel + stack information.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12655">CVE-2020-12655</a> + + <p>Zheng Bin reported that crafted XFS volumes could trigger a system + hang. An attacker able to mount such a volume could use this to + cause a denial of service.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12771">CVE-2020-12771</a> + + <p>Zhiqiang Liu reported a bug in the bcache block driver that could + lead to a system hang. The security impact of this is unclear.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12888">CVE-2020-12888</a> + + <p>It was discovered that the PCIe Virtual Function I/O (vfio-pci) + driver allowed users to disable a device's memory space while it + was still mapped into a process. On some hardware platforms, + local users or guest virtual machines permitted to access PCIe + Virtual Functions could use this to cause a denial of service + (hardware error and crash).</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14305">CVE-2020-14305</a> + + <p>Vasily Averin of Virtuozzo discovered a potential heap buffer + overflow in the netfilter nf_contrack_h323 module. When this + module is used to perform connection tracking for TCP/IPv6, a + remote attacker could use this to cause a denial of service (crash + or memory corruption) or possibly for remote code execution with + kernel privilege.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14314">CVE-2020-14314</a> + + <p>A bug was discovered in the ext4 filesystem that could lead to an + out-of-bound read. A local user permitted to mount and access + arbitrary filesystem images could use this to cause a denial of + service (crash).</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14331">CVE-2020-14331</a> + + <p>A bug was discovered in the VGA console driver's soft-scrollback + feature that could lead to a heap buffer overflow. On a system + with a custom kernel that has CONFIG_VGACON_SOFT_SCROLLBACK + enabled, a local user with access to a console could use this to + cause a denial of service (crash or memory corruption) or possibly + for privilege escalation.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14356">CVE-2020-14356</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2020-25220">CVE-2020-25220</a> + + <p>A bug was discovered in the cgroup subsystem's handling of socket + references to cgroups. In some cgroup configurations, this could + lead to a use-after-free. A local user might be able to use this + to cause a denial of service (crash or memory corruption) or + possibly for privilege escalation.</p> + + <p>The original fix for this bug introudced a new security issue, + which is also addressed in this update.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14386">CVE-2020-14386</a> + + <p>Or Cohen discovered a bug in the packet socket (AF_PACKET) + implementation which could lead to a heap buffer overflow. A + local user with the CAP_NET_RAW capability (in any user namespace) + could use this to cause a denial of service (crash or memory + corruption) or possibly for privilege escalation.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14390">CVE-2020-14390</a> + + <p>Minh Yuan discovered a bug in the framebuffer console driver's + scrollback feature that could lead to a heap buffer overflow. On + a system using framebuffer consoles, a local user with access to a + console could use this to cause a denial of service (crash or + memory corruption) or possibly for privilege escalation.</p> + + <p>The scrollback feature has been disabled for now, as no other fix + was available for this issue.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-15393">CVE-2020-15393</a> + + <p>Kyungtae Kim reported a memory leak in the usbtest driver. The + security impact of this is unclear.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-16166">CVE-2020-16166</a> + + <p>Amit Klein reported that the random number generator used by the + network stack might not be re-seeded for long periods of time, + making e.g. client port number allocations more predictable. This + made it easier for remote attackers to carry out some network based attacks such as DNS cache poisoning or device tracking.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-24490">CVE-2020-24490</a> + + <p>Andy Nguyen discovered a flaw in the Bluetooth implementation that + can lead to a heap buffer overflow. On systems with a Bluetooth 5 + hardware interface, a remote attacker within a short distance can + use this to cause a denial of service (crash or memory corruption) + or possibly for remote code execution with kernel privilege.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25211">CVE-2020-25211</a> + + <p>A flaw was discovered in netfilter subsystem. A local attacker + able to inject conntrack Netlink configuration can cause a denial + of service.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25212">CVE-2020-25212</a> + + <p>A bug was discovered in the NFSv4 client implementation that could + lead to a heap buffer overflow. A malicious NFS server could use + this to cause a denial of service (crash or memory corruption) or + possibly to execute arbitrary code on the client.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25284">CVE-2020-25284</a> + + <p>It was discovered that the Rados block device (rbd) driver allowed + tasks running as uid 0 to add and remove rbd devices, even if they + dropped capabilities. On a system with the rbd driver loaded, + this might allow privilege escalation from a container with a task + running as root.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25285">CVE-2020-25285</a> + + <p>A race condition was discovered in the hugetlb filesystem's sysctl + handlers, that could lead to stack corruption. A local user + permitted to write to hugepages sysctls could use this to cause a + denial of service (crash or memory corruption) or possibly for + privilege escalation. By default only the root user can do this.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25641">CVE-2020-25641</a> + + <p>The syzbot tool found a bug in the block layer that could lead to + an infinite loop. A local user with access to a raw block device + could use this to cause a denial of service (unbounded CPU use and + possible system hang).</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25643">CVE-2020-25643</a> + + <p>ChenNan Of Chaitin Security Research Lab discovered a flaw in the + hdlc_ppp module. Improper input validation in the ppp_cp_parse_cr() + function may lead to memory corruption and information disclosure.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-26088">CVE-2020-26088</a> + + <p>It was discovered that the NFC (Near Field Communication) socket + implementation allowed any user to create raw sockets. On a + system with an NFC interface, this allowed local users to evade + local network security policy.</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +4.9.240-1. This update additionally includes many more bug fixes from +stable updates 4.9.229-4.9.240 inclusive.</p> + +<p>We recommend that you upgrade your linux packages.</p> + +<p>For the detailed security status of linux please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/linux">https://security-tracker.debian.org/tracker/linux</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2420.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2421.data b/english/lts/security/2020/dla-2421.data new file mode 100644 index 00000000000..eea70794344 --- /dev/null +++ b/english/lts/security/2020/dla-2421.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2421-1 cimg</define-tag> +<define-tag report_date>2020-10-30</define-tag> +<define-tag secrefs>CVE-2018-7588 CVE-2018-7589 CVE-2018-7637 CVE-2018-7638 CVE-2018-7639 CVE-2018-7640 CVE-2018-7641 CVE-2019-1010174</define-tag> +<define-tag packages>cimg</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2421.wml b/english/lts/security/2020/dla-2421.wml new file mode 100644 index 00000000000..230498f390f --- /dev/null +++ b/english/lts/security/2020/dla-2421.wml @@ -0,0 +1,37 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Several issues have been found in cimg, a powerful image processing +library.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-1010174">CVE-2019-1010174</a> + +<p>is related to a missing string sanitization on URLs, +which might result in a command injection when loading a special crafted +image.</p> + +<p>The other CVEs are about heap-based buffer over-reads or double frees when +loading a crafted image.</p> + + +<p>For Debian 9 stretch, these problems have been fixed in version +1.7.9+dfsg-1+deb9u1.</p> + +<p>We recommend that you upgrade your cimg packages.</p> + +<p>For the detailed security status of cimg please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/cimg">https://security-tracker.debian.org/tracker/cimg</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p></li> + +</ul> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2421.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2422.data b/english/lts/security/2020/dla-2422.data new file mode 100644 index 00000000000..0df7844a88d --- /dev/null +++ b/english/lts/security/2020/dla-2422.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2422-1 qtsvg-opensource-src</define-tag> +<define-tag report_date>2020-10-31</define-tag> +<define-tag secrefs>CVE-2018-19869</define-tag> +<define-tag packages>qtsvg-opensource-src</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2422.wml b/english/lts/security/2020/dla-2422.wml new file mode 100644 index 00000000000..2824470bbbc --- /dev/null +++ b/english/lts/security/2020/dla-2422.wml @@ -0,0 +1,23 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Malformed SVG images were able to cause a segmentation fault +in qtsvg-opensource-src, the QtSvg module for displaying the +contents of SVG files in Qt.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +5.7.1~20161021-2.1.</p> + +<p>We recommend that you upgrade your qtsvg-opensource-src packages.</p> + +<p>For the detailed security status of qtsvg-opensource-src please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/qtsvg-opensource-src">https://security-tracker.debian.org/tracker/qtsvg-opensource-src</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2422.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2423.data b/english/lts/security/2020/dla-2423.data new file mode 100644 index 00000000000..d2380a3b147 --- /dev/null +++ b/english/lts/security/2020/dla-2423.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2423-1 wireshark</define-tag> +<define-tag report_date>2020-10-31</define-tag> +<define-tag secrefs>CVE-2019-10894 CVE-2019-10895 CVE-2019-10896 CVE-2019-10899 CVE-2019-10901 CVE-2019-10903 CVE-2019-12295 Bug#926718 Bug#929446</define-tag> +<define-tag packages>wireshark</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2423.wml b/english/lts/security/2020/dla-2423.wml new file mode 100644 index 00000000000..37fbcfa888e --- /dev/null +++ b/english/lts/security/2020/dla-2423.wml @@ -0,0 +1,54 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities were fixed in the Wireshark network +protocol analyzer.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-10894">CVE-2019-10894</a> + + <p>GSS-API dissector crash</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-10895">CVE-2019-10895</a> + + <p>NetScaler file parser crash</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-10896">CVE-2019-10896</a> + + <p>DOF dissector crash</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-10899">CVE-2019-10899</a> + + <p>SRVLOC dissector crash</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-10901">CVE-2019-10901</a> + + <p>LDSS dissector crash</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-10903">CVE-2019-10903</a> + + <p>DCERPC SPOOLSS dissector crash</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-12295">CVE-2019-12295</a> + + <p>Dissection engine could crash</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +2.6.8-1.1~deb9u1.</p> + +<p>We recommend that you upgrade your wireshark packages.</p> + +<p>For the detailed security status of wireshark please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/wireshark">https://security-tracker.debian.org/tracker/wireshark</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2423.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2424.data b/english/lts/security/2020/dla-2424.data new file mode 100644 index 00000000000..553180684b7 --- /dev/null +++ b/english/lts/security/2020/dla-2424.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2424-1 tzdata</define-tag> +<define-tag report_date>2020-10-31</define-tag> +<define-tag packages>tzdata</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2424.wml b/english/lts/security/2020/dla-2424.wml new file mode 100644 index 00000000000..37c6b6cc015 --- /dev/null +++ b/english/lts/security/2020/dla-2424.wml @@ -0,0 +1,18 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>tzdata, the time zone and daylight-saving time data, +has been updated to the latest version.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +2020d-0+deb9u1.</p> + +<p>We recommend that you upgrade your tzdata packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2424.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2425.data b/english/lts/security/2020/dla-2425.data new file mode 100644 index 00000000000..ef92b2e427a --- /dev/null +++ b/english/lts/security/2020/dla-2425.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2425-1 openldap</define-tag> +<define-tag report_date>2020-11-01</define-tag> +<define-tag secrefs>none assigned yet</define-tag> +<define-tag packages>openldap</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2425.wml b/english/lts/security/2020/dla-2425.wml new file mode 100644 index 00000000000..e99842dbd49 --- /dev/null +++ b/english/lts/security/2020/dla-2425.wml @@ -0,0 +1,25 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>A vulnerability in the handling of normalization with modrdn was +discovered in OpenLDAP, a free implementation of the Lightweight +Directory Access Protocol. An unauthenticated remote attacker can +use this flaw to cause a denial of service (slapd daemon crash) +via a specially crafted packet.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +2.4.44+dfsg-5+deb9u5.</p> + +<p>We recommend that you upgrade your openldap packages.</p> + +<p>For the detailed security status of openldap please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/openldap">https://security-tracker.debian.org/tracker/openldap</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2425.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2426.data b/english/lts/security/2020/dla-2426.data new file mode 100644 index 00000000000..a13bfe7234c --- /dev/null +++ b/english/lts/security/2020/dla-2426.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2426-1 junit4</define-tag> +<define-tag report_date>2020-11-01</define-tag> +<define-tag secrefs>CVE-2020-15250 Bug#972231</define-tag> +<define-tag packages>junit4</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2426.wml b/english/lts/security/2020/dla-2426.wml new file mode 100644 index 00000000000..c9c91718e14 --- /dev/null +++ b/english/lts/security/2020/dla-2426.wml @@ -0,0 +1,21 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>In junit4 the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +4.12-4+deb9u1.</p> + +<p>We recommend that you upgrade your junit4 packages.</p> + +<p>For the detailed security status of junit4 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/junit4">https://security-tracker.debian.org/tracker/junit4</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2426.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2427.data b/english/lts/security/2020/dla-2427.data new file mode 100644 index 00000000000..90e3a7dfc95 --- /dev/null +++ b/english/lts/security/2020/dla-2427.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2427-1 spice</define-tag> +<define-tag report_date>2020-11-01</define-tag> +<define-tag secrefs>CVE-2020-14355 Bug#971750</define-tag> +<define-tag packages>spice</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2427.wml b/english/lts/security/2020/dla-2427.wml new file mode 100644 index 00000000000..12e07c6076e --- /dev/null +++ b/english/lts/security/2020/dla-2427.wml @@ -0,0 +1,29 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple buffer overflow vulnerabilities were found in the QUIC +image decoding process of the SPICE remote display system, +before spice-0.14.2-1.</p> + +<p>Both the SPICE client (spice-gtk) and server are affected by +these flaws. These flaws allow a malicious client or server to +send specially crafted messages that, when processed by the +QUIC image compression algorithm, result in a process crash +or potential code execution.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +0.12.8-2.1+deb9u4.</p> + +<p>We recommend that you upgrade your spice packages.</p> + +<p>For the detailed security status of spice please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/spice">https://security-tracker.debian.org/tracker/spice</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2427.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2428.data b/english/lts/security/2020/dla-2428.data new file mode 100644 index 00000000000..9d23c929d5c --- /dev/null +++ b/english/lts/security/2020/dla-2428.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2428-1 spice-gtk</define-tag> +<define-tag report_date>2020-11-01</define-tag> +<define-tag secrefs>CVE-2020-14355 Bug#971751</define-tag> +<define-tag packages>spice-gtk</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2428.wml b/english/lts/security/2020/dla-2428.wml new file mode 100644 index 00000000000..b8186b476da --- /dev/null +++ b/english/lts/security/2020/dla-2428.wml @@ -0,0 +1,28 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple buffer overflow vulnerabilities were found in the QUIC +image decoding process of the SPICE remote display system.</p> + +<p>Both the SPICE client (spice-gtk) and server are affected by +these flaws. These flaws allow a malicious client or server to +send specially crafted messages that, when processed by the +QUIC image compression algorithm, result in a process crash or +potential code execution.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +0.33-3.3+deb9u2.</p> + +<p>We recommend that you upgrade your spice-gtk packages.</p> + +<p>For the detailed security status of spice-gtk please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/spice-gtk">https://security-tracker.debian.org/tracker/spice-gtk</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2428.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2429.data b/english/lts/security/2020/dla-2429.data new file mode 100644 index 00000000000..4f92daa47ea --- /dev/null +++ b/english/lts/security/2020/dla-2429.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2429-1 wordpress</define-tag> +<define-tag report_date>2020-11-03</define-tag> +<define-tag secrefs>CVE-2020-28032 CVE-2020-28033 CVE-2020-28034 CVE-2020-28035 CVE-2020-28036 CVE-2020-28037 CVE-2020-28038 CVE-2020-28039 CVE-2020-28040 Bug#973562</define-tag> +<define-tag packages>wordpress</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2429.wml b/english/lts/security/2020/dla-2429.wml new file mode 100644 index 00000000000..0789eea72d1 --- /dev/null +++ b/english/lts/security/2020/dla-2429.wml @@ -0,0 +1,76 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>There were several vulnerabilites reported against wordpress, +as follows:</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28032">CVE-2020-28032</a> + + <p>WordPress before 4.7.19 mishandles deserialization requests in + wp-includes/Requests/Utility/FilteredIterator.php.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28033">CVE-2020-28033</a> + + <p>WordPress before 4.7.19 mishandles embeds from disabled sites + on a multisite network, as demonstrated by allowing a spam + embed.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28034">CVE-2020-28034</a> + + <p>WordPress before 4.7.19 allows XSS associated with global + variables.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28035">CVE-2020-28035</a> + + <p>WordPress before 4.7.19 allows attackers to gain privileges via + XML-RPC.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28036">CVE-2020-28036</a> + + <p>wp-includes/class-wp-xmlrpc-server.php in WordPress before + 4.7.19 allows attackers to gain privileges by using XML-RPC to + comment on a post.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28037">CVE-2020-28037</a> + + <p>is_blog_installed in wp-includes/functions.php in WordPress + before 4.7.19 improperly determines whether WordPress is + already installed, which might allow an attacker to perform + a new installation, leading to remote code execution (as well + as a denial of service for the old installation).</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28038">CVE-2020-28038</a> + + <p>WordPress before 4.7.19 allows stored XSS via post slugs.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28039">CVE-2020-28039</a> + + <p>is_protected_meta in wp-includes/meta.php in WordPress before + 4.7.19 allows arbitrary file deletion because it does not + properly determine whether a meta key is considered protected.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28040">CVE-2020-28040</a> + + <p>WordPress before 4.7.19 allows CSRF attacks that change a + theme's background image.</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +4.7.19+dfsg-1+deb9u1.</p> + +<p>We recommend that you upgrade your wordpress packages.</p> + +<p>For the detailed security status of wordpress please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/wordpress">https://security-tracker.debian.org/tracker/wordpress</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2429.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2430.data b/english/lts/security/2020/dla-2430.data new file mode 100644 index 00000000000..9305af57765 --- /dev/null +++ b/english/lts/security/2020/dla-2430.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2430-1 blueman</define-tag> +<define-tag report_date>2020-11-03</define-tag> +<define-tag secrefs>CVE-2020-15238</define-tag> +<define-tag packages>blueman</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2430.wml b/english/lts/security/2020/dla-2430.wml new file mode 100644 index 00000000000..5311492024e --- /dev/null +++ b/english/lts/security/2020/dla-2430.wml @@ -0,0 +1,23 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Vaisha Bernard discovered that Blueman, a graphical bluetooth manager +performed insufficient validation on a D-Bus interface, which could +result in denial of service or privilege escalation.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +2.0.4-1+deb9u1.</p> + +<p>We recommend that you upgrade your blueman packages.</p> + +<p>For the detailed security status of blueman please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/blueman">https://security-tracker.debian.org/tracker/blueman</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2430.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2431.data b/english/lts/security/2020/dla-2431.data new file mode 100644 index 00000000000..3864ebece4e --- /dev/null +++ b/english/lts/security/2020/dla-2431.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2431-1 libonig</define-tag> +<define-tag report_date>2020-11-5</define-tag> +<define-tag secrefs>CVE-2019-13224 CVE-2019-16163 CVE-2019-19012 CVE-2019-19203 CVE-2019-19204 CVE-2019-19246 CVE-2020-26159 Bug#931878 Bug#939988 Bug#944959 Bug#945312 Bug#945313 Bug#946344 Bug#972113</define-tag> +<define-tag packages>libonig</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2431.wml b/english/lts/security/2020/dla-2431.wml new file mode 100644 index 00000000000..3eed05ad668 --- /dev/null +++ b/english/lts/security/2020/dla-2431.wml @@ -0,0 +1,74 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities were discovered in the Oniguruma regular +expressions library, notably used in PHP mbstring.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-13224">CVE-2019-13224</a> + + <p>A use-after-free in onig_new_deluxe() in regext.c allows + attackers to potentially cause information disclosure, denial of + service, or possibly code execution by providing a crafted regular + expression. The attacker provides a pair of a regex pattern and a + string, with a multi-byte encoding that gets handled by + onig_new_deluxe().</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-16163">CVE-2019-16163</a> + + <p>Oniguruma allows Stack Exhaustion in regcomp.c because of recursion + in regparse.c.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-19012">CVE-2019-19012</a> + + <p>An integer overflow in the search_in_range function in regexec.c in + Onigurama leads to an out-of-bounds read, in which the offset of + this read is under the control of an attacker. (This only affects + the 32-bit compiled version). Remote attackers can cause a + denial-of-service or information disclosure, or possibly have + unspecified other impact, via a crafted regular expression.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-19203">CVE-2019-19203</a> + + <p>An issue was discovered in Oniguruma. In the function + gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is + dereferenced without checking if it passed the end of the matched + string. This leads to a heap-based buffer over-read.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-19204">CVE-2019-19204</a> + + <p>An issue was discovered in Oniguruma. In the function + fetch_interval_quantifier (formerly known as fetch_range_quantifier) + in regparse.c, PFETCH is called without checking PEND. This leads to + a heap-based buffer over-read.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-19246">CVE-2019-19246</a> + + <p>Oniguruma has a heap-based buffer over-read in str_lower_case_match + in regexec.c.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-26159">CVE-2020-26159</a> + + <p>In Oniguruma an attacker able to supply a regular expression for + compilation may be able to overflow a buffer by one byte in + concat_opt_exact_str in src/regcomp.c</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +6.1.3-2+deb9u1.</p> + +<p>We recommend that you upgrade your libonig packages.</p> + +<p>For the detailed security status of libonig please refer to +its security tracker page at: +<a rel="nofollow" href="https://security-tracker.debian.org/tracker/libonig">https://security-tracker.debian.org/tracker/libonig</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a rel="nofollow" href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2431.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2432.data b/english/lts/security/2020/dla-2432.data new file mode 100644 index 00000000000..c870cdf795e --- /dev/null +++ b/english/lts/security/2020/dla-2432.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2432-1 jupyter-notebook</define-tag> +<define-tag report_date>2020-11-19</define-tag> +<define-tag secrefs>CVE-2018-8768 CVE-2018-19351 CVE-2018-21030 Bug#893436 Bug#917409</define-tag> +<define-tag packages>jupyter-notebook</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2432.wml b/english/lts/security/2020/dla-2432.wml new file mode 100644 index 00000000000..3d44df5b41a --- /dev/null +++ b/english/lts/security/2020/dla-2432.wml @@ -0,0 +1,42 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities have been discovered in jupyter-notebook.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-8768">CVE-2018-8768</a> + + <p>A maliciously forged notebook file can bypass sanitization to execute + Javascript in the notebook context. Specifically, invalid HTML is + <q>fixed</q> by jQuery after sanitization, making it dangerous.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-19351">CVE-2018-19351</a> + + <p>allows XSS via an untrusted notebook because nbconvert responses are + considered to have the same origin as the notebook server.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-21030">CVE-2018-21030</a> + + <p>jupyter-notebook does not use a CSP header to treat served files as + belonging to a separate origin. Thus, for example, an XSS payload can + be placed in an SVG document.</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +4.2.3-4+deb9u1.</p> + +<p>We recommend that you upgrade your jupyter-notebook packages.</p> + +<p>For the detailed security status of jupyter-notebook please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/jupyter-notebook">https://security-tracker.debian.org/tracker/jupyter-notebook</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2432.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2433.data b/english/lts/security/2020/dla-2433.data new file mode 100644 index 00000000000..e62caad2e0b --- /dev/null +++ b/english/lts/security/2020/dla-2433.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2433-1 bouncycastle</define-tag> +<define-tag report_date>2020-11-05</define-tag> +<define-tag secrefs>CVE-2020-26939</define-tag> +<define-tag packages>bouncycastle</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security diff --git a/english/lts/security/2020/dla-2433.wml b/english/lts/security/2020/dla-2433.wml new file mode 100644 index 00000000000..1648fb72009 --- /dev/null +++ b/english/lts/security/2020/dla-2433.wml @@ -0,0 +1,39 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>It was discovered that there was an issue in the +bouncycastle crypto library where attackers could +obtain sensitive information due to observable +differences in its response to invalid input.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-26939">CVE-2020-26939</a> + + <p>In Legion of the Bouncy Castle BC before 1.55 and + BC-FJA before 1.0.1.2, attackers can obtain sensitive + information about a private exponent because of + Observable Differences in Behavior to Error Inputs. This + occurs in + org.bouncycastle.crypto.encodings.OAEPEncoding. Sending + invalid ciphertext that decrypts to a short payload in + the OAEP Decoder could result in the throwing of an + early exception, potentially leaking some information + about the private exponent of the RSA private key + performing the encryption.</p></li> + +</ul> + +<p>For Debian 9 <q>Stretch</q>, these problems have been fixed in version +1.56-1+deb9u3.</p> + +<p>We recommend that you upgrade your bouncycastle packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2433.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2434.data b/english/lts/security/2020/dla-2434.data new file mode 100644 index 00000000000..8581b520ebd --- /dev/null +++ b/english/lts/security/2020/dla-2434.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2434-1 gdm3</define-tag> +<define-tag report_date>2020-11-05</define-tag> +<define-tag secrefs>CVE-2020-16125</define-tag> +<define-tag packages>gdm3</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security diff --git a/english/lts/security/2020/dla-2434.wml b/english/lts/security/2020/dla-2434.wml new file mode 100644 index 00000000000..5b8228fdcce --- /dev/null +++ b/english/lts/security/2020/dla-2434.wml @@ -0,0 +1,28 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>It was discovered that there was an issue in the GNOME Display Manager where +not detecting any users may make GDM launch initial system setup and thereby +permitting the creation of new users with sudo capabilities.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-16125">CVE-2020-16125</a> + + <p>display: Exit with failure if loading existing users fails</p></li> + +</ul> + +<p>For Debian 9 <q>Stretch</q>, these problems have been fixed in version +3.22.3-3+deb9u3.</p> + +<p>We recommend that you upgrade your gdm3 packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2434.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2435.data b/english/lts/security/2020/dla-2435.data new file mode 100644 index 00000000000..60b0b636c45 --- /dev/null +++ b/english/lts/security/2020/dla-2435.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2435-1 guacamole-server</define-tag> +<define-tag report_date>2020-11-6</define-tag> +<define-tag secrefs>CVE-2020-9497 CVE-2020-9498 Bug#964195</define-tag> +<define-tag packages>guacamole-server</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2435.wml b/english/lts/security/2020/dla-2435.wml new file mode 100644 index 00000000000..ca5e543c35d --- /dev/null +++ b/english/lts/security/2020/dla-2435.wml @@ -0,0 +1,45 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>The server component of Apache Guacamole, a remote desktop gateway, +did not properly validate data received from RDP servers. This could +result +in information disclosure or even the execution of arbitrary code.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-9497">CVE-2020-9497</a> + + <p>Apache Guacamole does not properly validate data received from RDP + servers via static virtual channels. If a user connects to a + malicious or compromised RDP server, specially-crafted PDUs could + result in disclosure of information within the memory of the guacd + process handling the connection.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-9498">CVE-2020-9498</a> + + <p>Apache Guacamole may mishandle pointers involved in processing data + received via RDP static virtual channels. If a user connects to a + malicious or compromised RDP server, a series of specially-crafted + PDUs could result in memory corruption, possibly allowing arbitrary + code to be executed with the privileges of the running guacd + process.</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +0.9.9-2+deb9u1.</p> + +<p>We recommend that you upgrade your guacamole-server packages.</p> + +<p>For the detailed security status of guacamole-server please refer to +its security tracker page at: +<a rel="nofollow" href="https://security-tracker.debian.org/tracker/guacamole-server">https://security-tracker.debian.org/tracker/guacamole-server</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a rel="nofollow" href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2435.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2436.data b/english/lts/security/2020/dla-2436.data new file mode 100644 index 00000000000..297236c2d85 --- /dev/null +++ b/english/lts/security/2020/dla-2436.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2436-1 sddm</define-tag> +<define-tag report_date>2020-11-06</define-tag> +<define-tag secrefs>CVE-2020-28049</define-tag> +<define-tag packages>sddm</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security diff --git a/english/lts/security/2020/dla-2436.wml b/english/lts/security/2020/dla-2436.wml new file mode 100644 index 00000000000..2dbdbdf3b7f --- /dev/null +++ b/english/lts/security/2020/dla-2436.wml @@ -0,0 +1,34 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>It was discovered that there was an issue in the sddm display manager +where local unprivileged users could create a connection to the X +server.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28049">CVE-2020-28049</a> + + <p>An issue was discovered in SDDM before 0.19.0. It incorrectly starts the + X server in a way that - for a short time period - allows local + unprivileged users to create a connection to the X server without providing + proper authentication. A local attacker can thus access X server display + contents and, for example, intercept keystrokes or access the clipboard. + This is caused by a race condition during Xauthority file + creation.</p></li> + +</ul> + +<p>For Debian 9 <q>Stretch</q>, these problems have been fixed in version +0.14.0-4+deb9u2.</p> + +<p>We recommend that you upgrade your sddm packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2436.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2437.data b/english/lts/security/2020/dla-2437.data new file mode 100644 index 00000000000..af3da5ecd2d --- /dev/null +++ b/english/lts/security/2020/dla-2437.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2437-1 krb5</define-tag> +<define-tag report_date>2020-11-07</define-tag> +<define-tag secrefs>CVE-2020-28196</define-tag> +<define-tag packages>krb5</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security diff --git a/english/lts/security/2020/dla-2437.wml b/english/lts/security/2020/dla-2437.wml new file mode 100644 index 00000000000..eb7f1276955 --- /dev/null +++ b/english/lts/security/2020/dla-2437.wml @@ -0,0 +1,25 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>It was discovered that there was a denial of service vulnerability in the +MIT Kerberos network authentication system, <tt>krb5</tt>. The lack of a limit +in the ASN.1 decoder could lead to infinite recursion and allow an attacker to +overrun the stack and cause the process to crash.</p> + +<ul> +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28196">CVE-2020-28196</a></li> +</ul> + +<p>For Debian 9 <q>Stretch</q>, these problems have been fixed in version +1.15-1+deb9u2.</p> + +<p>We recommend that you upgrade your krb5 packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2437.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2438.data b/english/lts/security/2020/dla-2438.data new file mode 100644 index 00000000000..759b6553d00 --- /dev/null +++ b/english/lts/security/2020/dla-2438.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2438-1 raptor2</define-tag> +<define-tag report_date>2020-11-07</define-tag> +<define-tag secrefs>CVE-2017-18926</define-tag> +<define-tag packages>raptor2</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security diff --git a/english/lts/security/2020/dla-2438.wml b/english/lts/security/2020/dla-2438.wml new file mode 100644 index 00000000000..777fc944a50 --- /dev/null +++ b/english/lts/security/2020/dla-2438.wml @@ -0,0 +1,31 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>It was discovered that there were two heap overflow vulnerabilities in +raptor2, a set of parsers for RDF files that is used, amongst others, in +LibreOffice.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-18926">CVE-2017-18926</a> + + <p>raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor + RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for + the XML writer, leading to heap-based buffer overflows (sometimes seen in + raptor_qname_format_as_xml).</p></li> + +</ul> + +<p>For Debian 9 <q>Stretch</q>, these problems have been fixed in version +2.0.14-1+deb9u1.</p> + +<p>We recommend that you upgrade your raptor2 packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2438.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2439.data b/english/lts/security/2020/dla-2439.data new file mode 100644 index 00000000000..53fb7b80b90 --- /dev/null +++ b/english/lts/security/2020/dla-2439.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2439-1 libexif</define-tag> +<define-tag report_date>2020-11-07</define-tag> +<define-tag secrefs>CVE-2020-0452</define-tag> +<define-tag packages>libexif</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2439.wml b/english/lts/security/2020/dla-2439.wml new file mode 100644 index 00000000000..01113f61442 --- /dev/null +++ b/english/lts/security/2020/dla-2439.wml @@ -0,0 +1,23 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>In libexif/exif-entry.c, through libexif 0.6.21-2+deb9u4, +compiler optimization could remove a buffer overflow check, +making a buffer overflow possible with some EXIF tags.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +0.6.21-2+deb9u5.</p> + +<p>We recommend that you upgrade your libexif packages.</p> + +<p>For the detailed security status of libexif please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/libexif">https://security-tracker.debian.org/tracker/libexif</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2439.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2440.data b/english/lts/security/2020/dla-2440.data new file mode 100644 index 00000000000..32eac918087 --- /dev/null +++ b/english/lts/security/2020/dla-2440.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2440-1 poppler</define-tag> +<define-tag report_date>2020-11-09</define-tag> +<define-tag secrefs>CVE-2017-14926 CVE-2017-14928 CVE-2018-19058 CVE-2018-20650 CVE-2018-20662 CVE-2019-7310 CVE-2019-9959 CVE-2019-10018 CVE-2019-14494 Bug#877239 Bug#877231 Bug#913177 Bug#917974 Bug#918158 Bug#926133</define-tag> +<define-tag packages>poppler</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2440.wml b/english/lts/security/2020/dla-2440.wml new file mode 100644 index 00000000000..84ab4723f2e --- /dev/null +++ b/english/lts/security/2020/dla-2440.wml @@ -0,0 +1,63 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several issues were found and corrected in Poppler, a PDF rendering library, +that could lead to denial of service or possibly other unspecified impact when +processing maliciously crafted documents.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +0.48.0-2+deb9u4.</p> + +<p>We recommend that you upgrade your poppler packages.</p> + +<p>For the detailed security status of poppler please refer to +its security tracker page at: +<a rel="nofollow" href="https://security-tracker.debian.org/tracker/poppler">https://security-tracker.debian.org/tracker/poppler</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a rel="nofollow" href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a> +</pre><p><strong>Attachment: +<a href="https://lists.debian.org/debian-lts-announce/2020/11/pgpe6hwISHe04.pgp"><tt>signature.asc</tt></a></strong><br> +<em>Description:</em> This is a digitally signed message part</p></p> + +<p><!--X-Body-of-Message-End--> +<!--X-MsgBody-End--> +<!--X-Follow-Ups--> +<hr> +<strong>Reply to:</strong> +<ul> + <li><a href="mailto:debian-lts-announce@lists.debian.org?in-reply-to=<c86a1b5116d13a74050f59d6dce85ffcbb047776.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2440-1] poppler security update">debian-lts-announce@lists.debian.org</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<c86a1b5116d13a74050f59d6dce85ffcbb047776.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2440-1] poppler security update&ccbian-lts-announce@lists.debian.org">Markus Koschany (on-list)</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<c86a1b5116d13a74050f59d6dce85ffcbb047776.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2440-1] poppler security update">Markus Koschany (off-list)</a></li> +</ul> +<hr> +<!--X-Follow-Ups-End--> +<!--X-References--> +<!--X-References-End--> +<!--X-BotPNI--> +<ul> +<li>Prev by Date: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00013.html">[SECURITY] [DLA 2439-1] libexif security update</a></strong> +</li> +<li>Previous by thread: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00013.html">[SECURITY] [DLA 2439-1] libexif security update</a></strong> +</li> +<li>Index(es): +<ul> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/11/maillist.html#00014"><strong>Date</strong></a></li> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/11/threads.html#00014"><strong>Thread</strong></a></li> +</ul> +</li> +</ul></p> + +<p><!--X-BotPNI-End--> +<!--X-User-Footer--> +<!--X-User-Footer-End--></p> + + +<p></body></html></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2440.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2441.data b/english/lts/security/2020/dla-2441.data new file mode 100644 index 00000000000..0f06b7d38bb --- /dev/null +++ b/english/lts/security/2020/dla-2441.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2441-1 sympa</define-tag> +<define-tag report_date>2020-11-09</define-tag> +<define-tag secrefs>CVE-2018-1000671 CVE-2020-26880 Bug#908165 Bug#972189</define-tag> +<define-tag packages>sympa</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2441.wml b/english/lts/security/2020/dla-2441.wml new file mode 100644 index 00000000000..d53a0618bd3 --- /dev/null +++ b/english/lts/security/2020/dla-2441.wml @@ -0,0 +1,44 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>A privilege escalation was discovered in Sympa, a modern mailing list +manager. It is fixed when Sympa is used in conjunction with common +MTAs (such as Exim or Postfix) by disabling a setuid executable, +although no fix is currently available for all environments (such as +sendmail). Additionally, an open-redirect vulnerability was +discovered and fixed.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-26880">CVE-2020-26880</a> + + <p>Sympa allows a local privilege escalation from the sympa user + account to full root access by modifying the sympa.conf + configuration file (which is owned by sympa) and parsing it + through the setuid sympa_newaliases-wrapper executable.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-1000671">CVE-2018-1000671</a> + + <p>Sympa contains a CWE-601: URL Redirection to Untrusted Site ('Open + Redirect') vulnerability in The <q>referer</q> parameter of the + wwsympa.fcgi login action. that can result in Open redirection and + reflected XSS via data URIs.</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +6.2.16~dfsg-3+deb9u4.</p> + +<p>We recommend that you upgrade your sympa packages.</p> + +<p>For the detailed security status of sympa please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/sympa">https://security-tracker.debian.org/tracker/sympa</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2441.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2442.data b/english/lts/security/2020/dla-2442.data new file mode 100644 index 00000000000..f73d69b0ba8 --- /dev/null +++ b/english/lts/security/2020/dla-2442.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2442-1 obfs4proxy</define-tag> +<define-tag report_date>2020-11-10</define-tag> +<define-tag secrefs>CVE-2019-11840</define-tag> +<define-tag packages>obfs4proxy</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2442.wml b/english/lts/security/2020/dla-2442.wml new file mode 100644 index 00000000000..a90b0e94c55 --- /dev/null +++ b/english/lts/security/2020/dla-2442.wml @@ -0,0 +1,37 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>golang-go.crypto was recently updated with a fix for <a href="https://security-tracker.debian.org/tracker/CVE-2019-11840">CVE-2019-11840</a>. This in +turn requires all packages that use the affected code to be recompiled in order +to pick up the security fix.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-11840">CVE-2019-11840</a> + + <p>An issue was discovered in supplementary Go cryptography libraries, aka + golang-googlecode-go-crypto. If more than 256 GiB of keystream is + generated, or if the counter otherwise grows greater than 32 bits, the amd64 + implementation will first generate incorrect output, and then cycle back to + previously generated keystream. Repeated keystream bytes can lead to loss of + confidentiality in encryption applications, or to predictability in CSPRNG + applications.</p></li> + +</ul> + +<p>For Debian 9 stretch, this problem has been fixed in version3 +0.0.7-1+deb8u1.</p> + +<p>We recommend that you upgrade your obfs4proxy packages.</p> + +<p>For the detailed security status of obfs4proxy please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/obfs4proxy">https://security-tracker.debian.org/tracker/obfs4proxy</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2442.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2443.data b/english/lts/security/2020/dla-2443.data new file mode 100644 index 00000000000..15a32192f87 --- /dev/null +++ b/english/lts/security/2020/dla-2443.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2443-1 zeromq3</define-tag> +<define-tag report_date>2020-11-10</define-tag> +<define-tag secrefs>CVE-2020-15166</define-tag> +<define-tag packages>zeromq3</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2443.wml b/english/lts/security/2020/dla-2443.wml new file mode 100644 index 00000000000..9e480d84c6c --- /dev/null +++ b/english/lts/security/2020/dla-2443.wml @@ -0,0 +1,27 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>It was discovered that ZeroMQ, a lightweight messaging kernel +library does not properly handle connecting peers before a +handshake is completed. A remote, unauthenticated client connecting +to an application using the libzmq library, running with a socket +listening with CURVE encryption/authentication enabled can take +advantage of this flaw to cause a denial of service affecting +authenticated and encrypted clients.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +4.2.1-4+deb9u3.</p> + +<p>We recommend that you upgrade your zeromq3 packages.</p> + +<p>For the detailed security status of zeromq3 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/zeromq3">https://security-tracker.debian.org/tracker/zeromq3</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2443.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2444.data b/english/lts/security/2020/dla-2444.data new file mode 100644 index 00000000000..5d8cc74bfa7 --- /dev/null +++ b/english/lts/security/2020/dla-2444.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2444-1 tcpdump</define-tag> +<define-tag report_date>2020-11-10</define-tag> +<define-tag secrefs>CVE-2020-8037 Bug#973877</define-tag> +<define-tag packages>tcpdump</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2444.wml b/english/lts/security/2020/dla-2444.wml new file mode 100644 index 00000000000..91db281069f --- /dev/null +++ b/english/lts/security/2020/dla-2444.wml @@ -0,0 +1,26 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>The ppp de-capsulator in tcpdump 4.9.3 can be convinced to allocate +a large amount of memory.</p> + +<p>The buffer should be big enough to hold the captured data, but it +doesn’t need to be big enough to hold the entire on-the-network +packet, if we haven’t captured all of it.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +4.9.3-1~deb9u2.</p> + +<p>We recommend that you upgrade your tcpdump packages.</p> + +<p>For the detailed security status of tcpdump please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/tcpdump">https://security-tracker.debian.org/tracker/tcpdump</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2444.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2445.data b/english/lts/security/2020/dla-2445.data new file mode 100644 index 00000000000..a592f8bc3a5 --- /dev/null +++ b/english/lts/security/2020/dla-2445.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2445-1 libmaxminddb</define-tag> +<define-tag report_date>2020-11-10</define-tag> +<define-tag secrefs>CVE-2020-28241 Bug#973878</define-tag> +<define-tag packages>libmaxminddb</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2445.wml b/english/lts/security/2020/dla-2445.wml new file mode 100644 index 00000000000..55d87e95517 --- /dev/null +++ b/english/lts/security/2020/dla-2445.wml @@ -0,0 +1,69 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>A heap-based buffer over-read has been found in libmaxminddb, an IP geolocation +database library. This could be exploited when the mmdblookup tool is used to +open a specially crafted database file.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1.2.0-1+deb9u1.</p> + +<p>We recommend that you upgrade your libmaxminddb packages.</p> + +<p>For the detailed security status of libmaxminddb please refer to +its security tracker page at: +<a rel="nofollow" href="https://security-tracker.debian.org/tracker/libmaxminddb">https://security-tracker.debian.org/tracker/libmaxminddb</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a rel="nofollow" href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a> +</pre><p><strong>Attachment: +<a href="https://lists.debian.org/debian-lts-announce/2020/11/pgpLNA_DuRJCv.pgp"><tt>signature.asc</tt></a></strong><br> +<em>Description:</em> This is a digitally signed message part</p></p> + +<p><!--X-Body-of-Message-End--> +<!--X-MsgBody-End--> +<!--X-Follow-Ups--> +<hr> +<strong>Reply to:</strong> +<ul> + <li><a href="mailto:debian-lts-announce@lists.debian.org?in-reply-to=<4690b069e6aff4614fbaf443f4212d6353f38fee.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2445-1] libmaxminddb security update">debian-lts-announce@lists.debian.org</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<4690b069e6aff4614fbaf443f4212d6353f38fee.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2445-1] libmaxminddb security update&ccbian-lts-announce@lists.debian.org">Markus Koschany (on-list)</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<4690b069e6aff4614fbaf443f4212d6353f38fee.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2445-1] libmaxminddb security update">Markus Koschany (off-list)</a></li> +</ul> +<hr> +<!--X-Follow-Ups-End--> +<!--X-References--> +<!--X-References-End--> +<!--X-BotPNI--> +<ul> +<li>Prev by Date: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00018.html">[SECURITY] [DLA 2444-1] tcpdump security update</a></strong> +</li> +<li>Next by Date: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00020.html">[SECURITY] [DLA 2446-1] moin security update</a></strong> +</li> +<li>Previous by thread: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00018.html">[SECURITY] [DLA 2444-1] tcpdump security update</a></strong> +</li> +<li>Next by thread: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00020.html">[SECURITY] [DLA 2446-1] moin security update</a></strong> +</li> +<li>Index(es): +<ul> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/11/maillist.html#00019"><strong>Date</strong></a></li> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/11/threads.html#00019"><strong>Thread</strong></a></li> +</ul> +</li> +</ul></p> + +<p><!--X-BotPNI-End--> +<!--X-User-Footer--> +<!--X-User-Footer-End--></p> + + +<p></body></html></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2445.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2446.data b/english/lts/security/2020/dla-2446.data new file mode 100644 index 00000000000..84b98646afe --- /dev/null +++ b/english/lts/security/2020/dla-2446.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2446-1 moin</define-tag> +<define-tag report_date>2020-11-10</define-tag> +<define-tag secrefs>CVE-2020-15275 CVE-2020-25074</define-tag> +<define-tag packages>moin</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2446.wml b/english/lts/security/2020/dla-2446.wml new file mode 100644 index 00000000000..dd79ad6400b --- /dev/null +++ b/english/lts/security/2020/dla-2446.wml @@ -0,0 +1,37 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Two vulnerabilities were discovered in moin, a Python clone of WikiWiki.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-15275">CVE-2020-15275</a> + + <p>Catarina Leite discovered that moin is prone to a stored XSS + vulnerability via SVG attachments.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25074">CVE-2020-25074</a> + + <p>Michael Chapman discovered that moin is prone to a remote code + execution vulnerability via the cache action.</p> + + +<p>For Debian 9 stretch, these problems have been fixed in version +1.9.9-1+deb9u2.</p> + +<p>We recommend that you upgrade your moin packages.</p> + +<p>For the detailed security status of moin please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/moin">https://security-tracker.debian.org/tracker/moin</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p></li> + +</ul> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2446.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2447-2.data b/english/lts/security/2020/dla-2447-2.data new file mode 100644 index 00000000000..86415a59391 --- /dev/null +++ b/english/lts/security/2020/dla-2447-2.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2447-2 pacemaker</define-tag> +<define-tag report_date>2020-11-17</define-tag> +<define-tag secrefs>Bug#974563</define-tag> +<define-tag packages>pacemaker</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2447-2.wml b/english/lts/security/2020/dla-2447-2.wml new file mode 100644 index 00000000000..ddf1646e42e --- /dev/null +++ b/english/lts/security/2020/dla-2447-2.wml @@ -0,0 +1,70 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>The update of pacemaker released as DLA-2447-1 caused a regression when the +communication between the Corosync cluster engine and pacemaker takes place. A +permission problem prevents IPC requests between cluster nodes. The patch for +<a href="https://security-tracker.debian.org/tracker/CVE-2020-25654">CVE-2020-25654</a> has been reverted until a better solution can be found.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1.1.16-1+deb9u2.</p> + +<p>We recommend that you upgrade your pacemaker packages.</p> + +<p>For the detailed security status of pacemaker please refer to +its security tracker page at: +<a rel="nofollow" href="https://security-tracker.debian.org/tracker/pacemaker">https://security-tracker.debian.org/tracker/pacemaker</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a rel="nofollow" href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a> +</pre><p><strong>Attachment: +<a href="https://lists.debian.org/debian-lts-announce/2020/11/pgpJhKIPYGUAd.pgp"><tt>signature.asc</tt></a></strong><br> +<em>Description:</em> This is a digitally signed message part</p></p> + +<p><!--X-Body-of-Message-End--> +<!--X-MsgBody-End--> +<!--X-Follow-Ups--> +<hr> +<strong>Reply to:</strong> +<ul> + <li><a href="mailto:debian-lts-announce@lists.debian.org?in-reply-to=<22dc8c85d4840ae3ca44e8e0bf7f72eb69d1157b.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2447-2] pacemaker regression update">debian-lts-announce@lists.debian.org</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<22dc8c85d4840ae3ca44e8e0bf7f72eb69d1157b.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2447-2] pacemaker regression update&ccbian-lts-announce@lists.debian.org">Markus Koschany (on-list)</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<22dc8c85d4840ae3ca44e8e0bf7f72eb69d1157b.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2447-2] pacemaker regression update">Markus Koschany (off-list)</a></li> +</ul> +<hr> +<!--X-Follow-Ups-End--> +<!--X-References--> +<!--X-References-End--> +<!--X-BotPNI--> +<ul> +<li>Prev by Date: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00028.html">[SECURITY] [DLA 2452-2] libdatetime-timezone-perl regression update</a></strong> +</li> +<li>Next by Date: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00030.html">[SECURITY] [DLA 2454-1] rclone security update</a></strong> +</li> +<li>Previous by thread: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00028.html">[SECURITY] [DLA 2452-2] libdatetime-timezone-perl regression update</a></strong> +</li> +<li>Next by thread: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00030.html">[SECURITY] [DLA 2454-1] rclone security update</a></strong> +</li> +<li>Index(es): +<ul> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/11/maillist.html#00029"><strong>Date</strong></a></li> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/11/threads.html#00029"><strong>Thread</strong></a></li> +</ul> +</li> +</ul></p> + +<p><!--X-BotPNI-End--> +<!--X-User-Footer--> +<!--X-User-Footer-End--></p> + + +<p></body></html></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2447-2.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2447.data b/english/lts/security/2020/dla-2447.data new file mode 100644 index 00000000000..9edd1ac6fa5 --- /dev/null +++ b/english/lts/security/2020/dla-2447.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2447-1 pacemaker</define-tag> +<define-tag report_date>2020-11-12</define-tag> +<define-tag secrefs>CVE-2020-25654 Bug#973254</define-tag> +<define-tag packages>pacemaker</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2447.wml b/english/lts/security/2020/dla-2447.wml new file mode 100644 index 00000000000..4546fc1e806 --- /dev/null +++ b/english/lts/security/2020/dla-2447.wml @@ -0,0 +1,63 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>An ACL bypass flaw was found in pacemaker, a cluster resource manager. +An attacker having a local account on the cluster and in the haclient group +could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1.1.16-1+deb9u1.</p> + +<p>We recommend that you upgrade your pacemaker packages.</p> + +<p>For the detailed security status of pacemaker please refer to +its security tracker page at: +<a rel="nofollow" href="https://security-tracker.debian.org/tracker/pacemaker">https://security-tracker.debian.org/tracker/pacemaker</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a rel="nofollow" href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a> +</pre><p><strong>Attachment: +<a href="https://lists.debian.org/debian-lts-announce/2020/11/pgp2Al0QAoV_d.pgp"><tt>signature.asc</tt></a></strong><br> +<em>Description:</em> This is a digitally signed message part</p></p> + +<p><!--X-Body-of-Message-End--> +<!--X-MsgBody-End--> +<!--X-Follow-Ups--> +<hr> +<strong>Reply to:</strong> +<ul> + <li><a href="mailto:debian-lts-announce@lists.debian.org?in-reply-to=<7bac7a9d6dcfc040ea542e561c2b3729497bf000.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2447-1] pacemaker security update">debian-lts-announce@lists.debian.org</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<7bac7a9d6dcfc040ea542e561c2b3729497bf000.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2447-1] pacemaker security update&ccbian-lts-announce@lists.debian.org">Markus Koschany (on-list)</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<7bac7a9d6dcfc040ea542e561c2b3729497bf000.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2447-1] pacemaker security update">Markus Koschany (off-list)</a></li> +</ul> +<hr> +<!--X-Follow-Ups-End--> +<!--X-References--> +<!--X-References-End--> +<!--X-BotPNI--> +<ul> +<li>Prev by Date: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00020.html">[SECURITY] [DLA 2446-1] moin security update</a></strong> +</li> +<li>Previous by thread: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/11/msg00020.html">[SECURITY] [DLA 2446-1] moin security update</a></strong> +</li> +<li>Index(es): +<ul> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/11/maillist.html#00021"><strong>Date</strong></a></li> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/11/threads.html#00021"><strong>Thread</strong></a></li> +</ul> +</li> +</ul></p> + +<p><!--X-BotPNI-End--> +<!--X-User-Footer--> +<!--X-User-Footer-End--></p> + + +<p></body></html></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2447.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2448.data b/english/lts/security/2020/dla-2448.data new file mode 100644 index 00000000000..92ef25d8c11 --- /dev/null +++ b/english/lts/security/2020/dla-2448.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2448-1 firefox-esr</define-tag> +<define-tag report_date>2020-11-11</define-tag> +<define-tag secrefs>CVE-2020-26950</define-tag> +<define-tag packages>firefox-esr</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2448.wml b/english/lts/security/2020/dla-2448.wml new file mode 100644 index 00000000000..70b2d61dd10 --- /dev/null +++ b/english/lts/security/2020/dla-2448.wml @@ -0,0 +1,22 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>A use-after-free was found in the Mozilla Firefox web browser, which +could potentially result in the execution of arbitrary code.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +78.4.1esr-1~deb9u1.</p> + +<p>We recommend that you upgrade your firefox-esr packages.</p> + +<p>For the detailed security status of firefox-esr please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/firefox-esr">https://security-tracker.debian.org/tracker/firefox-esr</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2448.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2449.data b/english/lts/security/2020/dla-2449.data new file mode 100644 index 00000000000..71cb9963cec --- /dev/null +++ b/english/lts/security/2020/dla-2449.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2449-1 thunderbird</define-tag> +<define-tag report_date>2020-11-13</define-tag> +<define-tag secrefs>CVE-2020-26950</define-tag> +<define-tag packages>thunderbird</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2449.wml b/english/lts/security/2020/dla-2449.wml new file mode 100644 index 00000000000..0f0832bf40e --- /dev/null +++ b/english/lts/security/2020/dla-2449.wml @@ -0,0 +1,22 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>A use-after-free was found in Thunderbird, which could potentially result +in the execution of arbitrary code.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1:78.4.2-1~deb9u1.</p> + +<p>We recommend that you upgrade your thunderbird packages.</p> + +<p>For the detailed security status of thunderbird please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/thunderbird">https://security-tracker.debian.org/tracker/thunderbird</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2449.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2450.data b/english/lts/security/2020/dla-2450.data new file mode 100644 index 00000000000..4ec6bf5db03 --- /dev/null +++ b/english/lts/security/2020/dla-2450.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2450-1 libproxy</define-tag> +<define-tag report_date>2020-11-13</define-tag> +<define-tag secrefs>CVE-2020-26154 Bug#968366</define-tag> +<define-tag packages>libproxy</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2450.wml b/english/lts/security/2020/dla-2450.wml new file mode 100644 index 00000000000..71a70ae410d --- /dev/null +++ b/english/lts/security/2020/dla-2450.wml @@ -0,0 +1,24 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Li Fei found that libproxy, a library for automatic proxy configuration +management, was vulnerable to a buffer overflow vulnerability when +receiving a large PAC file from a server without a Content-Length header +in the response.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +0.4.14-2+deb9u2.</p> + +<p>We recommend that you upgrade your libproxy packages.</p> + +<p>For the detailed security status of libproxy please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/libproxy">https://security-tracker.debian.org/tracker/libproxy</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2450.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2451.data b/english/lts/security/2020/dla-2451.data new file mode 100644 index 00000000000..16ff54b569b --- /dev/null +++ b/english/lts/security/2020/dla-2451.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2451-1 libvncserver</define-tag> +<define-tag report_date>2020-11-15</define-tag> +<define-tag secrefs>CVE-2020-25708</define-tag> +<define-tag packages>libvncserver</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2451.wml b/english/lts/security/2020/dla-2451.wml new file mode 100644 index 00000000000..cb91db647cd --- /dev/null +++ b/english/lts/security/2020/dla-2451.wml @@ -0,0 +1,26 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>An issue has been found in libvncserver, an API to write one's own VNC +server. +Due to some missing checks, a divide by zero could happen, which could +result in a denial of service.</p> + + +<p>For Debian 9 stretch, this problem has been fixed in version +0.9.11+dfsg-1.3~deb9u6.</p> + +<p>We recommend that you upgrade your libvncserver packages.</p> + +<p>For the detailed security status of libvncserver please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/libvncserver">https://security-tracker.debian.org/tracker/libvncserver</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2451.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2452-2.data b/english/lts/security/2020/dla-2452-2.data new file mode 100644 index 00000000000..9182a40cd42 --- /dev/null +++ b/english/lts/security/2020/dla-2452-2.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2452-2 libdatetime-timezone-perl</define-tag> +<define-tag report_date>2020-11-17</define-tag> +<define-tag packages>libdatetime-timezone-perl</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2452-2.wml b/english/lts/security/2020/dla-2452-2.wml new file mode 100644 index 00000000000..e2993570678 --- /dev/null +++ b/english/lts/security/2020/dla-2452-2.wml @@ -0,0 +1,18 @@ +<define-tag description>LTS regression update</define-tag> +<define-tag moreinfo> +<p>libdatetime-timezone-perl 2.09-1+2020d did accidentally omit changes to some files, +resulting in warnings.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +2.09-1+2020d+1.</p> + +<p>We recommend that you upgrade your libdatetime-timezone-perl packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2452-2.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2452.data b/english/lts/security/2020/dla-2452.data new file mode 100644 index 00000000000..2f652c8ad23 --- /dev/null +++ b/english/lts/security/2020/dla-2452.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2452-1 libdatetime-timezone-perl</define-tag> +<define-tag report_date>2020-11-16</define-tag> +<define-tag packages>libdatetime-timezone-perl</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2452.wml b/english/lts/security/2020/dla-2452.wml new file mode 100644 index 00000000000..02605c7d951 --- /dev/null +++ b/english/lts/security/2020/dla-2452.wml @@ -0,0 +1,18 @@ +<define-tag description>LTS new upstream version</define-tag> +<define-tag moreinfo> +<p>This update includes the changes in tzdata 2020d for the +Perl bindings.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1:2.09-1+2020d.</p> + +<p>We recommend that you upgrade your libdatetime-timezone-perl packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2452.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2453.data b/english/lts/security/2020/dla-2453.data new file mode 100644 index 00000000000..2e2d4e513cc --- /dev/null +++ b/english/lts/security/2020/dla-2453.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2453-1 restic</define-tag> +<define-tag report_date>2020-11-17</define-tag> +<define-tag secrefs>CVE-2020-9283</define-tag> +<define-tag packages>restic</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2453.wml b/english/lts/security/2020/dla-2453.wml new file mode 100644 index 00000000000..badcdcc1712 --- /dev/null +++ b/english/lts/security/2020/dla-2453.wml @@ -0,0 +1,32 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>golang-go.crypto was recently updated with a fix for <a href="https://security-tracker.debian.org/tracker/CVE-2020-9283">CVE-2020-9283</a>. This in +turn requires all packages that use the affected code to be recompiled in order +to pick up the security fix.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-9283">CVE-2020-9283</a> + + <p>SSH signature verification could cause Panic when given + invalid Public key.</p></li> + +</ul> + +<p>For Debian 9 stretch, this problem has been fixed in version +0.3.3-1+deb9u1.</p> + +<p>We recommend that you upgrade your restic packages.</p> + +<p>For the detailed security status of restic please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/restic">https://security-tracker.debian.org/tracker/restic</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2453.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2454.data b/english/lts/security/2020/dla-2454.data new file mode 100644 index 00000000000..7c8e41f6db2 --- /dev/null +++ b/english/lts/security/2020/dla-2454.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2454-1 rclone</define-tag> +<define-tag report_date>2020-11-19</define-tag> +<define-tag secrefs>CVE-2019-11840</define-tag> +<define-tag packages>rclone</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2454.wml b/english/lts/security/2020/dla-2454.wml new file mode 100644 index 00000000000..d8a0a5c678d --- /dev/null +++ b/english/lts/security/2020/dla-2454.wml @@ -0,0 +1,37 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>golang-go.crypto was recently updated with a fix for <a href="https://security-tracker.debian.org/tracker/CVE-2019-11840">CVE-2019-11840</a>. This in +turn requires all packages that use the affected code to be recompiled in order +to pick up the security fix.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-11840">CVE-2019-11840</a> + + <p>An issue was discovered in supplementary Go cryptography libraries, aka + golang-googlecode-go-crypto. If more than 256 GiB of keystream is + generated, or if the counter otherwise grows greater than 32 bits, the amd64 + implementation will first generate incorrect output, and then cycle back to + previously generated keystream. Repeated keystream bytes can lead to loss of + confidentiality in encryption applications, or to predictability in CSPRNG + applications.</p></li> + +</ul> + +<p>For Debian 9 stretch, this problem has been fixed in version +1.35-1+deb8u1.</p> + +<p>We recommend that you upgrade your rclone packages.</p> + +<p>For the detailed security status of rclone please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/rclone">https://security-tracker.debian.org/tracker/rclone</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2454.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2455.data b/english/lts/security/2020/dla-2455.data new file mode 100644 index 00000000000..34a7512a2f2 --- /dev/null +++ b/english/lts/security/2020/dla-2455.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2455-1 packer</define-tag> +<define-tag report_date>2020-11-19</define-tag> +<define-tag secrefs>CVE-2020-9283</define-tag> +<define-tag packages>packer</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2455.wml b/english/lts/security/2020/dla-2455.wml new file mode 100644 index 00000000000..f20d66c65f3 --- /dev/null +++ b/english/lts/security/2020/dla-2455.wml @@ -0,0 +1,32 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>golang-go.crypto was recently updated with a fix for <a href="https://security-tracker.debian.org/tracker/CVE-2020-9283">CVE-2020-9283</a>. This in +turn requires all packages that use the affected code to be recompiled in order +to pick up the security fix.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-9283">CVE-2020-9283</a> + + <p>SSH signature verification could cause Panic when given + invalid Public key.</p></li> + +</ul> + +<p>For Debian 9 stretch, this problem has been fixed in version +0.10.2+dfsg-6+deb9u1.</p> + +<p>We recommend that you upgrade your packer packages.</p> + +<p>For the detailed security status of packer please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/packer">https://security-tracker.debian.org/tracker/packer</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2455.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2456.data b/english/lts/security/2020/dla-2456.data new file mode 100644 index 00000000000..2c40afb5e89 --- /dev/null +++ b/english/lts/security/2020/dla-2456.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2456-1 python3.5</define-tag> +<define-tag report_date>2020-11-18</define-tag> +<define-tag secrefs>CVE-2019-20907 CVE-2020-26116</define-tag> +<define-tag packages>python3.5</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2456.wml b/english/lts/security/2020/dla-2456.wml new file mode 100644 index 00000000000..d29b91716cb --- /dev/null +++ b/english/lts/security/2020/dla-2456.wml @@ -0,0 +1,36 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple security issues were discovered in Python.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-20907">CVE-2019-20907</a> + + <p>In Lib/tarfile.py, an attacker is able to craft a TAR + archive leading to an infinite loop when opened by tarfile.open, + because _proc_pax lacks header validation</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-26116">CVE-2020-26116</a> + + <p>http.client allows CRLF injection if the attacker controls + the HTTP request method</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +3.5.3-1+deb9u3.</p> + +<p>We recommend that you upgrade your python3.5 packages.</p> + +<p>For the detailed security status of python3.5 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/python3.5">https://security-tracker.debian.org/tracker/python3.5</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2456.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2457.data b/english/lts/security/2020/dla-2457.data new file mode 100644 index 00000000000..4b62b3c5449 --- /dev/null +++ b/english/lts/security/2020/dla-2457.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2457-1 firefox-esr</define-tag> +<define-tag report_date>2020-11-19</define-tag> +<define-tag secrefs>CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968</define-tag> +<define-tag packages>firefox-esr</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2457.wml b/english/lts/security/2020/dla-2457.wml new file mode 100644 index 00000000000..e148bf5edc2 --- /dev/null +++ b/english/lts/security/2020/dla-2457.wml @@ -0,0 +1,24 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple security issues have been found in the Mozilla Firefox web +browser, which could potentially result in the execution of arbitrary +code, information disclosure, phishing, cross-site scripting or a DNS +rebinding attack.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +78.5.0esr-1~deb9u1.</p> + +<p>We recommend that you upgrade your firefox-esr packages.</p> + +<p>For the detailed security status of firefox-esr please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/firefox-esr">https://security-tracker.debian.org/tracker/firefox-esr</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2457.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2458.data b/english/lts/security/2020/dla-2458.data new file mode 100644 index 00000000000..848aa0d7991 --- /dev/null +++ b/english/lts/security/2020/dla-2458.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2458-1 drupal7</define-tag> +<define-tag report_date>2020-11-19</define-tag> +<define-tag secrefs>CVE-2020-13666 CVE-2020-13671</define-tag> +<define-tag packages>drupal7</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2458.wml b/english/lts/security/2020/dla-2458.wml new file mode 100644 index 00000000000..1ffaf758a73 --- /dev/null +++ b/english/lts/security/2020/dla-2458.wml @@ -0,0 +1,48 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Two vulnerabilities were discovered in Drupal, a fully-featured content +management framework.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-13666">CVE-2020-13666</a> + + <p>The Drupal AJAX API did not disable JSONP by default, which could + lead to cross-site scripting.</p> + + <p>For setups that relied on Drupal's AJAX API for JSONP requests, + either JSONP will need to be reenabled, or the jQuery AJAX API will + have to be used instead.</p> + + <p>See the upstream advisory for more details: + <a href="https://www.drupal.org/sa-core-2020-007">https://www.drupal.org/sa-core-2020-007</a></p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-13671">CVE-2020-13671</a> + + <p>Drupal failed to sanitize filenames on uploaded files, which could + lead to those files being served as the wrong MIME type, or being + executed depending on the server configuration.</p> + + <p>It is also recommended to check previously uploaded files for + malicious extensions. For more details see the upstream advisory: + <a href="https://www.drupal.org/sa-core-2020-012">https://www.drupal.org/sa-core-2020-012</a></p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +7.52-2+deb9u12.</p> + +<p>We recommend that you upgrade your drupal7 packages.</p> + +<p>For the detailed security status of drupal7 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/drupal7">https://security-tracker.debian.org/tracker/drupal7</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2458.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2459.data b/english/lts/security/2020/dla-2459.data new file mode 100644 index 00000000000..b6331a4fe1b --- /dev/null +++ b/english/lts/security/2020/dla-2459.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2459-1 golang-1.7</define-tag> +<define-tag report_date>2020-11-21</define-tag> +<define-tag secrefs>CVE-2020-15586 CVE-2020-16845</define-tag> +<define-tag packages>golang-1.7</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2459.wml b/english/lts/security/2020/dla-2459.wml new file mode 100644 index 00000000000..fc37d39d417 --- /dev/null +++ b/english/lts/security/2020/dla-2459.wml @@ -0,0 +1,39 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Two issues have been found in golang-1.7, a Go programming language +compiler version 1.7</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-15586">CVE-2020-15586</a> + + <p>Using the 100-continue in HTTP headers received by a net/http/Server + can lead to a data race involving the connection's buffered writer.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-16845">CVE-2020-16845</a> + + <p>Certain invalid inputs to ReadUvarint or ReadVarint could cause those + functions to read an unlimited number of bytes from the ByteReader + argument before returning an error.</p> + + +<p>For Debian 9 stretch, these problems have been fixed in version +1.7.4-2+deb9u2.</p> + +<p>We recommend that you upgrade your golang-1.7 packages.</p> + +<p>For the detailed security status of golang-1.7 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/golang-1.7">https://security-tracker.debian.org/tracker/golang-1.7</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p></li> + +</ul> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2459.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2460.data b/english/lts/security/2020/dla-2460.data new file mode 100644 index 00000000000..9515552e594 --- /dev/null +++ b/english/lts/security/2020/dla-2460.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2460-1 golang-1.8</define-tag> +<define-tag report_date>2020-11-21</define-tag> +<define-tag secrefs>CVE-2020-15586 CVE-2020-16845 CVE-2020-28367</define-tag> +<define-tag packages>golang-1.8</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2460.wml b/english/lts/security/2020/dla-2460.wml new file mode 100644 index 00000000000..2172d83f172 --- /dev/null +++ b/english/lts/security/2020/dla-2460.wml @@ -0,0 +1,43 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Three issues have been found in golang-1.8, a Go programming language +compiler version 1.8</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-15586">CVE-2020-15586</a> + + <p>Using the 100-continue in HTTP headers received by a net/http/Server + can lead to a data race involving the connection's buffered writer.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-16845">CVE-2020-16845</a> + + <p>Certain invalid inputs to ReadUvarint or ReadVarint could cause those + functions to read an unlimited number of bytes from the ByteReader + argument before returning an error.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28367">CVE-2020-28367</a> + + <p>When using cgo, arbitrary code might be executed at build time.</p> + + +<p>For Debian 9 stretch, these problems have been fixed in version +1.8.1-1+deb9u2.</p> + +<p>We recommend that you upgrade your golang-1.8 packages.</p> + +<p>For the detailed security status of golang-1.8 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/golang-1.8">https://security-tracker.debian.org/tracker/golang-1.8</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p></li> + +</ul> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2460.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2461.data b/english/lts/security/2020/dla-2461.data new file mode 100644 index 00000000000..b0f076afd67 --- /dev/null +++ b/english/lts/security/2020/dla-2461.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2461-1 zabbix</define-tag> +<define-tag report_date>2020-11-21</define-tag> +<define-tag secrefs>CVE-2016-10742 CVE-2020-11800</define-tag> +<define-tag packages>zabbix</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2461.wml b/english/lts/security/2020/dla-2461.wml new file mode 100644 index 00000000000..833e1f74d2d --- /dev/null +++ b/english/lts/security/2020/dla-2461.wml @@ -0,0 +1,40 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple vulnerabilities were discovered in Zabbix, a network +monitoring solution. An attacker may remotely execute code on the +zabbix server, and redirect to external links through the zabbix web +frontend.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-10742">CVE-2016-10742</a> + + <p>Zabbix allows open redirect via the request parameter.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-11800">CVE-2020-11800</a> + + <p>Zabbix allows remote attackers to execute arbitrary code.</p></li> + +</ul> + +<p>This update also includes several other bug fixes and +improvements. For more information please refer to the upstream +changelog file.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +1:3.0.31+dfsg-0+deb9u1.</p> + +<p>We recommend that you upgrade your zabbix packages.</p> + +<p>For the detailed security status of zabbix please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/zabbix">https://security-tracker.debian.org/tracker/zabbix</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2461.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2462.data b/english/lts/security/2020/dla-2462.data new file mode 100644 index 00000000000..e249674f431 --- /dev/null +++ b/english/lts/security/2020/dla-2462.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2462-1 cimg</define-tag> +<define-tag report_date>2020-11-23</define-tag> +<define-tag secrefs>CVE-2020-25693</define-tag> +<define-tag packages>cimg</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2462.wml b/english/lts/security/2020/dla-2462.wml new file mode 100644 index 00000000000..a80e81d650a --- /dev/null +++ b/english/lts/security/2020/dla-2462.wml @@ -0,0 +1,22 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple heap buffer overflows have been fixed in CImg, +a C++ toolkit to load, save, process and display images.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1.7.9+dfsg-1+deb9u2.</p> + +<p>We recommend that you upgrade your cimg packages.</p> + +<p>For the detailed security status of cimg please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/cimg">https://security-tracker.debian.org/tracker/cimg</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2462.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2463.data b/english/lts/security/2020/dla-2463.data new file mode 100644 index 00000000000..ca166aa7dd7 --- /dev/null +++ b/english/lts/security/2020/dla-2463.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2463-1 samba</define-tag> +<define-tag report_date>2020-11-22</define-tag> +<define-tag secrefs>CVE-2020-1472 CVE-2020-10704 CVE-2020-10730 CVE-2020-10745 CVE-2020-10760 CVE-2020-14303 CVE-2020-14318 CVE-2020-14323 CVE-2020-14383</define-tag> +<define-tag packages>samba</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2463.wml b/english/lts/security/2020/dla-2463.wml new file mode 100644 index 00000000000..6e82a7e3922 --- /dev/null +++ b/english/lts/security/2020/dla-2463.wml @@ -0,0 +1,72 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple vulnerabilities have been discovered in Samba, a SMB/CIFS file, +print, and login server for Unix.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-1472">CVE-2020-1472</a> + + <p>Unauthenticated domain controller compromise by subverting Netlogon + cryptography. This vulnerability includes both ZeroLogon and + non-ZeroLogon variations.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-10704">CVE-2020-10704</a> + + <p>An unauthorized user can trigger a denial of service via a stack + overflow in the AD DC LDAP server.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-10730">CVE-2020-10730</a> + + <p>NULL pointer de-reference and use-after-free in Samba AD DC LDAP + Server with ASQ, VLV and paged_results.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-10745">CVE-2020-10745</a> + + <p>Denial of service resulting from abuse of compression of replies to + NetBIOS over TCP/IP name resolution and DNS packets causing excessive + CPU load on the Samba AD DC.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-10760">CVE-2020-10760</a> + + <p>The use of the paged_results or VLV controls against the Global + Catalog LDAP server on the AD DC will cause a use-after-free.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14303">CVE-2020-14303</a> + + <p>Denial of service resulting from CPU spin and and inability to + process further requests once the AD DC NBT server receives an empty + (zero-length) UDP packet to port 137.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14318">CVE-2020-14318</a> + + <p>Missing handle permissions check in ChangeNotify</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14323">CVE-2020-14323</a> + + <p>Unprivileged user can crash winbind via invalid lookupsids DoS</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14383">CVE-2020-14383</a> + + <p>DNS server crash via invalid records resulting from uninitialized + variables</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +2:4.5.16+dfsg-1+deb9u3.</p> + +<p>We recommend that you upgrade your samba packages.</p> + +<p>For the detailed security status of samba please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/samba">https://security-tracker.debian.org/tracker/samba</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2463.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2464.data b/english/lts/security/2020/dla-2464.data new file mode 100644 index 00000000000..e5c8d97f8ab --- /dev/null +++ b/english/lts/security/2020/dla-2464.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2464-1 thunderbird</define-tag> +<define-tag report_date>2020-11-23</define-tag> +<define-tag secrefs>CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968</define-tag> +<define-tag packages>thunderbird</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2464.wml b/english/lts/security/2020/dla-2464.wml new file mode 100644 index 00000000000..73859446e1a --- /dev/null +++ b/english/lts/security/2020/dla-2464.wml @@ -0,0 +1,22 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Multiple security issues have been found in Thunderbird, which may lead +to the execution of arbitrary code or denial of service.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +1:78.5.0-1~deb9u1.</p> + +<p>We recommend that you upgrade your thunderbird packages.</p> + +<p>For the detailed security status of thunderbird please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/thunderbird">https://security-tracker.debian.org/tracker/thunderbird</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2464.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2465.data b/english/lts/security/2020/dla-2465.data new file mode 100644 index 00000000000..06e8f1663f1 --- /dev/null +++ b/english/lts/security/2020/dla-2465.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2465-1 php-pear</define-tag> +<define-tag report_date>2020-11-23</define-tag> +<define-tag secrefs>CVE-2020-28948 CVE-2020-28949</define-tag> +<define-tag packages>php-pear</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security diff --git a/english/lts/security/2020/dla-2465.wml b/english/lts/security/2020/dla-2465.wml new file mode 100644 index 00000000000..9d57a32f82e --- /dev/null +++ b/english/lts/security/2020/dla-2465.wml @@ -0,0 +1,34 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>It was discovered that there was a filename sanitisation issue in +<tt>php-pear</tt>, a distribution system for reusable PHP components.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28948">CVE-2020-28948</a> + + <p>Archive_Tar through 1.4.10 allows an unserialization attack because + phar: is blocked but PHAR: is not blocked.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-28949">CVE-2020-28949</a> + + <p>Archive_Tar through 1.4.10 has :// filename sanitization only to address + phar attacks, and thus any other stream-wrapper attack (such as file:// to + overwrite files) can still succeed.</p></li> + +</ul> + +<p>For Debian 9 <q>Stretch</q>, these problems have been fixed in version +1:1.10.1+submodules+notgz-9+deb9u2.</p> + +<p>We recommend that you upgrade your php-pear packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2465.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2466.data b/english/lts/security/2020/dla-2466.data new file mode 100644 index 00000000000..76d5d48b41a --- /dev/null +++ b/english/lts/security/2020/dla-2466.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2466-1 drupal7</define-tag> +<define-tag report_date>2020-11-27</define-tag> +<define-tag secrefs>CVE-2020-28948 CVE-2020-28949</define-tag> +<define-tag packages>drupal7</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2466.wml b/english/lts/security/2020/dla-2466.wml new file mode 100644 index 00000000000..4e31569a3ad --- /dev/null +++ b/english/lts/security/2020/dla-2466.wml @@ -0,0 +1,23 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Two vulnerabilities were found in the Archive_Tar PHP module, used by +Drupal, which could result in the execution of arbitrary code if a +malicious user is allowed to upload tar archives.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +7.52-2+deb9u13.</p> + +<p>We recommend that you upgrade your drupal7 packages.</p> + +<p>For the detailed security status of drupal7 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/drupal7">https://security-tracker.debian.org/tracker/drupal7</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2466.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2467.data b/english/lts/security/2020/dla-2467.data new file mode 100644 index 00000000000..af6e8faa316 --- /dev/null +++ b/english/lts/security/2020/dla-2467.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2467-1 lxml</define-tag> +<define-tag report_date>2020-11-27</define-tag> +<define-tag secrefs>CVE-2018-19787 CVE-2020-27783</define-tag> +<define-tag packages>lxml</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2467.wml b/english/lts/security/2020/dla-2467.wml new file mode 100644 index 00000000000..c8f8dc8b934 --- /dev/null +++ b/english/lts/security/2020/dla-2467.wml @@ -0,0 +1,32 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-19787">CVE-2018-19787</a> + + <p>It was discovered that there was a XSS injection vulnerability in + the LXML HTML/XSS manipulation library for Python.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-27783">CVE-2020-27783</a> + + <p>javascript escaping through the <noscript> and <style> combinations.</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +3.7.1-1+deb9u1.</p> + +<p>We recommend that you upgrade your lxml packages.</p> + +<p>For the detailed security status of lxml please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/lxml">https://security-tracker.debian.org/tracker/lxml</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2467.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2468.data b/english/lts/security/2020/dla-2468.data new file mode 100644 index 00000000000..432e1ca6d66 --- /dev/null +++ b/english/lts/security/2020/dla-2468.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2468-1 tcpflow</define-tag> +<define-tag report_date>2020-11-28</define-tag> +<define-tag secrefs>CVE-2018-14938</define-tag> +<define-tag packages>tcpflow</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2468.wml b/english/lts/security/2020/dla-2468.wml new file mode 100644 index 00000000000..4374d13cfc4 --- /dev/null +++ b/english/lts/security/2020/dla-2468.wml @@ -0,0 +1,26 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>An issue has been found in tcpflow, a TCP flow recorder.</p> + +<p>Due to an overflow vulnerability in function handle_80211, an +out-of-bounds read with access to sensitive memory or a denial of service +might happen.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1.4.4+repack1-3+deb8u1.</p> + +<p>We recommend that you upgrade your tcpflow packages.</p> + +<p>For the detailed security status of tcpflow please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/tcpflow">https://security-tracker.debian.org/tracker/tcpflow</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2468.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2469.data b/english/lts/security/2020/dla-2469.data new file mode 100644 index 00000000000..09901144ed4 --- /dev/null +++ b/english/lts/security/2020/dla-2469.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2469-1 qemu</define-tag> +<define-tag report_date>2020-11-29</define-tag> +<define-tag secrefs>CVE-2020-25085 CVE-2020-25624 CVE-2020-25625 CVE-2020-25723 CVE-2020-27617</define-tag> +<define-tag packages>qemu</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2469.wml b/english/lts/security/2020/dla-2469.wml new file mode 100644 index 00000000000..325e1043144 --- /dev/null +++ b/english/lts/security/2020/dla-2469.wml @@ -0,0 +1,26 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Some issues have been found in qemu, a fast processor emulator.</p> + +<p>All issues are related to assertion failures, out-of-bounds access +failures or bad handling of return codes.</p> + + +<p>For Debian 9 stretch, these problems have been fixed in version +1:2.8+dfsg-6+deb9u12.</p> + +<p>We recommend that you upgrade your qemu packages.</p> + +<p>For the detailed security status of qemu please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/qemu">https://security-tracker.debian.org/tracker/qemu</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2469.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2470.data b/english/lts/security/2020/dla-2470.data new file mode 100644 index 00000000000..d71468d0aa8 --- /dev/null +++ b/english/lts/security/2020/dla-2470.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2470-1 zsh</define-tag> +<define-tag report_date>2020-12-01</define-tag> +<define-tag secrefs>CVE-2017-18206 CVE-2018-0502 CVE-2018-1071 CVE-2018-1083 CVE-2018-1100 CVE-2018-13259 CVE-2019-20044 Bug#908000 Bug#894044 Bug#894043 Bug#895225 Bug#951458</define-tag> +<define-tag packages>zsh</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2470.wml b/english/lts/security/2020/dla-2470.wml new file mode 100644 index 00000000000..9ebbb1edaf5 --- /dev/null +++ b/english/lts/security/2020/dla-2470.wml @@ -0,0 +1,66 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several security vulnerabilities were found and corrected in zsh, a powerful +shell and scripting language. Off-by-one errors, wrong parsing of shebang lines +and buffer overflows may lead to unexpected behavior. A local, unprivileged +user can create a specially crafted message file or directory path. If the +receiving user is privileged or traverses the aforementioned path, this leads +to privilege escalation.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +5.3.1-4+deb9u4.</p> + +<p>We recommend that you upgrade your zsh packages.</p> + +<p>For the detailed security status of zsh please refer to +its security tracker page at: +<a rel="nofollow" href="https://security-tracker.debian.org/tracker/zsh">https://security-tracker.debian.org/tracker/zsh</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a rel="nofollow" href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a> +</pre><p><strong>Attachment: +<a href="https://lists.debian.org/debian-lts-announce/2020/12/pgpdiifJcL4tl.pgp"><tt>signature.asc</tt></a></strong><br> +<em>Description:</em> This is a digitally signed message part</p></p> + +<p><!--X-Body-of-Message-End--> +<!--X-MsgBody-End--> +<!--X-Follow-Ups--> +<hr> +<strong>Reply to:</strong> +<ul> + <li><a href="mailto:debian-lts-announce@lists.debian.org?in-reply-to=<bdaf3cb10b733f338b7bafd6b2b8b06fb580d75a.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2470-1] zsh security update">debian-lts-announce@lists.debian.org</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<bdaf3cb10b733f338b7bafd6b2b8b06fb580d75a.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2470-1] zsh security update&ccbian-lts-announce@lists.debian.org">Markus Koschany (on-list)</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<bdaf3cb10b733f338b7bafd6b2b8b06fb580d75a.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2470-1] zsh security update">Markus Koschany (off-list)</a></li> +</ul> +<hr> +<!--X-Follow-Ups-End--> +<!--X-References--> +<!--X-References-End--> +<!--X-BotPNI--> +<ul> +<li>Next by Date: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/12/msg00001.html">[SECURITY] [DLA 2471-1] libxstream-java security update</a></strong> +</li> +<li>Next by thread: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/12/msg00001.html">[SECURITY] [DLA 2471-1] libxstream-java security update</a></strong> +</li> +<li>Index(es): +<ul> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/12/maillist.html#00000"><strong>Date</strong></a></li> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/12/threads.html#00000"><strong>Thread</strong></a></li> +</ul> +</li> +</ul></p> + +<p><!--X-BotPNI-End--> +<!--X-User-Footer--> +<!--X-User-Footer-End--></p> + + +<p></body></html></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2470.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2471.data b/english/lts/security/2020/dla-2471.data new file mode 100644 index 00000000000..c4c0c777973 --- /dev/null +++ b/english/lts/security/2020/dla-2471.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2471-1 libxstream-java</define-tag> +<define-tag report_date>2020-12-01</define-tag> +<define-tag secrefs>CVE-2020-26217</define-tag> +<define-tag packages>libxstream-java</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2471.wml b/english/lts/security/2020/dla-2471.wml new file mode 100644 index 00000000000..90a3902011e --- /dev/null +++ b/english/lts/security/2020/dla-2471.wml @@ -0,0 +1,72 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>It was found that XStream is vulnerable to Remote Code Execution. The +vulnerability may allow a remote attacker to run arbitrary shell commands only +by manipulating the processed input stream. Users who rely on blocklists +are affected (the default in Debian). We strongly recommend to use the +whitelist approach of XStream's Security Framework because there are likely +more class combinations the blacklist approach may not address.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1.4.9-2+deb9u1.</p> + +<p>We recommend that you upgrade your libxstream-java packages.</p> + +<p>For the detailed security status of libxstream-java please refer to +its security tracker page at: +<a rel="nofollow" href="https://security-tracker.debian.org/tracker/libxstream-java">https://security-tracker.debian.org/tracker/libxstream-java</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a rel="nofollow" href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a> +</pre><p><strong>Attachment: +<a href="https://lists.debian.org/debian-lts-announce/2020/12/pgprFlRjJbD_V.pgp"><tt>signature.asc</tt></a></strong><br> +<em>Description:</em> This is a digitally signed message part</p></p> + +<p><!--X-Body-of-Message-End--> +<!--X-MsgBody-End--> +<!--X-Follow-Ups--> +<hr> +<strong>Reply to:</strong> +<ul> + <li><a href="mailto:debian-lts-announce@lists.debian.org?in-reply-to=<a3c35545c1bd54d4f6d0509b53a5550eee17fa4e.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2471-1] libxstream-java security update">debian-lts-announce@lists.debian.org</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<a3c35545c1bd54d4f6d0509b53a5550eee17fa4e.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2471-1] libxstream-java security update&ccbian-lts-announce@lists.debian.org">Markus Koschany (on-list)</a></li> + <li><a href="mailto:apo@debian.org?in-reply-to=<a3c35545c1bd54d4f6d0509b53a5550eee17fa4e.camel@debian.org>&subject=Re:%20[SECURITY] [DLA 2471-1] libxstream-java security update">Markus Koschany (off-list)</a></li> +</ul> +<hr> +<!--X-Follow-Ups-End--> +<!--X-References--> +<!--X-References-End--> +<!--X-BotPNI--> +<ul> +<li>Prev by Date: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/12/msg00000.html">[SECURITY] [DLA 2470-1] zsh security update</a></strong> +</li> +<li>Next by Date: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/12/msg00002.html">[SECURITY] [DLA 2475-1] pdfresurrect security update</a></strong> +</li> +<li>Previous by thread: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/12/msg00000.html">[SECURITY] [DLA 2470-1] zsh security update</a></strong> +</li> +<li>Next by thread: +<strong><a href="https://lists.debian.org/debian-lts-announce/2020/12/msg00002.html">[SECURITY] [DLA 2475-1] pdfresurrect security update</a></strong> +</li> +<li>Index(es): +<ul> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/12/maillist.html#00001"><strong>Date</strong></a></li> +<li><a href="https://lists.debian.org/debian-lts-announce/2020/12/threads.html#00001"><strong>Thread</strong></a></li> +</ul> +</li> +</ul></p> + +<p><!--X-BotPNI-End--> +<!--X-User-Footer--> +<!--X-User-Footer-End--></p> + + +<p></body></html></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2471.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2472.data b/english/lts/security/2020/dla-2472.data new file mode 100644 index 00000000000..44bef66d79f --- /dev/null +++ b/english/lts/security/2020/dla-2472.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2472-1 mutt</define-tag> +<define-tag report_date>2020-11-30</define-tag> +<define-tag secrefs>CVE-2020-28896</define-tag> +<define-tag packages>mutt</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2472.wml b/english/lts/security/2020/dla-2472.wml new file mode 100644 index 00000000000..85c24f73345 --- /dev/null +++ b/english/lts/security/2020/dla-2472.wml @@ -0,0 +1,23 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p><In Mutt, a text-based Mail User Agent, invalid IMAP server responses +were not properly handled, potentially resulting in authentication +credentials being exposed or man-in-the-middle attacks./p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1.7.2-1+deb9u4.</p> + +<p>We recommend that you upgrade your mutt packages.</p> + +<p>For the detailed security status of mutt please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/mutt">https://security-tracker.debian.org/tracker/mutt</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2472.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2473.data b/english/lts/security/2020/dla-2473.data new file mode 100644 index 00000000000..6429ea28bf5 --- /dev/null +++ b/english/lts/security/2020/dla-2473.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2473-1 vips</define-tag> +<define-tag report_date>2020-11-30</define-tag> +<define-tag secrefs>CVE-2020-20739</define-tag> +<define-tag packages>vips</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2473.wml b/english/lts/security/2020/dla-2473.wml new file mode 100644 index 00000000000..57e1e1cc401 --- /dev/null +++ b/english/lts/security/2020/dla-2473.wml @@ -0,0 +1,22 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>In VIPS, an image processing system, an uninitialized variable which may +cause the leakage of remote server path or stack address was fixed.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +8.4.5-1+deb9u2.</p> + +<p>We recommend that you upgrade your vips packages.</p> + +<p>For the detailed security status of vips please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/vips">https://security-tracker.debian.org/tracker/vips</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2473.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2474.data b/english/lts/security/2020/dla-2474.data new file mode 100644 index 00000000000..e12234ebe06 --- /dev/null +++ b/english/lts/security/2020/dla-2474.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2474-1 musl</define-tag> +<define-tag report_date>2020-12-01</define-tag> +<define-tag secrefs>CVE-2020-28928 Bug#975365</define-tag> +<define-tag packages>musl</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2474.wml b/english/lts/security/2020/dla-2474.wml new file mode 100644 index 00000000000..a1ba4dac3f4 --- /dev/null +++ b/english/lts/security/2020/dla-2474.wml @@ -0,0 +1,25 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>The wcsnrtombs function in all musl libc versions up through 1.2.1 +has been found to have multiple bugs in handling of destination +buffer size when limiting the input character count, which can +lead to infinite loop with no forward progress (no overflow) or +writing past the end of the destination buffers.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1.1.16-3+deb9u1.</p> + +<p>We recommend that you upgrade your musl packages.</p> + +<p>For the detailed security status of musl please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/musl">https://security-tracker.debian.org/tracker/musl</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2474.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2475.data b/english/lts/security/2020/dla-2475.data new file mode 100644 index 00000000000..1c234734ae3 --- /dev/null +++ b/english/lts/security/2020/dla-2475.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2475-1 pdfresurrect</define-tag> +<define-tag report_date>2020-12-01</define-tag> +<define-tag secrefs>CVE-2019-14934 CVE-2020-20740</define-tag> +<define-tag packages>pdfresurrect</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2475.wml b/english/lts/security/2020/dla-2475.wml new file mode 100644 index 00000000000..17df7c63fb8 --- /dev/null +++ b/english/lts/security/2020/dla-2475.wml @@ -0,0 +1,36 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Vulnerabilities have been discovered in pdfresurrect, a tool for +analyzing and manipulating revisions to PDF documents.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-14934">CVE-2019-14934</a> + + <p>pdf_load_pages_kids in pdf.c doesn't validate a certain size value, + which leads to a malloc failure and out-of-bounds write</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-20740">CVE-2020-20740</a> + + <p>lack of header validation checks causes heap-buffer-overflow in + pdf_get_version()</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +0.12-6+deb9u1.</p> + +<p>We recommend that you upgrade your pdfresurrect packages.</p> + +<p>For the detailed security status of pdfresurrect please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/pdfresurrect">https://security-tracker.debian.org/tracker/pdfresurrect</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2475.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2476.data b/english/lts/security/2020/dla-2476.data new file mode 100644 index 00000000000..58ffd012cd2 --- /dev/null +++ b/english/lts/security/2020/dla-2476.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2476-1 brotli</define-tag> +<define-tag report_date>2020-12-01</define-tag> +<define-tag secrefs>CVE-2020-8927</define-tag> +<define-tag packages>brotli</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2476.wml b/english/lts/security/2020/dla-2476.wml new file mode 100644 index 00000000000..adc6fb0acb4 --- /dev/null +++ b/english/lts/security/2020/dla-2476.wml @@ -0,0 +1,22 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>A buffer overflow was discovered in Brotli, a generic-purpose lossless +compression suite.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +0.5.2+dfsg-2+deb9u1.</p> + +<p>We recommend that you upgrade your brotli packages.</p> + +<p>For the detailed security status of brotli please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/brotli">https://security-tracker.debian.org/tracker/brotli</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2476.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2477.data b/english/lts/security/2020/dla-2477.data new file mode 100644 index 00000000000..4b6e7c4bb7f --- /dev/null +++ b/english/lts/security/2020/dla-2477.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-2477-1 jupyter-notebook</define-tag> +<define-tag report_date>2020-12-02</define-tag> +<define-tag secrefs>CVE-2020-26215</define-tag> +<define-tag packages>jupyter-notebook</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security diff --git a/english/lts/security/2020/dla-2477.wml b/english/lts/security/2020/dla-2477.wml new file mode 100644 index 00000000000..21b5009883a --- /dev/null +++ b/english/lts/security/2020/dla-2477.wml @@ -0,0 +1,35 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>It was discovered that there was an issue in the <a +href="https://jupyter.org/">Jupyter</a> interactive notebook system where a +maliciously-crafted link could redirect the browser to a malicious/spoofed +website.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-26215">CVE-2020-26215</a> + + <p>Jupyter Notebook before version 6.1.5 has an Open redirect + vulnerability. A maliciously crafted link to a notebook server could + redirect the browser to a different website. All notebook servers are + technically affected, however, these maliciously crafted links can only be + reasonably made for known notebook server hosts. A link to your notebook + server may appear safe, but ultimately redirect to a spoofed server on the + public internet. The issue is patched in version 6.1.5.</p></li> + +</ul> + +<p>For Debian 9 <q>Stretch</q>, these problems have been fixed in version +4.2.3-4+deb9u2.</p> + +<p>We recommend that you upgrade your jupyter-notebook packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2477.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2478.data b/english/lts/security/2020/dla-2478.data new file mode 100644 index 00000000000..f70b7cdbabb --- /dev/null +++ b/english/lts/security/2020/dla-2478.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2478-1 postgresql-9.6</define-tag> +<define-tag report_date>2020-12-02</define-tag> +<define-tag secrefs>CVE-2020-25694 CVE-2020-25695 CVE-2020-25696</define-tag> +<define-tag packages>postgresql-9.6</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2478.wml b/english/lts/security/2020/dla-2478.wml new file mode 100644 index 00000000000..a25814b8093 --- /dev/null +++ b/english/lts/security/2020/dla-2478.wml @@ -0,0 +1,43 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities have been found in the PostgreSQL database system.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25694">CVE-2020-25694</a> + + <p>Peter Eisentraut found that database reconnections may drop options + from the original connection, such as encryption, which could lead + to information disclosure or a man-in-the-middle attack.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25695">CVE-2020-25695</a> + + <p>Etienne Stalmans reported that a user with permissions to create + non-temporary objects in an schema can execute arbitrary SQL + functions as a superuser.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25696">CVE-2020-25696</a> + + <p>Nick Cleaton found that the \gset command modified variables that + control the psql behaviour, which could result in a compromised or + malicious server executing arbitrary code in the user session.</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +9.6.20-0+deb9u1.</p> + +<p>We recommend that you upgrade your postgresql-9.6 packages.</p> + +<p>For the detailed security status of postgresql-9.6 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/postgresql-9.6">https://security-tracker.debian.org/tracker/postgresql-9.6</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2478.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2479.data b/english/lts/security/2020/dla-2479.data new file mode 100644 index 00000000000..ba8dbd0b01d --- /dev/null +++ b/english/lts/security/2020/dla-2479.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2479-1 thunderbird</define-tag> +<define-tag report_date>2020-12-04</define-tag> +<define-tag secrefs>CVE-2020-26970</define-tag> +<define-tag packages>thunderbird</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2479.wml b/english/lts/security/2020/dla-2479.wml new file mode 100644 index 00000000000..5044ff96c5e --- /dev/null +++ b/english/lts/security/2020/dla-2479.wml @@ -0,0 +1,23 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Chiaki Ishikawa discovered a stack overflow in SMTP server status +handling which could potentially result in the execution of arbitrary +code.</p> + +<p>For Debian 9 stretch, this problem has been fixed in version +1:78.5.1-1~deb9u1.</p> + +<p>We recommend that you upgrade your thunderbird packages.</p> + +<p>For the detailed security status of thunderbird please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/thunderbird">https://security-tracker.debian.org/tracker/thunderbird</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2479.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2480.data b/english/lts/security/2020/dla-2480.data new file mode 100644 index 00000000000..4dcdee5df24 --- /dev/null +++ b/english/lts/security/2020/dla-2480.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2480-1 salt</define-tag> +<define-tag report_date>2020-12-04</define-tag> +<define-tag secrefs>CVE-2020-16846 CVE-2020-17490 CVE-2020-25592</define-tag> +<define-tag packages>salt</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2480.wml b/english/lts/security/2020/dla-2480.wml new file mode 100644 index 00000000000..e49d6cd618f --- /dev/null +++ b/english/lts/security/2020/dla-2480.wml @@ -0,0 +1,44 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities were discovered in salt.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-16846">CVE-2020-16846</a> + + <p>An unauthenticated user with network access to the Salt API can use + shell injections to run code on the Salt-API using the SSH client</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-17490">CVE-2020-17490</a> + + <p>When using the functions create_ca, create_csr, and + create_self_signed_cert in the tls execution module, it would not + ensure the key was created with the correct permissions.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25592">CVE-2020-25592</a> + + <p>Properly validate eauth credentials and tokens along with their Access + Control Lists – ACLs. Prior to this change, eauth was not properly + validated when calling Salt SSH via the salt-api. Any value for “eauth” + or “token” would allow a user to bypass authentication and make calls + to Salt SSH</p></li> + +</ul> + +<p>For Debian 9 stretch, these problems have been fixed in version +2016.11.2+ds-1+deb9u6.</p> + +<p>We recommend that you upgrade your salt packages.</p> + +<p>For the detailed security status of salt please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/salt">https://security-tracker.debian.org/tracker/salt</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2480.data" +# $Id: $ diff --git a/english/lts/security/2020/dla-2481.data b/english/lts/security/2020/dla-2481.data new file mode 100644 index 00000000000..6d00ed3906b --- /dev/null +++ b/english/lts/security/2020/dla-2481.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2481-1 openldap</define-tag> +<define-tag report_date>2020-12-04</define-tag> +<define-tag secrefs>CVE-2020-25709 CVE-2020-25710</define-tag> +<define-tag packages>openldap</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2481.wml b/english/lts/security/2020/dla-2481.wml new file mode 100644 index 00000000000..41bf530b445 --- /dev/null +++ b/english/lts/security/2020/dla-2481.wml @@ -0,0 +1,26 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Two vulnerabilities in the certificate list syntax verification and +in the handling of CSN normalization were discovered in OpenLDAP, a +free implementation of the Lightweight Directory Access Protocol. +An unauthenticated remote attacker can take advantage of these +flaws to cause a denial of service (slapd daemon crash) via +specially crafted packets.</p> + +<p>For Debian 9 stretch, these problems have been fixed in version +2.4.44+dfsg-5+deb9u6.</p> + +<p>We recommend that you upgrade your openldap packages.</p> + +<p>For the detailed security status of openldap please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/openldap">https://security-tracker.debian.org/tracker/openldap</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2481.data" +# $Id: $ diff --git a/english/lts/security/dla-long.rdf.in b/english/lts/security/dla-long.rdf.in index 8d0341e7ab0..b3ad38f11d8 100644 --- a/english/lts/security/dla-long.rdf.in +++ b/english/lts/security/dla-long.rdf.in @@ -14,7 +14,7 @@ <channel rdf:about="https://www.debian.org/lts/security/dla.rdf"> <title><gettext domain="security">Debian LTS Security</gettext></title> - <link>http://security.debian.org/</link> + <link>https://www.debian.org/lts/security/</link> <description> <gettext domain="security">Debian LTS Security Advisories</gettext> </description> diff --git a/english/lts/security/dla.rdf.in b/english/lts/security/dla.rdf.in index b44daafa283..9f00f0fadae 100644 --- a/english/lts/security/dla.rdf.in +++ b/english/lts/security/dla.rdf.in @@ -12,9 +12,9 @@ xml:lang="$(CUR_ISO_LANG)" > -<channel rdf:about="https://www.debian.org/security/dla.rdf"> +<channel rdf:about="https://www.debian.org/lts/security/dla.rdf"> <title><gettext domain="security">Debian LTS Security</gettext></title> - <link>http://security.debian.org/</link> + <link>https://www.debian.org/lts/security/</link> <description> <gettext domain="security">Debian LTS Security Advisories</gettext> </description> diff --git a/english/partners/2020/images/Makefile b/english/partners/2020/images/Makefile index eb68d01a31a..2154b7065ba 100644 --- a/english/partners/2020/images/Makefile +++ b/english/partners/2020/images/Makefile @@ -2,7 +2,7 @@ # there should be no need to copy this file to translation directories. WMLBASE=../../.. -CUR_DIR=partners/2019/images +CUR_DIR=partners/2020/images SUBS= include $(WMLBASE)/Make.lang diff --git a/english/partners/2020/images/ampere.jpg b/english/partners/2020/images/ampere.jpg Binary files differnew file mode 100644 index 00000000000..fa198a07b45 --- /dev/null +++ b/english/partners/2020/images/ampere.jpg diff --git a/english/partners/2020/images/freenode.png b/english/partners/2020/images/freenode.png Binary files differdeleted file mode 100644 index f9351a96ca2..00000000000 --- a/english/partners/2020/images/freenode.png +++ /dev/null diff --git a/english/partners/2020/images/hetzner-logo.svg b/english/partners/2020/images/hetzner-logo.svg new file mode 100644 index 00000000000..f5812ee2473 --- /dev/null +++ b/english/partners/2020/images/hetzner-logo.svg @@ -0,0 +1 @@ +<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 181.42 22.24"><defs><style>.cls-1{fill:#d50c2d;}</style></defs><title>Element 1</title><g id="Ebene_2" data-name="Ebene 2"><g id="Logo_Pur" data-name="Logo Pur"><g id="Logo"><g id="HETZNER"><path class="cls-1" d="M174.05,14.12a10.22,10.22,0,0,0,4.53-2l0,0a6.15,6.15,0,0,0,1.68-4.78,7.71,7.71,0,0,0-1.14-4.06A6.47,6.47,0,0,0,173.84.09l-1.09,0L170.2,0,158.66,0c-.7,0-1,.29-1,1V21.22c0,.7.29,1,1,1h3c.7,0,1-.29,1-1v-6.7h3.67a3.48,3.48,0,0,1,2.17.91l5.82,5.85a3.08,3.08,0,0,0,2,.92h4.47c.7,0,.87-.41.38-.91Zm-.76-4.3H162.64V4.72h10.65a2.13,2.13,0,0,1,1.87,2.15v.79A2.14,2.14,0,0,1,173.29,9.82Z"/><path class="cls-1" d="M153,17.52H136.47V13.35h13.19c.7,0,1-.29,1-1V9.92c0-.7-.29-1-1-1h-13.2V4.76H153c.7,0,1-.29,1-1V1c0-.7-.29-1-1-1H132.38c-.7,0-1,.29-1,1V21.24c0,.7.29,1,1,1H153c.7,0,1-.29,1-1V18.51C154,17.81,153.67,17.52,153,17.52Z"/><path class="cls-1" d="M127.73,7.3a7.25,7.25,0,0,0-1.13-4A6.61,6.61,0,0,0,121.24,0L106.08,0c-.71,0-1,.29-1,1V21.22c0,.7.29,1,1,1h3.26c.7,0,1-.28,1-1V4.73l8.78,0c1.87,0,3.69,1.24,3.69,3.11V21.24c0,.7.29,1,1,1h2.95c.71,0,1-.29,1-1Z"/><path class="cls-1" d="M100.47,17.39l-14.25,0L100.5,4.84a2.57,2.57,0,0,0,1-1.84V1c0-.7-.3-1-1-1H79.83c-.7,0-1,.29-1,1V3.77c0,.7.29,1,1,1H93.08L79.79,17.24a2.62,2.62,0,0,0-1,1.84v2.17c0,.7.29,1,1,1l20.65,0c.7,0,1-.29,1-1V18.38C101.46,17.68,101.17,17.39,100.47,17.39Z"/><path class="cls-1" d="M74.19,0H53.55c-.71,0-1,.28-1,1V3.76c0,.7.28,1,1,1h7.78V21.24c0,.7.29,1,1,1h3.3c.7,0,1-.29,1-1V4.75h7.57c.7,0,1-.29,1-1V1C75.18.32,74.89,0,74.19,0Z"/><path class="cls-1" d="M47.91,17.52H31.41V13.35H44.6c.7,0,1-.29,1-1V9.92c0-.7-.28-1-1-1H31.41V4.76h16.5c.7,0,1-.29,1-1V1c0-.7-.29-1-1-1H27.33c-.7,0-1,.29-1,1V21.24c0,.7.29,1,1,1H47.91c.7,0,1-.29,1-1V18.51C48.9,17.81,48.61,17.52,47.91,17.52Z"/><path class="cls-1" d="M21.63,0H18.52c-.7,0-1,.29-1,1V8.87H5.13V1c0-.7-.29-1-1-1H1C.29,0,0,.29,0,1V21.25c0,.71.29,1,1,1H4.13c.7,0,1-.28,1-1v-8h12.4v8c0,.7.29,1,1,1h3.11c.7,0,1-.29,1-1V1C22.62.32,22.33,0,21.63,0Z"/></g></g></g></g></svg>
\ No newline at end of file diff --git a/english/partners/2020/images/opensourcepress.png b/english/partners/2020/images/opensourcepress.png Binary files differdeleted file mode 100644 index 1a20b3efc0c..00000000000 --- a/english/partners/2020/images/opensourcepress.png +++ /dev/null diff --git a/english/partners/2020/images/progeny.png b/english/partners/2020/images/progeny.png Binary files differdeleted file mode 100644 index b21aeef38e5..00000000000 --- a/english/partners/2020/images/progeny.png +++ /dev/null diff --git a/english/partners/2020/images/sun.png b/english/partners/2020/images/sun.png Binary files differdeleted file mode 100644 index 855d13dfba7..00000000000 --- a/english/partners/2020/images/sun.png +++ /dev/null diff --git a/english/partners/2020/images/tmi_logo.png b/english/partners/2020/images/tmi_logo.png Binary files differdeleted file mode 100644 index c57473b9045..00000000000 --- a/english/partners/2020/images/tmi_logo.png +++ /dev/null diff --git a/english/partners/2020/images/valogo.jpg b/english/partners/2020/images/valogo.jpg Binary files differdeleted file mode 100644 index 6bbc4fee29e..00000000000 --- a/english/partners/2020/images/valogo.jpg +++ /dev/null diff --git a/english/partners/2020/partners.data b/english/partners/2020/partners.data index 36b48b6d4dc..cfe1ca1be58 100644 --- a/english/partners/2020/partners.data +++ b/english/partners/2020/partners.data @@ -123,6 +123,17 @@ </div> <hr> + + <div id="hetzner"> + <partnerlogo "Hetzner" hetzner-logo.svg "https://www.hetzner.com"> + # date added: 2020/11/26 + <partnerdesc> + <hetzner1> + <hetzner2> + </partnerdesc> + </div> + +<hr> <div id="HPE"> <partnerlogo "HPE" hpe.png "https://developer.hpe.com/projects"> @@ -209,17 +220,6 @@ <hr> - <div id="Telegraaf"> - <partnerlogo "Telegraaf Media ICT BV" tmi_logo.png "https://www.telegraaf.nl/"> - <partnerdesc> - <telegraaf1> - <telegraaf2> - <telegraaf3> - </partnerdesc> - </div> - - <hr> - <div id="Thomas-Krenn"> <partnerlogo "Thomas-Krenn.AG" thomas-krenn.png "https://www.thomas-krenn.com/"> <partnerdesc> diff --git a/english/partners/images/freenode.png b/english/partners/images/freenode.png Binary files differdeleted file mode 100644 index f9351a96ca2..00000000000 --- a/english/partners/images/freenode.png +++ /dev/null diff --git a/english/partners/images/hetzner-logo.svg b/english/partners/images/hetzner-logo.svg new file mode 100644 index 00000000000..f5812ee2473 --- /dev/null +++ b/english/partners/images/hetzner-logo.svg @@ -0,0 +1 @@ +<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 181.42 22.24"><defs><style>.cls-1{fill:#d50c2d;}</style></defs><title>Element 1</title><g id="Ebene_2" data-name="Ebene 2"><g id="Logo_Pur" data-name="Logo Pur"><g id="Logo"><g id="HETZNER"><path class="cls-1" d="M174.05,14.12a10.22,10.22,0,0,0,4.53-2l0,0a6.15,6.15,0,0,0,1.68-4.78,7.71,7.71,0,0,0-1.14-4.06A6.47,6.47,0,0,0,173.84.09l-1.09,0L170.2,0,158.66,0c-.7,0-1,.29-1,1V21.22c0,.7.29,1,1,1h3c.7,0,1-.29,1-1v-6.7h3.67a3.48,3.48,0,0,1,2.17.91l5.82,5.85a3.08,3.08,0,0,0,2,.92h4.47c.7,0,.87-.41.38-.91Zm-.76-4.3H162.64V4.72h10.65a2.13,2.13,0,0,1,1.87,2.15v.79A2.14,2.14,0,0,1,173.29,9.82Z"/><path class="cls-1" d="M153,17.52H136.47V13.35h13.19c.7,0,1-.29,1-1V9.92c0-.7-.29-1-1-1h-13.2V4.76H153c.7,0,1-.29,1-1V1c0-.7-.29-1-1-1H132.38c-.7,0-1,.29-1,1V21.24c0,.7.29,1,1,1H153c.7,0,1-.29,1-1V18.51C154,17.81,153.67,17.52,153,17.52Z"/><path class="cls-1" d="M127.73,7.3a7.25,7.25,0,0,0-1.13-4A6.61,6.61,0,0,0,121.24,0L106.08,0c-.71,0-1,.29-1,1V21.22c0,.7.29,1,1,1h3.26c.7,0,1-.28,1-1V4.73l8.78,0c1.87,0,3.69,1.24,3.69,3.11V21.24c0,.7.29,1,1,1h2.95c.71,0,1-.29,1-1Z"/><path class="cls-1" d="M100.47,17.39l-14.25,0L100.5,4.84a2.57,2.57,0,0,0,1-1.84V1c0-.7-.3-1-1-1H79.83c-.7,0-1,.29-1,1V3.77c0,.7.29,1,1,1H93.08L79.79,17.24a2.62,2.62,0,0,0-1,1.84v2.17c0,.7.29,1,1,1l20.65,0c.7,0,1-.29,1-1V18.38C101.46,17.68,101.17,17.39,100.47,17.39Z"/><path class="cls-1" d="M74.19,0H53.55c-.71,0-1,.28-1,1V3.76c0,.7.28,1,1,1h7.78V21.24c0,.7.29,1,1,1h3.3c.7,0,1-.29,1-1V4.75h7.57c.7,0,1-.29,1-1V1C75.18.32,74.89,0,74.19,0Z"/><path class="cls-1" d="M47.91,17.52H31.41V13.35H44.6c.7,0,1-.29,1-1V9.92c0-.7-.28-1-1-1H31.41V4.76h16.5c.7,0,1-.29,1-1V1c0-.7-.29-1-1-1H27.33c-.7,0-1,.29-1,1V21.24c0,.7.29,1,1,1H47.91c.7,0,1-.29,1-1V18.51C48.9,17.81,48.61,17.52,47.91,17.52Z"/><path class="cls-1" d="M21.63,0H18.52c-.7,0-1,.29-1,1V8.87H5.13V1c0-.7-.29-1-1-1H1C.29,0,0,.29,0,1V21.25c0,.71.29,1,1,1H4.13c.7,0,1-.28,1-1v-8h12.4v8c0,.7.29,1,1,1h3.11c.7,0,1-.29,1-1V1C22.62.32,22.33,0,21.63,0Z"/></g></g></g></g></svg>
\ No newline at end of file diff --git a/english/partners/images/progeny.png b/english/partners/images/progeny.png Binary files differdeleted file mode 100644 index b21aeef38e5..00000000000 --- a/english/partners/images/progeny.png +++ /dev/null diff --git a/english/partners/images/sun.png b/english/partners/images/sun.png Binary files differdeleted file mode 100644 index 855d13dfba7..00000000000 --- a/english/partners/images/sun.png +++ /dev/null diff --git a/english/partners/images/valogo.jpg b/english/partners/images/valogo.jpg Binary files differdeleted file mode 100644 index 6bbc4fee29e..00000000000 --- a/english/partners/images/valogo.jpg +++ /dev/null diff --git a/english/partners/partners.def b/english/partners/partners.def index ad7ab26a1bf..d179cb4a662 100644 --- a/english/partners/partners.def +++ b/english/partners/partners.def @@ -77,9 +77,10 @@ </define-tag> ## dg-i +# last update: 2020/11/26 <define-tag dg-i1 whitespace=delete> - <p><gettext domain="partners"><a href="http://www.dg-i.net/">DG-i</a> provides the Debian project with hardware and hosting services from their colocation sites via high-speed connection. <a href="https://wiki.debian.org">wiki.debian.org</a> received an IBM x360 server. </gettext></p> + <p><gettext domain="partners"><a href="http://www.dg-i.net/">DG-i</a> provides the Debian project with hosting services from their colocation sites via high-speed connection.</gettext></p> </define-tag> <define-tag dg-i2 whitespace=delete> @@ -96,10 +97,10 @@ </define-tag> ## Fastly -# last update: 2017/11/25 (New addition) +# last update: 2020/11/26 <define-tag fastly1 whitespace=delete> - <p><gettext domain="partners"><a href="https://www.fastly.com/">Fastly</a> provides Debian with content delivery network (CDN) services and is helping us deliver packages to users through <a href="https://deb.debian.org/">deb.debian.org</a>.</gettext></p> \ + <p><gettext domain="partners"><a href="https://www.fastly.com/">Fastly</a> provides Debian with content delivery network (CDN) services and is helping us deliver packages to users through <a href="https://deb.debian.org/">deb.debian.org</a> and <a href="http://security.debian.org">security.debian.org</a>.</gettext></p> </define-tag> <define-tag fastly2 whitespace=delete> <p><gettext domain="partners">Fastly’s edge cloud platform provides advanced application delivery and cloud security for the world’s most popular online destinations. Fastly works with the best of the Internet, serving 14 trillion requests each month, more than 10 percent of all internet requests.</gettext></p> @@ -125,6 +126,15 @@ <p><gettext domain="partners">Google is one of the largest technology companies in the world, providing a wide range of Internet-related services and products as online advertising technologies, search, cloud computing, software, and hardware.</gettext></p> </define-tag> +## Hetzner +# date added: 2020/11/26 + <define-tag hetzner1 whitespace=delete> + <p><gettext domain="partners"><a href="https://www.hetzner.com">Hetzner</a> provides the Debian project with hosting services.</gettext></p> + </define-tag> + <define-tag hetzner2 whitespace=delete> + <p><gettext domain="partners">Hetzner Online is a professional web hosting provider and experienced data center operator. Since 1997 the company has provided private and business clients with high-performance hosting products as well as the necessary infrastructure for the efficient operation of websites. A combination of stable technology, attractive pricing and flexible support and services has enabled Hetzner Online to continuously strengthen its market position both nationally and internationally. The company owns several data centers in Germany and Finland.</gettext></p> + </define-tag> + ## HPE # last update: 2017/03/25 (new logo, update description) @@ -137,10 +147,10 @@ ## Leaseweb # date added: 2017/05/20 -# last update: 2017/05/20 +# last update: 2020/11/26 <define-tag leaseweb1 whitespace=delete> - <p><gettext domain="partners"><a href="https://www.leaseweb.com/">LeaseWeb</a> has been one of two partners that provide the infrastructure for the <a href="https://snapshot.debian.org">Debian OS Snapshot Archive</a> since <a href="https://www.debian.org/News/2014/20141014">October 2014</a>, providing 80 Terabytes (TB) of capacity. In 2017 they renewed their support by provisioning two additional dedicated servers that expanded the storage at their location by 50%, enough to accommodate anticipated growth for years to come.</gettext></p> \ + <p><gettext domain="partners"><a href="https://www.leaseweb.com/">LeaseWeb</a> has been one of two partners that provide the infrastructure for the <a href="https://snapshot.debian.org">Debian OS Snapshot Archive</a> since <a href="https://www.debian.org/News/2014/20141014">October 2014</a>, providing 300 Terabytes (TB) of capacity. In 2020 they renewed their support by provisioning new dedicated servers with bigger disk drives, enough to accommodate anticipated growth for years to come.</gettext></p> \ </define-tag> <define-tag leaseweb2 whitespace=delete> <p><gettext domain="partners">LeaseWeb is a global Infrastructure-as-a-Service (IaaS) provider – offering customers on-demand, world-class hosting solutions, from dedicated servers to cloud solutions. You can learn more about LeaseWeb visiting their <a href="https://www.leaseweb.com/">website</a>.</gettext></p> @@ -156,9 +166,10 @@ </define-tag> ## Man-Da +# last update: 2020/11/26 <define-tag man-da1 whitespace=delete> -<p><gettext domain="partners"><a href="http://www.man-da.de/">man-da.de GmbH</a> is the backbone provider of the Metropolitan Area Network Darmstadt. It is supporting Debian by hosting several debian.org and debian.net servers as well as the buildd network for experimental and debconf.org machines.</gettext></p> +<p><gettext domain="partners"><a href="http://www.man-da.de/">man-da.de GmbH</a> is the backbone provider of the Metropolitan Area Network Darmstadt. It is supporting Debian by hosting several debian.org and debian.net servers.</gettext></p> </define-tag> <define-tag man-da2 whitespace=delete> @@ -167,7 +178,6 @@ ## OSUOSL # last update: 2017/06/23 (new logo) -# partner of the month 20170812 - until November 2017 <define-tag osuosl1 whitespace=delete> <p><gettext domain="partners"><a href="http://osuosl.org/">The Oregon State University Open Source Lab</a> provides hosting and administration services to the Debian project.</gettext></p> @@ -207,18 +217,6 @@ <p><gettext domain="partners">StackPath is a platform of secure edge services that enables developers to protect, accelerate, and innovate cloud properties ranging from websites to media delivery and IoT services.</gettext></p> </define-tag> -## Telegraaf - - <define-tag telegraaf1 whitespace=delete> - <p><gettext domain="partners"><a href="http://www.telegraaf.nl/">Telegraaf Media ICT BV</a> is supporting the Debian community by donating hardware, rackspace and bandwidth for the Debian server hosting alioth, arch and svn.</gettext></p> -</define-tag> - <define-tag telegraaf2 whitespace=delete> - <p><gettext domain="partners">Telegraaf Media ICT BV is running its internet infrastructure (appx. 200 Intel based servers) mainly based on Debian GNU/Linux servers; the sysadmins are highly motivated Debian users and some of them also Debian maintainers.</gettext></p> -</define-tag> - <define-tag telegraaf3 whitespace=delete> - <p><gettext domain="partners">Telegraaf Media Group runs some of the most popular Dutch websites (http://www.telegraaf.nl, http://www.speurders.nl and http://www.dft.nl) as well as the two biggest newspapers in The Netherlands.</gettext></p> -</define-tag> - ## Thomas Krenn <define-tag thomaskrenn1 whitespace=delete> @@ -327,3 +325,18 @@ <define-tag simtec2 whitespace=delete> <p><gettext domain="partners">Simtec is a leading provider of ARM based computing products. We have a range of <a href="http://www.simtec.co.uk/products/boards.html">boards</a> which serve a wide range of uses within the embedded market. We provide a complete range of products and solutions which can be tailored to suit the customers needs from off the shelf integrator solutions right through to fully custom designs. All of our products ship with open source tools and operating systems.</gettext></p> </define-tag> + + +## Telegraaf +# last update: 2020/11/26 - removal + + <define-tag telegraaf1 whitespace=delete> + <p><gettext domain="partners"><a href="http://www.telegraaf.nl/">Telegraaf Media ICT BV</a> is supporting the Debian community by donating hardware, rackspace and bandwidth for the Debian server hosting alioth, arch and svn.</gettext></p> +</define-tag> + <define-tag telegraaf2 whitespace=delete> + <p><gettext domain="partners">Telegraaf Media ICT BV is running its internet infrastructure (appx. 200 Intel based servers) mainly based on Debian GNU/Linux servers; the sysadmins are highly motivated Debian users and some of them also Debian maintainers.</gettext></p> +</define-tag> + <define-tag telegraaf3 whitespace=delete> + <p><gettext domain="partners">Telegraaf Media Group runs some of the most popular Dutch websites (http://www.telegraaf.nl, http://www.speurders.nl and http://www.dft.nl) as well as the two biggest newspapers in The Netherlands.</gettext></p> +</define-tag> + diff --git a/english/po/Makefile b/english/po/Makefile index 43fde569beb..58425a4f9f1 100644 --- a/english/po/Makefile +++ b/english/po/Makefile @@ -61,7 +61,6 @@ others_FILES = \ $(ENGLISHDIR)/distrib/pre-installed.data $(ENGLISHDIR)/distrib/pre-installed.defs \ $(ENGLISHDIR)/logos/index.data \ $(ENGLISHDIR)/events/merchandise.def \ - $(ENGLISHDIR)/y2k/l10n.data \ $(ENGLISHDIR)/devel/join/nm-steps.inc \ $(ENGLISHDIR)/mirror/submit.inc \ $(ENGLISHDIR)/women/profiles/profiles.def diff --git a/english/po/cdimage.pot b/english/po/cdimage.pot index 91ceec330a4..c2cb82c5356 100644 --- a/english/po/cdimage.pot +++ b/english/po/cdimage.pot @@ -57,42 +57,38 @@ msgid "<void id=\"dc_torrent\" />Download with Torrent" msgstr "" #: ../../english/template/debian/cdimage.wml:49 -msgid "<void id=\"dc_relinfo\" />Image Release Info" -msgstr "" - -#: ../../english/template/debian/cdimage.wml:52 msgid "Debian CD team" msgstr "" -#: ../../english/template/debian/cdimage.wml:55 +#: ../../english/template/debian/cdimage.wml:52 msgid "debian_on_cd" msgstr "" -#: ../../english/template/debian/cdimage.wml:58 +#: ../../english/template/debian/cdimage.wml:55 msgid "<void id=\"faq-bottom\" />faq" msgstr "" -#: ../../english/template/debian/cdimage.wml:61 +#: ../../english/template/debian/cdimage.wml:58 msgid "jigdo" msgstr "" -#: ../../english/template/debian/cdimage.wml:64 +#: ../../english/template/debian/cdimage.wml:61 msgid "http_ftp" msgstr "" -#: ../../english/template/debian/cdimage.wml:67 +#: ../../english/template/debian/cdimage.wml:64 msgid "buy" msgstr "" -#: ../../english/template/debian/cdimage.wml:70 +#: ../../english/template/debian/cdimage.wml:67 msgid "net_install" msgstr "" -#: ../../english/template/debian/cdimage.wml:73 +#: ../../english/template/debian/cdimage.wml:70 msgid "<void id=\"misc-bottom\" />misc" msgstr "" -#: ../../english/template/debian/cdimage.wml:76 +#: ../../english/template/debian/cdimage.wml:73 msgid "English-language <a href=\"/MailingLists/disclaimer\">public mailing list</a> for CDs/DVDs:" msgstr "" diff --git a/english/po/countries.pot b/english/po/countries.pot index e948456d938..03a63df5bb6 100644 --- a/english/po/countries.pot +++ b/english/po/countries.pot @@ -216,210 +216,214 @@ msgid "Kyrgyzstan" msgstr "" #: ../../english/template/debian/countries.wml:270 -msgid "Korea" +msgid "Cambodia" msgstr "" #: ../../english/template/debian/countries.wml:273 -msgid "Kuwait" +msgid "Korea" msgstr "" #: ../../english/template/debian/countries.wml:276 -msgid "Kazakhstan" +msgid "Kuwait" msgstr "" #: ../../english/template/debian/countries.wml:279 -msgid "Sri Lanka" +msgid "Kazakhstan" msgstr "" #: ../../english/template/debian/countries.wml:282 -msgid "Lithuania" +msgid "Sri Lanka" msgstr "" #: ../../english/template/debian/countries.wml:285 -msgid "Luxembourg" +msgid "Lithuania" msgstr "" #: ../../english/template/debian/countries.wml:288 -msgid "Latvia" +msgid "Luxembourg" msgstr "" #: ../../english/template/debian/countries.wml:291 -msgid "Morocco" +msgid "Latvia" msgstr "" #: ../../english/template/debian/countries.wml:294 -msgid "Moldova" +msgid "Morocco" msgstr "" #: ../../english/template/debian/countries.wml:297 -msgid "Montenegro" +msgid "Moldova" msgstr "" #: ../../english/template/debian/countries.wml:300 -msgid "Madagascar" +msgid "Montenegro" msgstr "" #: ../../english/template/debian/countries.wml:303 -msgid "Macedonia, Republic of" +msgid "Madagascar" msgstr "" #: ../../english/template/debian/countries.wml:306 -msgid "Mongolia" +msgid "Macedonia, Republic of" msgstr "" #: ../../english/template/debian/countries.wml:309 -msgid "Malta" +msgid "Mongolia" msgstr "" #: ../../english/template/debian/countries.wml:312 -msgid "Mexico" +msgid "Malta" msgstr "" #: ../../english/template/debian/countries.wml:315 -msgid "Malaysia" +msgid "Mexico" msgstr "" #: ../../english/template/debian/countries.wml:318 -msgid "New Caledonia" +msgid "Malaysia" msgstr "" #: ../../english/template/debian/countries.wml:321 -msgid "Nicaragua" +msgid "New Caledonia" msgstr "" #: ../../english/template/debian/countries.wml:324 -msgid "Netherlands" +msgid "Nicaragua" msgstr "" #: ../../english/template/debian/countries.wml:327 -msgid "Norway" +msgid "Netherlands" msgstr "" #: ../../english/template/debian/countries.wml:330 -msgid "New Zealand" +msgid "Norway" msgstr "" #: ../../english/template/debian/countries.wml:333 -msgid "Panama" +msgid "New Zealand" msgstr "" #: ../../english/template/debian/countries.wml:336 -msgid "Peru" +msgid "Panama" msgstr "" #: ../../english/template/debian/countries.wml:339 -msgid "French Polynesia" +msgid "Peru" msgstr "" #: ../../english/template/debian/countries.wml:342 -msgid "Philippines" +msgid "French Polynesia" msgstr "" #: ../../english/template/debian/countries.wml:345 -msgid "Pakistan" +msgid "Philippines" msgstr "" #: ../../english/template/debian/countries.wml:348 -msgid "Poland" +msgid "Pakistan" msgstr "" #: ../../english/template/debian/countries.wml:351 -msgid "Portugal" +msgid "Poland" msgstr "" #: ../../english/template/debian/countries.wml:354 -msgid "Réunion" +msgid "Portugal" msgstr "" #: ../../english/template/debian/countries.wml:357 -msgid "Romania" +msgid "Réunion" msgstr "" #: ../../english/template/debian/countries.wml:360 -msgid "Serbia" +msgid "Romania" msgstr "" #: ../../english/template/debian/countries.wml:363 -msgid "Russia" +msgid "Serbia" msgstr "" #: ../../english/template/debian/countries.wml:366 -msgid "Saudi Arabia" +msgid "Russia" msgstr "" #: ../../english/template/debian/countries.wml:369 -msgid "Sweden" +msgid "Saudi Arabia" msgstr "" #: ../../english/template/debian/countries.wml:372 -msgid "Singapore" +msgid "Sweden" msgstr "" #: ../../english/template/debian/countries.wml:375 -msgid "Slovenia" +msgid "Singapore" msgstr "" #: ../../english/template/debian/countries.wml:378 -msgid "Slovakia" +msgid "Slovenia" msgstr "" #: ../../english/template/debian/countries.wml:381 -msgid "El Salvador" +msgid "Slovakia" msgstr "" #: ../../english/template/debian/countries.wml:384 -msgid "Thailand" +msgid "El Salvador" msgstr "" #: ../../english/template/debian/countries.wml:387 -msgid "Tajikistan" +msgid "Thailand" msgstr "" #: ../../english/template/debian/countries.wml:390 -msgid "Tunisia" +msgid "Tajikistan" msgstr "" #: ../../english/template/debian/countries.wml:393 -msgid "Turkey" +msgid "Tunisia" msgstr "" #: ../../english/template/debian/countries.wml:396 -msgid "Taiwan" +msgid "Turkey" msgstr "" #: ../../english/template/debian/countries.wml:399 -msgid "Ukraine" +msgid "Taiwan" msgstr "" #: ../../english/template/debian/countries.wml:402 -msgid "United States" +msgid "Ukraine" msgstr "" #: ../../english/template/debian/countries.wml:405 -msgid "Uruguay" +msgid "United States" msgstr "" #: ../../english/template/debian/countries.wml:408 -msgid "Uzbekistan" +msgid "Uruguay" msgstr "" #: ../../english/template/debian/countries.wml:411 -msgid "Venezuela" +msgid "Uzbekistan" msgstr "" #: ../../english/template/debian/countries.wml:414 -msgid "Vietnam" +msgid "Venezuela" msgstr "" #: ../../english/template/debian/countries.wml:417 -msgid "Vanuatu" +msgid "Vietnam" msgstr "" #: ../../english/template/debian/countries.wml:420 -msgid "South Africa" +msgid "Vanuatu" msgstr "" #: ../../english/template/debian/countries.wml:423 +msgid "South Africa" +msgstr "" + +#: ../../english/template/debian/countries.wml:426 msgid "Zimbabwe" msgstr "" diff --git a/english/po/newsevents.pot b/english/po/newsevents.pot index e424519287e..b3cb14be79c 100644 --- a/english/po/newsevents.pot +++ b/english/po/newsevents.pot @@ -142,112 +142,120 @@ msgstr "" msgid "Welcome to this year's <get-var issue /> issue of DPN, the newsletter for the Debian community. Topics covered in this issue include:" msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:56 -#: ../../english/template/debian/projectnews/boilerplates.wml:77 +#: ../../english/template/debian/projectnews/boilerplates.wml:43 +msgid "Welcome to this year's <get-var issue /> issue of DPN, the newsletter for the Debian community." +msgstr "" + +#: ../../english/template/debian/projectnews/boilerplates.wml:49 +msgid "Other topics covered in this issue include:" +msgstr "" + +#: ../../english/template/debian/projectnews/boilerplates.wml:69 +#: ../../english/template/debian/projectnews/boilerplates.wml:90 msgid "According to the <a href=\"https://udd.debian.org/bugs.cgi\">Bugs Search interface of the Ultimate Debian Database</a>, the upcoming release, Debian <q><get-var release /></q>, is currently affected by <get-var testing /> Release-Critical bugs. Ignoring bugs which are easily solved or on the way to being solved, roughly speaking, about <get-var tobefixed /> Release-Critical bugs remain to be solved for the release to happen." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:57 +#: ../../english/template/debian/projectnews/boilerplates.wml:70 msgid "There are also some <a href=\"https://wiki.debian.org/ProjectNews/RC-Stats\">hints on how to interpret</a> these numbers." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:78 +#: ../../english/template/debian/projectnews/boilerplates.wml:91 msgid "There are also <a href=\"<get-var url />\">more detailed statistics</a> as well as some <a href=\"https://wiki.debian.org/ProjectNews/RC-Stats\">hints on how to interpret</a> these numbers." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:102 +#: ../../english/template/debian/projectnews/boilerplates.wml:115 msgid "<a href=\"<get-var link />\">Currently</a> <a href=\"m4_DEVEL/wnpp/orphaned\"><get-var orphaned /> packages are orphaned</a> and <a href=\"m4_DEVEL/wnpp/rfa\"><get-var rfa /> packages are up for adoption</a>: please visit the complete list of <a href=\"m4_DEVEL/wnpp/help_requested\">packages which need your help</a>." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:114 +#: ../../english/template/debian/projectnews/boilerplates.wml:127 msgid "Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the <a href=\"https://wiki.debian.org/ProjectNews/HowToContribute\">contributing page</a> to find out how to help. We're looking forward to receiving your mail at <a href=\"mailto:debian-publicity@lists.debian.org\">debian-publicity@lists.debian.org</a>." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:175 +#: ../../english/template/debian/projectnews/boilerplates.wml:188 msgid "Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the <a href=\"<get-var url-dsa />\">security mailing list</a> (and the separate <a href=\"<get-var url-bpo />\">backports list</a>, and <a href=\"<get-var url-stable-announce />\">stable updates list</a>) for announcements." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:176 +#: ../../english/template/debian/projectnews/boilerplates.wml:189 msgid "Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the <a href=\"<get-var url-dsa />\">security mailing list</a> (and the separate <a href=\"<get-var url-bpo />\">backports list</a>, and <a href=\"<get-var url-stable-announce />\">stable updates list</a> or <a href=\"<get-var url-volatile-announce />\">volatile list</a>, for <q><get-var old-stable /></q>, the oldstable distribution) for announcements." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:185 +#: ../../english/template/debian/projectnews/boilerplates.wml:198 msgid "Debian's Stable Release Team released an update announcement for the package: " msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:187 #: ../../english/template/debian/projectnews/boilerplates.wml:200 #: ../../english/template/debian/projectnews/boilerplates.wml:213 -#: ../../english/template/debian/projectnews/boilerplates.wml:344 -#: ../../english/template/debian/projectnews/boilerplates.wml:358 +#: ../../english/template/debian/projectnews/boilerplates.wml:226 +#: ../../english/template/debian/projectnews/boilerplates.wml:357 +#: ../../english/template/debian/projectnews/boilerplates.wml:371 msgid ", " msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:188 #: ../../english/template/debian/projectnews/boilerplates.wml:201 #: ../../english/template/debian/projectnews/boilerplates.wml:214 -#: ../../english/template/debian/projectnews/boilerplates.wml:345 -#: ../../english/template/debian/projectnews/boilerplates.wml:359 +#: ../../english/template/debian/projectnews/boilerplates.wml:227 +#: ../../english/template/debian/projectnews/boilerplates.wml:358 +#: ../../english/template/debian/projectnews/boilerplates.wml:372 msgid " and " msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:189 #: ../../english/template/debian/projectnews/boilerplates.wml:202 #: ../../english/template/debian/projectnews/boilerplates.wml:215 +#: ../../english/template/debian/projectnews/boilerplates.wml:228 msgid ". " msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:189 #: ../../english/template/debian/projectnews/boilerplates.wml:202 #: ../../english/template/debian/projectnews/boilerplates.wml:215 +#: ../../english/template/debian/projectnews/boilerplates.wml:228 msgid "Please read them carefully and take the proper measures." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:198 +#: ../../english/template/debian/projectnews/boilerplates.wml:211 msgid "Debian's Backports Team released advisories for these packages: " msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:211 +#: ../../english/template/debian/projectnews/boilerplates.wml:224 msgid "Debian's Security Team recently released advisories for these packages (among others): " msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:240 +#: ../../english/template/debian/projectnews/boilerplates.wml:253 msgid "<get-var num-newpkg /> packages were added to the unstable Debian archive recently." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:242 +#: ../../english/template/debian/projectnews/boilerplates.wml:255 msgid " <a href=\"<get-var url-newpkg />\">Among many others</a> are:" msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:269 +#: ../../english/template/debian/projectnews/boilerplates.wml:282 msgid "There are several upcoming Debian-related events:" msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:275 +#: ../../english/template/debian/projectnews/boilerplates.wml:288 msgid "You can find more information about Debian-related events and talks on the <a href=\"<get-var events-section />\">events section</a> of the Debian web site, or subscribe to one of our events mailing lists for different regions: <a href=\"<get-var events-ml-eu />\">Europe</a>, <a href=\"<get-var events-ml-nl />\">Netherlands</a>, <a href=\"<get-var events-ml-ha />\">Hispanic America</a>, <a href=\"<get-var events-ml-na />\">North America</a>." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:300 +#: ../../english/template/debian/projectnews/boilerplates.wml:313 msgid "Do you want to organise a Debian booth or a Debian install party? Are you aware of other upcoming Debian-related events? Have you delivered a Debian talk that you want to link on our <a href=\"<get-var events-talks />\">talks page</a>? Send an email to the <a href=\"<get-var events-team />\">Debian Events Team</a>." msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:322 +#: ../../english/template/debian/projectnews/boilerplates.wml:335 msgid "<get-var dd-num /> applicants have been <a href=\"<get-var dd-url />\">accepted</a> as Debian Developers" msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:329 +#: ../../english/template/debian/projectnews/boilerplates.wml:342 msgid "<get-var dm-num /> applicants have been <a href=\"<get-var dm-url />\">accepted</a> as Debian Maintainers" msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:336 +#: ../../english/template/debian/projectnews/boilerplates.wml:349 msgid "<get-var uploader-num /> people have <a href=\"<get-var uploader-url />\">started to maintain packages</a>" msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:381 +#: ../../english/template/debian/projectnews/boilerplates.wml:394 msgid "<get-var eval-newcontributors-text-list /> since the previous issue of the Debian Project News. Please welcome <get-var eval-newcontributors-name-list /> into our project!" msgstr "" -#: ../../english/template/debian/projectnews/boilerplates.wml:394 +#: ../../english/template/debian/projectnews/boilerplates.wml:407 msgid "The <get-var issue-devel-news /> issue of the <a href=\"<get-var url-devel-news />\">miscellaneous news for developers</a> has been released and covers the following topics:" msgstr "" diff --git a/english/po/organization.pot b/english/po/organization.pot index f5ab07f05e9..73d136b91d6 100644 --- a/english/po/organization.pot +++ b/english/po/organization.pot @@ -105,27 +105,27 @@ msgid "Distribution" msgstr "" #: ../../english/intro/organization.data:72 -#: ../../english/intro/organization.data:239 +#: ../../english/intro/organization.data:209 msgid "Communication and Outreach" msgstr "" #: ../../english/intro/organization.data:74 -#: ../../english/intro/organization.data:242 +#: ../../english/intro/organization.data:212 msgid "Data Protection team" msgstr "" #: ../../english/intro/organization.data:75 -#: ../../english/intro/organization.data:246 +#: ../../english/intro/organization.data:217 msgid "Publicity team" msgstr "" #: ../../english/intro/organization.data:77 -#: ../../english/intro/organization.data:319 +#: ../../english/intro/organization.data:290 msgid "Membership in other organizations" msgstr "" #: ../../english/intro/organization.data:78 -#: ../../english/intro/organization.data:347 +#: ../../english/intro/organization.data:318 msgid "Support and Infrastructure" msgstr "" @@ -229,187 +229,163 @@ msgstr "" msgid "Work-Needing and Prospective Packages list" msgstr "" -#: ../../english/intro/organization.data:200 -msgid "Ports" -msgstr "" - -#: ../../english/intro/organization.data:230 -msgid "Special Configurations" -msgstr "" - -#: ../../english/intro/organization.data:232 -msgid "Laptops" -msgstr "" - -#: ../../english/intro/organization.data:233 -msgid "Firewalls" -msgstr "" - -#: ../../english/intro/organization.data:234 -msgid "Embedded systems" -msgstr "" - -#: ../../english/intro/organization.data:249 +#: ../../english/intro/organization.data:220 msgid "Press Contact" msgstr "" -#: ../../english/intro/organization.data:251 +#: ../../english/intro/organization.data:222 msgid "Web Pages" msgstr "" -#: ../../english/intro/organization.data:263 +#: ../../english/intro/organization.data:234 msgid "Planet Debian" msgstr "" -#: ../../english/intro/organization.data:268 +#: ../../english/intro/organization.data:239 msgid "Outreach" msgstr "" -#: ../../english/intro/organization.data:273 +#: ../../english/intro/organization.data:244 msgid "Debian Women Project" msgstr "" -#: ../../english/intro/organization.data:281 +#: ../../english/intro/organization.data:252 msgid "Community" msgstr "" -#: ../../english/intro/organization.data:290 +#: ../../english/intro/organization.data:261 msgid "To send a private message to all the members of the Community Team, use the GPG key <a href=\"community-team-pubkey.txt\">817DAE61E2FE4CA28E1B7762A89C4D0527C4C869</a>." msgstr "" -#: ../../english/intro/organization.data:292 +#: ../../english/intro/organization.data:263 msgid "Events" msgstr "" -#: ../../english/intro/organization.data:299 +#: ../../english/intro/organization.data:270 msgid "DebConf Committee" msgstr "" -#: ../../english/intro/organization.data:306 +#: ../../english/intro/organization.data:277 msgid "Partner Program" msgstr "" -#: ../../english/intro/organization.data:310 +#: ../../english/intro/organization.data:281 msgid "Hardware Donations Coordination" msgstr "" -#: ../../english/intro/organization.data:325 +#: ../../english/intro/organization.data:296 msgid "GNOME Foundation" msgstr "" -#: ../../english/intro/organization.data:327 +#: ../../english/intro/organization.data:298 msgid "Linux Professional Institute" msgstr "" -#: ../../english/intro/organization.data:329 +#: ../../english/intro/organization.data:300 msgid "Linux Magazine" msgstr "" -#: ../../english/intro/organization.data:331 +#: ../../english/intro/organization.data:302 msgid "Linux Standards Base" msgstr "" -#: ../../english/intro/organization.data:333 +#: ../../english/intro/organization.data:304 msgid "Free Standards Group" msgstr "" -#: ../../english/intro/organization.data:334 +#: ../../english/intro/organization.data:305 msgid "SchoolForge" msgstr "" -#: ../../english/intro/organization.data:337 +#: ../../english/intro/organization.data:308 msgid "OASIS: Organization\n for the Advancement of Structured Information Standards" msgstr "" -#: ../../english/intro/organization.data:340 +#: ../../english/intro/organization.data:311 msgid "OVAL: Open Vulnerability\n Assessment Language" msgstr "" -#: ../../english/intro/organization.data:343 +#: ../../english/intro/organization.data:314 msgid "Open Source Initiative" msgstr "" -#: ../../english/intro/organization.data:350 -msgid "User support" -msgstr "" - -#: ../../english/intro/organization.data:417 +#: ../../english/intro/organization.data:321 msgid "Bug Tracking System" msgstr "" -#: ../../english/intro/organization.data:422 +#: ../../english/intro/organization.data:326 msgid "Mailing Lists Administration and Mailing List Archives" msgstr "" -#: ../../english/intro/organization.data:431 +#: ../../english/intro/organization.data:335 msgid "New Members Front Desk" msgstr "" -#: ../../english/intro/organization.data:437 +#: ../../english/intro/organization.data:341 msgid "Debian Account Managers" msgstr "" -#: ../../english/intro/organization.data:441 +#: ../../english/intro/organization.data:345 msgid "To send a private message to all DAMs, use the GPG key 57731224A9762EA155AB2A530CA8D15BB24D96F2." msgstr "" -#: ../../english/intro/organization.data:442 +#: ../../english/intro/organization.data:346 msgid "Keyring Maintainers (PGP and GPG)" msgstr "" -#: ../../english/intro/organization.data:446 +#: ../../english/intro/organization.data:350 msgid "Security Team" msgstr "" -#: ../../english/intro/organization.data:457 +#: ../../english/intro/organization.data:361 msgid "Consultants Page" msgstr "" -#: ../../english/intro/organization.data:462 +#: ../../english/intro/organization.data:366 msgid "CD Vendors Page" msgstr "" -#: ../../english/intro/organization.data:465 +#: ../../english/intro/organization.data:369 msgid "Policy" msgstr "" -#: ../../english/intro/organization.data:468 +#: ../../english/intro/organization.data:372 msgid "System Administration" msgstr "" -#: ../../english/intro/organization.data:469 +#: ../../english/intro/organization.data:373 msgid "This is the address to use when encountering problems on one of Debian's machines, including password problems or you need a package installed." msgstr "" -#: ../../english/intro/organization.data:479 +#: ../../english/intro/organization.data:383 msgid "If you have hardware problems with Debian machines, please see <a href=\"https://db.debian.org/machines.cgi\">Debian Machines</a> page, it should contain per-machine administrator information." msgstr "" -#: ../../english/intro/organization.data:480 +#: ../../english/intro/organization.data:384 msgid "LDAP Developer Directory Administrator" msgstr "" -#: ../../english/intro/organization.data:481 +#: ../../english/intro/organization.data:385 msgid "Mirrors" msgstr "" -#: ../../english/intro/organization.data:488 +#: ../../english/intro/organization.data:392 msgid "DNS Maintainer" msgstr "" -#: ../../english/intro/organization.data:489 +#: ../../english/intro/organization.data:393 msgid "Package Tracking System" msgstr "" -#: ../../english/intro/organization.data:491 +#: ../../english/intro/organization.data:395 msgid "Treasurer" msgstr "" -#: ../../english/intro/organization.data:498 +#: ../../english/intro/organization.data:402 msgid "<a name=\"trademark\" href=\"m4_HOME/trademark\">Trademark</a> use requests" msgstr "" -#: ../../english/intro/organization.data:502 +#: ../../english/intro/organization.data:406 msgid "Salsa administrators" msgstr "" diff --git a/english/po/others.pot b/english/po/others.pot index 4853a7c4c67..f69ed8e91aa 100644 --- a/english/po/others.pot +++ b/english/po/others.pot @@ -3,14 +3,6 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -#: ../../english/banners/index.tags:7 -msgid "Download" -msgstr "" - -#: ../../english/banners/index.tags:11 -msgid "Old banner ads" -msgstr "" - #: ../../english/devel/debian-installer/ports-status.defs:10 msgid "Working" msgstr "" @@ -211,50 +203,6 @@ msgstr "" msgid "Money is used to organize local free software events" msgstr "" -#: ../../english/y2k/l10n.data:6 -msgid "OK" -msgstr "" - -#: ../../english/y2k/l10n.data:9 -msgid "BAD" -msgstr "" - -#: ../../english/y2k/l10n.data:12 -msgid "OK?" -msgstr "" - -#: ../../english/y2k/l10n.data:15 -msgid "BAD?" -msgstr "" - -#: ../../english/y2k/l10n.data:18 -msgid "??" -msgstr "" - -#: ../../english/y2k/l10n.data:21 -msgid "Unknown" -msgstr "" - -#: ../../english/y2k/l10n.data:24 -msgid "ALL" -msgstr "" - -#: ../../english/y2k/l10n.data:27 -msgid "Package" -msgstr "" - -#: ../../english/y2k/l10n.data:30 -msgid "Status" -msgstr "" - -#: ../../english/y2k/l10n.data:33 -msgid "Version" -msgstr "" - -#: ../../english/y2k/l10n.data:36 -msgid "URL" -msgstr "" - #: ../../english/devel/join/nm-steps.inc:7 msgid "New Members Corner" msgstr "" diff --git a/english/po/partners.pot b/english/po/partners.pot index b77e273438e..237b5333be6 100644 --- a/english/po/partners.pot +++ b/english/po/partners.pot @@ -63,199 +63,207 @@ msgstr "" msgid "From the very beginning credativ has actively supported the Debian project and will continue to do so in the future. Furthermore many of our consultants are also Debian developers and actively involved in contributing to free software projects worldwide. Further information can be found at <a href=\"https://www.credativ.com/\">https://www.credativ.com/</a>." msgstr "" -#: ../../english/partners/partners.def:82 -msgid "<a href=\"http://www.dg-i.net/\">DG-i</a> provides the Debian project with hardware and hosting services from their colocation sites via high-speed connection. <a href=\"https://wiki.debian.org\">wiki.debian.org</a> received an IBM x360 server. " +#: ../../english/partners/partners.def:83 +msgid "<a href=\"http://www.dg-i.net/\">DG-i</a> provides the Debian project with hosting services from their colocation sites via high-speed connection." msgstr "" -#: ../../english/partners/partners.def:86 +#: ../../english/partners/partners.def:87 msgid "Dembach Goo Informatik GmbH & Co. KG (DG-i) offers consulting services on IT infrastructures, software development and hosting services. DG-i supports clients in analysing their IT environment, developing individual software solutions and in adjusting client's applications for a seamless transition into hosted services. The company designs and supports individual operational IT concepts that meet the high quality standards especially in E-Commerce and financial services. DG-i holds the necessary hosting infrastructure in their Munich and Dusseldorf data centers." msgstr "" -#: ../../english/partners/partners.def:92 +#: ../../english/partners/partners.def:93 msgid "<a href=\"http://www.eaton.com/\">Eaton</a> helps Debian in protecting its infrastructure from power issues, and employs a Debian Developer to work on UPS and Power Devices support through the <a href=\"http://www.networkupstools.org/\">Network UPS Tools</a> and related packages." msgstr "" -#: ../../english/partners/partners.def:95 +#: ../../english/partners/partners.def:96 msgid "Eaton is a global technology leader in electrical components and systems for power quality, distribution and control; hydraulics components, systems and services for industrial and mobile equipment; aerospace fuel, hydraulics and pneumatic systems for commercial and military use; and truck and automotive drivetrain and powertrain systems for performance, fuel economy and safety. Eaton has approximately 75,000 employees and sells products to customers in more than 150 countries, with 2008 sales of $15.4 billion." msgstr "" -#: ../../english/partners/partners.def:102 -msgid "<a href=\"https://www.fastly.com/\">Fastly</a> provides Debian with content delivery network (CDN) services and is helping us deliver packages to users through <a href=\"https://deb.debian.org/\">deb.debian.org</a>." +#: ../../english/partners/partners.def:103 +msgid "<a href=\"https://www.fastly.com/\">Fastly</a> provides Debian with content delivery network (CDN) services and is helping us deliver packages to users through <a href=\"https://deb.debian.org/\">deb.debian.org</a> and <a href=\"http://security.debian.org\">security.debian.org</a>." msgstr "" -#: ../../english/partners/partners.def:105 +#: ../../english/partners/partners.def:106 msgid "Fastly’s edge cloud platform provides advanced application delivery and cloud security for the world’s most popular online destinations. Fastly works with the best of the Internet, serving 14 trillion requests each month, more than 10 percent of all internet requests." msgstr "" -#: ../../english/partners/partners.def:112 +#: ../../english/partners/partners.def:113 msgid "Since 2002, Genesi has provided the hardware it designs and develops to the Debian community. Genesi also employs Debian developers to support their platforms." msgstr "" -#: ../../english/partners/partners.def:115 +#: ../../english/partners/partners.def:116 msgid "Genesi's <a href=\"http://www.genesi-usa.com/products\">Efika MX</a> ARM-based computers are designed to bring low cost, energy efficient computing resources to the mass market. For information about Genesi's involvement in the Linux Open Source community, please visit <a href=\"http://www.powerdeveloper.org/\">www.PowerDeveloper.org.</a>" msgstr "" -#: ../../english/partners/partners.def:122 +#: ../../english/partners/partners.def:123 msgid "<a href=\"https://www.google.com\">Google</a> sponsors parts of Salsa's continuous integration infrastructure within Google Cloud Platform." msgstr "" -#: ../../english/partners/partners.def:125 +#: ../../english/partners/partners.def:126 msgid "Google is one of the largest technology companies in the world, providing a wide range of Internet-related services and products as online advertising technologies, search, cloud computing, software, and hardware." msgstr "" #: ../../english/partners/partners.def:132 -msgid "<a href=\"http://www.hpe.com/engage/opensource\">Hewlett Packard Enterprise (HPE)</a> provides hardware for port development, Debian mirrors, and other Debian services (current HPE hardware donations are listed in the <a href=\"https://db.debian.org/machines.cgi\">Debian machines</a> page)." +msgid "<a href=\"https://www.hetzner.com\">Hetzner</a> provides the Debian project with hosting services." msgstr "" #: ../../english/partners/partners.def:135 +msgid "Hetzner Online is a professional web hosting provider and experienced data center operator. Since 1997 the company has provided private and business clients with high-performance hosting products as well as the necessary infrastructure for the efficient operation of websites. A combination of stable technology, attractive pricing and flexible support and services has enabled Hetzner Online to continuously strengthen its market position both nationally and internationally. The company owns several data centers in Germany and Finland." +msgstr "" + +#: ../../english/partners/partners.def:142 +msgid "<a href=\"http://www.hpe.com/engage/opensource\">Hewlett Packard Enterprise (HPE)</a> provides hardware for port development, Debian mirrors, and other Debian services (current HPE hardware donations are listed in the <a href=\"https://db.debian.org/machines.cgi\">Debian machines</a> page)." +msgstr "" + +#: ../../english/partners/partners.def:145 msgid "HPE is one of the largest computer companies in the world, providing a wide range of products and services, such as servers, storage, networking, consulting and support, software, and financial services." msgstr "" -#: ../../english/partners/partners.def:143 -msgid "<a href=\"https://www.leaseweb.com/\">LeaseWeb</a> has been one of two partners that provide the infrastructure for the <a href=\"https://snapshot.debian.org\">Debian OS Snapshot Archive</a> since <a href=\"https://www.debian.org/News/2014/20141014\">October 2014</a>, providing 80 Terabytes (TB) of capacity. In 2017 they renewed their support by provisioning two additional dedicated servers that expanded the storage at their location by 50%, enough to accommodate anticipated growth for years to come." +#: ../../english/partners/partners.def:153 +msgid "<a href=\"https://www.leaseweb.com/\">LeaseWeb</a> has been one of two partners that provide the infrastructure for the <a href=\"https://snapshot.debian.org\">Debian OS Snapshot Archive</a> since <a href=\"https://www.debian.org/News/2014/20141014\">October 2014</a>, providing 300 Terabytes (TB) of capacity. In 2020 they renewed their support by provisioning new dedicated servers with bigger disk drives, enough to accommodate anticipated growth for years to come." msgstr "" -#: ../../english/partners/partners.def:146 +#: ../../english/partners/partners.def:156 msgid "LeaseWeb is a global Infrastructure-as-a-Service (IaaS) provider – offering customers on-demand, world-class hosting solutions, from dedicated servers to cloud solutions. You can learn more about LeaseWeb visiting their <a href=\"https://www.leaseweb.com/\">website</a>." msgstr "" -#: ../../english/partners/partners.def:152 +#: ../../english/partners/partners.def:162 msgid "<a href=\"http://www.loongson.cn\">Loongson</a> and <a href=\"http://www.lemote.com\">Lemote</a> have provided several Loongson-based machines to Debian. For information about Loongson's involvement in the Linux community, see <a href=\"http://dev.lemote.com/code/linux-loongson-community\">Linux at Loongson</a>." msgstr "" -#: ../../english/partners/partners.def:155 +#: ../../english/partners/partners.def:165 msgid "Loongson processors are a series of MIPS-compatible processors. They have been widely used in many areas, such as desktop, server, embedded application, high-performance computing etc. For more information, contact <a href=\"mailto:info@loongson.cn\">info@loongson.cn</a>." msgstr "" -#: ../../english/partners/partners.def:161 -msgid "<a href=\"http://www.man-da.de/\">man-da.de GmbH</a> is the backbone provider of the Metropolitan Area Network Darmstadt. It is supporting Debian by hosting several debian.org and debian.net servers as well as the buildd network for experimental and debconf.org machines." +#: ../../english/partners/partners.def:172 +msgid "<a href=\"http://www.man-da.de/\">man-da.de GmbH</a> is the backbone provider of the Metropolitan Area Network Darmstadt. It is supporting Debian by hosting several debian.org and debian.net servers." msgstr "" -#: ../../english/partners/partners.def:165 +#: ../../english/partners/partners.def:176 msgid "man-da.de GmbH is operating MANDA, a wide area network in the South Hessen region connecting educational and research organisations to a high speed redundant network ring and providing internet access. The company is owned by TU Darmstadt and University of Applied Sciences Darmstadt and in addition to operating MANDA it is also providing IT consulting and IT services to both universities." msgstr "" -#: ../../english/partners/partners.def:173 +#: ../../english/partners/partners.def:183 msgid "<a href=\"http://osuosl.org/\">The Oregon State University Open Source Lab</a> provides hosting and administration services to the Debian project." msgstr "" -#: ../../english/partners/partners.def:177 +#: ../../english/partners/partners.def:187 msgid "The Open Source Lab is a focal point for open source development at Oregon State University and beyond. The OSL provides development, hosting and assorted other services to the Open Source community." msgstr "" -#: ../../english/partners/partners.def:184 +#: ../../english/partners/partners.def:194 msgid "nic.at is sponsoring the anycast service <a href=\"https://www.rcodezero.at/\">RcodeZero DNS</a> for Debian as it meets the needs to have geographically disperse locations and support DNSSEC." msgstr "" -#: ../../english/partners/partners.def:188 +#: ../../english/partners/partners.def:198 msgid "ipcom is a subsidiary of nic.at, the Austrian domain registry. nic.at has been managing the .at-zone since 1998 on a highly professional and reliable level. The RcodeZero Anycast network has been developed by nic.at’s R&D department and has been successfully in use for the .at zone." msgstr "" -#: ../../english/partners/partners.def:194 +#: ../../english/partners/partners.def:204 msgid "<a href=\"http://www.skolelinux.org/\">Skolelinux</a> is heavily involved in both the creation and testing of the new debian-installer and the localization of Debian." msgstr "" -#: ../../english/partners/partners.def:197 +#: ../../english/partners/partners.def:207 msgid "Skolelinux is an effort to create a Debian Pure Blend aimed at schools and universities. An easy 3-question installation results in a preconfigured system tailored for schools, requiring almost no Linux or networking knowledge. This includes 15 preconfigured services and a localized environment." msgstr "" -#: ../../english/partners/partners.def:204 +#: ../../english/partners/partners.def:214 msgid "<a href=\"https://www.stackpath.com/?utm_campaign=Partner%20Display&utm_source=Partner%20Display&utm_medium=Debian\">StackPath</a> provides Debian with content delivery network (CDN) services, allowing high availability of services like <a href=\"https://security-tracker.debian.org/\">the Security Bug Tracker</a> and <a href=\"https://planet.debian.org/\">Planet Debian</a>." msgstr "" -#: ../../english/partners/partners.def:207 +#: ../../english/partners/partners.def:217 msgid "StackPath is a platform of secure edge services that enables developers to protect, accelerate, and innovate cloud properties ranging from websites to media delivery and IoT services." msgstr "" -#: ../../english/partners/partners.def:213 -msgid "<a href=\"http://www.telegraaf.nl/\">Telegraaf Media ICT BV</a> is supporting the Debian community by donating hardware, rackspace and bandwidth for the Debian server hosting alioth, arch and svn." -msgstr "" - -#: ../../english/partners/partners.def:216 -msgid "Telegraaf Media ICT BV is running its internet infrastructure (appx. 200 Intel based servers) mainly based on Debian GNU/Linux servers; the sysadmins are highly motivated Debian users and some of them also Debian maintainers." -msgstr "" - -#: ../../english/partners/partners.def:219 -msgid "Telegraaf Media Group runs some of the most popular Dutch websites (http://www.telegraaf.nl, http://www.speurders.nl and http://www.dft.nl) as well as the two biggest newspapers in The Netherlands." -msgstr "" - -#: ../../english/partners/partners.def:225 +#: ../../english/partners/partners.def:223 msgid "<a href=\"http://www.thomas-krenn.com\">Thomas Krenn</a> has provided a new high-end server for the Debian cdbuilder service. In addition, Thomas Krenn is a regular hardware sponsor for DebConf or the Debian booth at LinuxTag. For information about Thomas Krenn's involvement in the Linux Open Source community, see <a href=\"http://www.thomas-krenn.com/linux\">http://www.thomas-krenn.com/linux</a>." msgstr "" -#: ../../english/partners/partners.def:228 +#: ../../english/partners/partners.def:226 msgid "<a href=\"http://www.thomas-krenn.com\">Thomas Krenn</a> is Europe's leading online shop for server systems and high-quality hosting. They offer rack-mountable servers, silent and low-noise servers, storage systems and virtualization solutions. Thomas Krenn is the only hardware shop who delivers individual configured servers within 24 hours across Europe. And of course they support Debian as operating system on their servers!" msgstr "" -#: ../../english/partners/partners.def:234 +#: ../../english/partners/partners.def:232 msgid "<a href=\"http://www.trustsec.de/\">trustsec</a> pays two Debian developers to work on the S/390 port of Debian and packages mainly related to Java. They host the <a href=\"http://www.trustsec.de/deb390/\">web portal</a> for Debian on S/390 and zSeries. They've paid and worked on the free Debian CDs for LinuxTag 2001 in Stuttgart." msgstr "" -#: ../../english/partners/partners.def:237 +#: ../../english/partners/partners.def:235 msgid "trustsec offers customer support, consulting and training for Debian on the Intel PC architecture (i386), PowerPC and IBM S/390 and is specialized on network security and software development with Java. Please e-mail <a href=\"mailto:info@trustsec.de\">info@trustsec.de</a> for more information." msgstr "" -#: ../../english/partners/partners.def:245 +#: ../../english/partners/partners.def:243 msgid "The <a href=\"https://www.sanger.ac.uk/\">Wellcome Sanger Institute</a> provides infrastructure for the <a href=\"https://snapshot.debian.org/\">Debian OS Snapshot Archive</a> since the creation of the service in <a href=\"https://www.debian.org/News/2010/20100412\">April 2010</a>. In 2018 they renewed their support by provisioning a new frontend server and increasing the amount of snapshot storage provided." msgstr "" -#: ../../english/partners/partners.def:248 +#: ../../english/partners/partners.def:246 msgid "The Wellcome Sanger Institute is one of the world's leading genome centres. Through its ability to conduct research at scale, it is able to engage in bold and long-term exploratory projects that are designed to influence and empower medical science globally. Institute research findings, generated through its own research programmes and through its leading role in international consortia, are being used to develop new diagnostics and treatments for human disease." msgstr "" -#: ../../english/partners/partners.def:258 +#: ../../english/partners/partners.def:256 msgid "<A HREF=\"http://www.brainfood.com/\">Brainfood</A> (previously called Novare) provides several machines to Debian, as well as hosting and server administration services." msgstr "" -#: ../../english/partners/partners.def:261 +#: ../../english/partners/partners.def:259 msgid "Brainfood is a technology solutions company whose goal is to work to produce an ideal result for a specific need, whether it's a website or an ongoing, distance-learning intranet application, or custom developed software. For more information, contact <A HREF=\"mailto:debian-contact@brainfood.com\">debian-contact@brainfood.com</A>." msgstr "" -#: ../../english/partners/partners.def:268 +#: ../../english/partners/partners.def:266 msgid "<a href=\"http://www.hp.com/\">Hewlett-Packard</a> has provided hardware for port development, Debian mirrors, and other Debian services (current HP hardware donations are listed in the <a href=\"https://db.debian.org/machines.cgi\">Debian machines</a> page). For information about HP's involvement in the Linux Open Source community, see <a href=\"http://www.hp.com/products1/linux/\">HP Linux</a>." msgstr "" -#: ../../english/partners/partners.def:271 +#: ../../english/partners/partners.def:269 msgid "Hewlett-Packard is one of the largest computer companies in the world, providing a wide range of products and services, such as servers, PCs, printers, storage products, network equipment, software, cloud computing solutions, etc." msgstr "" -#: ../../english/partners/partners.def:278 +#: ../../english/partners/partners.def:276 msgid "<A HREF=\"http://www.linuxcentral.com/\">Linux Central</A> provides us with Debian GNU/Linux CD-ROM sets for trade show type events. These CD's help to promote Debian by getting the system right in the hands of potential and current users." msgstr "" -#: ../../english/partners/partners.def:282 +#: ../../english/partners/partners.def:280 msgid "Linux Central sells all the latest releases of Linux products such as commercial software, books, hardware, and versions of major Linux distributions. On Linux Central's site you can also find news and basic information about Linux, or sign up for a newsletter to stay updated on all newly released products or daily specials. For more information, contact <A HREF=\"mailto:sales@linuxcentral.com\">sales@linuxcentral.com</A>." msgstr "" -#: ../../english/partners/partners.def:289 +#: ../../english/partners/partners.def:287 msgid "<a href=\"http://www.mythic-beasts.com\">Mythic Beasts Ltd.</a> supports Debian (and SPI Inc) by providing domain registration facilities.</p><p>They are a UK based web hosting, domain registration and co-location company." msgstr "" -#: ../../english/partners/partners.def:296 +#: ../../english/partners/partners.def:294 msgid "San Francisco based <a href=\"http://www.nostarch.com/\">No Starch Press</a>, publisher of \"The Finest in Geek Entertainment,\" is co-publisher of the book <a href=\"http://debiansystem.info/\">The Debian System</a>. The company is well known for publishing high-quality titles on a broad range of topics including alternative operating systems, networking, hacking, programming, and LEGO. No Starch Press donates US$1 from the sale of each copy of The Debian System to the Debian Project." msgstr "" -#: ../../english/partners/partners.def:303 +#: ../../english/partners/partners.def:301 msgid "<a href=\"http://www.opensourcepress.de/\">Open Source Press</a> is the Munich-based publisher of the book <a href=\"http://debiansystem.info/\">The Debian System</a>. For each book sold, the publisher and author together donate 1€ to the Debian Project." msgstr "" -#: ../../english/partners/partners.def:306 +#: ../../english/partners/partners.def:304 msgid "Open Source Press specialises on books around Linux and Open Source Software, written by authors with considerable experience in the fields, and produced in close cooperation with the respective communities. The Open Source Press publications are renowned for their quality and depth." msgstr "" -#: ../../english/partners/partners.def:314 +#: ../../english/partners/partners.def:312 msgid "<a href=\"http://www.rapidswitch.com/\">RapidSwitch</a> (formely Black Cat Networks) is a UK ISP specialising in dedicated hosting. It provides dedicated servers, managed servers solutions, colocation services and VPS virtual servers." msgstr "" -#: ../../english/partners/partners.def:317 +#: ../../english/partners/partners.def:315 msgid "It hosts a Debian development machine, <a href=\"https://db.debian.org/machines.cgi?host=caballero\">caballero</a>." msgstr "" -#: ../../english/partners/partners.def:325 +#: ../../english/partners/partners.def:323 msgid "<a href=\"http://www.simtec.co.uk\">Simtec</a> has provided several ARM machines which make up the bulk of the Debian ARM infrastructure. In addition Simtec employs several developers who contribute towards the Debian ARM port." msgstr "" -#: ../../english/partners/partners.def:328 +#: ../../english/partners/partners.def:326 msgid "Simtec is a leading provider of ARM based computing products. We have a range of <a href=\"http://www.simtec.co.uk/products/boards.html\">boards</a> which serve a wide range of uses within the embedded market. We provide a complete range of products and solutions which can be tailored to suit the customers needs from off the shelf integrator solutions right through to fully custom designs. All of our products ship with open source tools and operating systems." msgstr "" +#: ../../english/partners/partners.def:334 +msgid "<a href=\"http://www.telegraaf.nl/\">Telegraaf Media ICT BV</a> is supporting the Debian community by donating hardware, rackspace and bandwidth for the Debian server hosting alioth, arch and svn." +msgstr "" + +#: ../../english/partners/partners.def:337 +msgid "Telegraaf Media ICT BV is running its internet infrastructure (appx. 200 Intel based servers) mainly based on Debian GNU/Linux servers; the sysadmins are highly motivated Debian users and some of them also Debian maintainers." +msgstr "" + +#: ../../english/partners/partners.def:340 +msgid "Telegraaf Media Group runs some of the most popular Dutch websites (http://www.telegraaf.nl, http://www.speurders.nl and http://www.dft.nl) as well as the two biggest newspapers in The Netherlands." +msgstr "" + diff --git a/english/releases/buster/errata.wml b/english/releases/buster/errata.wml index a54998be5d9..d74c6af1e5a 100644 --- a/english/releases/buster/errata.wml +++ b/english/releases/buster/errata.wml @@ -44,6 +44,8 @@ releases.</p> <a href="$(HOME)/News/2020/20200801">August 1, 2020</a>.</li> <li>The sixth point release, 10.6, was released on <a href="$(HOME)/News/2020/20200926">September 26, 2020</a>.</li> + <li>The seventh point release, 10.7, was released on + <a href="$(HOME)/News/2020/20201205">December 5, 2020</a>.</li> </ul> <ifeq <current_release_buster> 10.0 " diff --git a/english/security/2020/dsa-4773.data b/english/security/2020/dsa-4773.data new file mode 100644 index 00000000000..ef9d1f510a4 --- /dev/null +++ b/english/security/2020/dsa-4773.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4773-1 yaws</define-tag> +<define-tag report_date>2020-10-16</define-tag> +<define-tag secrefs>CVE-2020-24379 CVE-2020-24916</define-tag> +<define-tag packages>yaws</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4773.wml b/english/security/2020/dsa-4773.wml new file mode 100644 index 00000000000..39072614ee9 --- /dev/null +++ b/english/security/2020/dsa-4773.wml @@ -0,0 +1,33 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Two vulnerabilities were discovered in yaws, a high performance HTTP 1.1 +webserver written in Erlang.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-24379">CVE-2020-24379</a> + + <p>The WebDAV implementation is prone to a XML External Entity (XXE) + injection vulnerability.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-24916">CVE-2020-24916</a> + + <p>The CGI implementation does not properly sanitize CGI requests + allowing a remote attacker to execute arbitrary shell commands via + specially crafted CGI executable names.</p></li> + +</ul> + +<p>For the stable distribution (buster), these problems have been fixed in +version 2.0.6+dfsg-1+deb10u1.</p> + +<p>We recommend that you upgrade your yaws packages.</p> + +<p>For the detailed security status of yaws please refer to its security +tracker page at: +<a href="https://security-tracker.debian.org/tracker/yaws">https://security-tracker.debian.org/tracker/yaws</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4773.data" +# $Id: $ diff --git a/english/security/2020/dsa-4774.data b/english/security/2020/dsa-4774.data new file mode 100644 index 00000000000..cbfa3859beb --- /dev/null +++ b/english/security/2020/dsa-4774.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4774-1 linux</define-tag> +<define-tag report_date>2020-10-19</define-tag> +<define-tag secrefs>CVE-2020-12351 CVE-2020-12352 CVE-2020-25211 CVE-2020-25643 CVE-2020-25645 Bug#908712</define-tag> +<define-tag packages>linux</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4774.wml b/english/security/2020/dsa-4774.wml new file mode 100644 index 00000000000..a8c61027a64 --- /dev/null +++ b/english/security/2020/dsa-4774.wml @@ -0,0 +1,59 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities have been discovered in the Linux kernel that +may lead to the execution of arbitrary code, privilege escalation, +denial of service or information leaks.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12351">CVE-2020-12351</a> + + <p>Andy Nguyen discovered a flaw in the Bluetooth implementation in the + way L2CAP packets with A2MP CID are handled. A remote attacker in + short distance knowing the victim's Bluetooth device address can + send a malicious l2cap packet and cause a denial of service or + possibly arbitrary code execution with kernel privileges.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-12352">CVE-2020-12352</a> + + <p>Andy Nguyen discovered a flaw in the Bluetooth implementation. Stack + memory is not properly initialised when handling certain AMP + packets. A remote attacker in short distance knowing the victim's + Bluetooth device address can retrieve kernel stack information.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25211">CVE-2020-25211</a> + + <p>A flaw was discovered in netfilter subsystem. A local attacker + able to inject conntrack Netlink configuration can cause a denial + of service.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25643">CVE-2020-25643</a> + + <p>ChenNan Of Chaitin Security Research Lab discovered a flaw in the + hdlc_ppp module. Improper input validation in the ppp_cp_parse_cr() + function may lead to memory corruption and information disclosure.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25645">CVE-2020-25645</a> + + <p>A flaw was discovered in the interface driver for GENEVE + encapsulated traffic when combined with IPsec. If IPsec is + configured to encrypt traffic for the specific UDP port used by the + GENEVE tunnel, tunneled data isn't correctly routed over the + encrypted link and sent unencrypted instead.</p></li> + +</ul> + +<p>For the stable distribution (buster), these problems have been fixed in +version 4.19.152-1. The vulnerabilities are fixed by rebasing to the new +stable upstream version 4.19.152 which includes additional bugfixes.</p> + +<p>We recommend that you upgrade your linux packages.</p> + +<p>For the detailed security status of linux please refer to its security +tracker page at: +<a href="https://security-tracker.debian.org/tracker/linux">https://security-tracker.debian.org/tracker/linux</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4774.data" +# $Id: $ diff --git a/english/security/2020/dsa-4775.data b/english/security/2020/dsa-4775.data new file mode 100644 index 00000000000..f26a28306e3 --- /dev/null +++ b/english/security/2020/dsa-4775.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4775-1 python-flask-cors</define-tag> +<define-tag report_date>2020-10-19</define-tag> +<define-tag secrefs>CVE-2020-25032 Bug#969362</define-tag> +<define-tag packages>python-flask-cors</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4775.wml b/english/security/2020/dsa-4775.wml new file mode 100644 index 00000000000..d01408a7f73 --- /dev/null +++ b/english/security/2020/dsa-4775.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>A directory traversal vulnerability was discovered in python-flask-cors, +a Flask extension for handling Cross Origin Resource Sharing (CORS), +allowing to access private resources.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 3.0.7-1+deb10u1.</p> + +<p>We recommend that you upgrade your python-flask-cors packages.</p> + +<p>For the detailed security status of python-flask-cors please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/python-flask-cors">\ +https://security-tracker.debian.org/tracker/python-flask-cors</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4775.data" +# $Id: $ diff --git a/english/security/2020/dsa-4776.data b/english/security/2020/dsa-4776.data new file mode 100644 index 00000000000..440941bf871 --- /dev/null +++ b/english/security/2020/dsa-4776.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4776-1 mariadb-10.3</define-tag> +<define-tag report_date>2020-10-20</define-tag> +<define-tag secrefs>CVE-2020-15180</define-tag> +<define-tag packages>mariadb-10.3</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4776.wml b/english/security/2020/dsa-4776.wml new file mode 100644 index 00000000000..e0040d4f6bb --- /dev/null +++ b/english/security/2020/dsa-4776.wml @@ -0,0 +1,18 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>A security issue was discovered in the MariaDB database server.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 1:10.3.25-0+deb10u1.</p> + +<p>We recommend that you upgrade your mariadb-10.3 packages.</p> + +<p>For the detailed security status of mariadb-10.3 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/mariadb-10.3">\ +https://security-tracker.debian.org/tracker/mariadb-10.3</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4776.data" +# $Id: $ diff --git a/english/security/2020/dsa-4777.data b/english/security/2020/dsa-4777.data new file mode 100644 index 00000000000..b564904b36f --- /dev/null +++ b/english/security/2020/dsa-4777.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4777-1 freetype</define-tag> +<define-tag report_date>2020-10-21</define-tag> +<define-tag secrefs>CVE-2020-15999 Bug#972586</define-tag> +<define-tag packages>freetype</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4777.wml b/english/security/2020/dsa-4777.wml new file mode 100644 index 00000000000..01075eff149 --- /dev/null +++ b/english/security/2020/dsa-4777.wml @@ -0,0 +1,21 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Sergei Glazunov discovered a heap-based buffer overflow vulnerability in +the handling of embedded PNG bitmaps in FreeType. Opening malformed +fonts may result in denial of service or the execution of arbitrary +code.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 2.9.1-3+deb10u2.</p> + +<p>We recommend that you upgrade your freetype packages.</p> + +<p>For the detailed security status of freetype please refer to its +security tracker page at: +<a href="https://security-tracker.debian.org/tracker/freetype">\ +https://security-tracker.debian.org/tracker/freetype</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4777.data" +# $Id: $ diff --git a/english/security/2020/dsa-4778.data b/english/security/2020/dsa-4778.data new file mode 100644 index 00000000000..3f0e08e63c9 --- /dev/null +++ b/english/security/2020/dsa-4778.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4778-1 firefox-esr</define-tag> +<define-tag report_date>2020-10-21</define-tag> +<define-tag secrefs>CVE-2020-15683 CVE-2020-15969</define-tag> +<define-tag packages>firefox-esr</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4778.wml b/english/security/2020/dsa-4778.wml new file mode 100644 index 00000000000..4b122b3085f --- /dev/null +++ b/english/security/2020/dsa-4778.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Multiple security issues have been found in the Mozilla Firefox web +browser, which could potentially result in the execution of arbitrary +code.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 78.4.0esr-1~deb10u2.</p> + +<p>We recommend that you upgrade your firefox-esr packages.</p> + +<p>For the detailed security status of firefox-esr please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/firefox-esr">\ +https://security-tracker.debian.org/tracker/firefox-esr</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4778.data" +# $Id: $ diff --git a/english/security/2020/dsa-4779.data b/english/security/2020/dsa-4779.data new file mode 100644 index 00000000000..d7b4f82a4d8 --- /dev/null +++ b/english/security/2020/dsa-4779.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4779-1 openjdk-11</define-tag> +<define-tag report_date>2020-10-25</define-tag> +<define-tag secrefs>CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803</define-tag> +<define-tag packages>openjdk-11</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4779.wml b/english/security/2020/dsa-4779.wml new file mode 100644 index 00000000000..6a2a1a929bf --- /dev/null +++ b/english/security/2020/dsa-4779.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities have been discovered in the OpenJDK Java runtime, +which could result in denial of service, information disclosure, bypass of +access/sandbox restrictions or the acceptance of untrusted certificates.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 11.0.9+11-1~deb10u1.</p> + +<p>We recommend that you upgrade your openjdk-11 packages.</p> + +<p>For the detailed security status of openjdk-11 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/openjdk-11">\ +https://security-tracker.debian.org/tracker/openjdk-11</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4779.data" +# $Id: $ diff --git a/english/security/2020/dsa-4780.data b/english/security/2020/dsa-4780.data new file mode 100644 index 00000000000..2ff3b0b41e5 --- /dev/null +++ b/english/security/2020/dsa-4780.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4780-1 thunderbird</define-tag> +<define-tag report_date>2020-10-25</define-tag> +<define-tag secrefs>CVE-2020-15683 CVE-2020-15969</define-tag> +<define-tag packages>thunderbird</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4780.wml b/english/security/2020/dsa-4780.wml new file mode 100644 index 00000000000..efa5f627e5a --- /dev/null +++ b/english/security/2020/dsa-4780.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Multiple security issues have been found in Thunderbird, which may lead +to the execution of arbitrary code or denial of service.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 1:78.4.0-1~deb10u1.</p> + +<p>We recommend that you upgrade your thunderbird packages.</p> + +<p>For the detailed security status of thunderbird please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/thunderbird">\ +https://security-tracker.debian.org/tracker/thunderbird</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4780.data" +# $Id: $ diff --git a/english/security/2020/dsa-4781.data b/english/security/2020/dsa-4781.data new file mode 100644 index 00000000000..adc9bdd1af2 --- /dev/null +++ b/english/security/2020/dsa-4781.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4781-1 blueman</define-tag> +<define-tag report_date>2020-10-27</define-tag> +<define-tag secrefs>CVE-2020-15238</define-tag> +<define-tag packages>blueman</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4781.wml b/english/security/2020/dsa-4781.wml new file mode 100644 index 00000000000..3221124850b --- /dev/null +++ b/english/security/2020/dsa-4781.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Vaisha Bernard discovered that Blueman, a graphical bluetooth manager +performed insufficient validation on a D-Bus interface, which could +result in denial of service or privilege escalation.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 2.0.8-1+deb10u1.</p> + +<p>We recommend that you upgrade your blueman packages.</p> + +<p>For the detailed security status of blueman please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/blueman">\ +https://security-tracker.debian.org/tracker/blueman</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4781.data" +# $Id: $ diff --git a/english/security/2020/dsa-4782.data b/english/security/2020/dsa-4782.data new file mode 100644 index 00000000000..3211f700982 --- /dev/null +++ b/english/security/2020/dsa-4782.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4782-1 openldap</define-tag> +<define-tag report_date>2020-10-30</define-tag> +<define-tag secrefs>CVE-2020-25692</define-tag> +<define-tag packages>openldap</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4782.wml b/english/security/2020/dsa-4782.wml new file mode 100644 index 00000000000..7d05f1e6f85 --- /dev/null +++ b/english/security/2020/dsa-4782.wml @@ -0,0 +1,22 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>A vulnerability in the handling of normalization with modrdn was +discovered in OpenLDAP, a free implementation of the Lightweight +Directory Access Protocol. An unauthenticated remote attacker can use +this flaw to cause a denial of service (slapd daemon crash) via a +specially crafted packet.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 2.4.47+dfsg-3+deb10u3.</p> + +<p>We recommend that you upgrade your openldap packages.</p> + +<p>For the detailed security status of openldap please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/openldap">\ +https://security-tracker.debian.org/tracker/openldap</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4782.data" +# $Id: $ diff --git a/english/security/2020/dsa-4783.data b/english/security/2020/dsa-4783.data new file mode 100644 index 00000000000..062728cfb40 --- /dev/null +++ b/english/security/2020/dsa-4783.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4783-1 sddm</define-tag> +<define-tag report_date>2020-11-05</define-tag> +<define-tag secrefs>CVE-2020-28049 Bug#973748</define-tag> +<define-tag packages>sddm</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4783.wml b/english/security/2020/dsa-4783.wml new file mode 100644 index 00000000000..9f84ade6e69 --- /dev/null +++ b/english/security/2020/dsa-4783.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Fabian Vogt discovered a flaw in sddm, a modern display manager for X11. +A local attacker can take advantage of a race condition when creating +the Xauthority file to escalate privileges.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 0.18.0-1+deb10u1.</p> + +<p>We recommend that you upgrade your sddm packages.</p> + +<p>For the detailed security status of sddm please refer to its security +tracker page at: +<a href="https://security-tracker.debian.org/tracker/sddm">https://security-tracker.debian.org/tracker/sddm</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4783.data" +# $Id: $ diff --git a/english/security/2020/dsa-4784.data b/english/security/2020/dsa-4784.data new file mode 100644 index 00000000000..974b0ddd348 --- /dev/null +++ b/english/security/2020/dsa-4784.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4784-1 wordpress</define-tag> +<define-tag report_date>2020-11-06</define-tag> +<define-tag secrefs>CVE-2020-28032 CVE-2020-28033 CVE-2020-28034 CVE-2020-28035 CVE-2020-28036 CVE-2020-28037 CVE-2020-28038 CVE-2020-28039 CVE-2020-28040 Bug#971914 Bug#973562</define-tag> +<define-tag packages>wordpress</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4784.wml b/english/security/2020/dsa-4784.wml new file mode 100644 index 00000000000..57654ca7023 --- /dev/null +++ b/english/security/2020/dsa-4784.wml @@ -0,0 +1,22 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Several vulnerabilities were discovered in Wordpress, a web blogging +tool. They allowed remote attackers to run insecure deserialization, +embed spam, perform various Cross-Site Scripting (XSS) or Cross-Site +Request Forgery (CSRF) attacks, escalate privileges, run arbitrary +code, and delete arbitrary files.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 5.0.11+dfsg1-0+deb10u1.</p> + +<p>We recommend that you upgrade your wordpress packages.</p> + +<p>For the detailed security status of wordpress please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/wordpress">\ +https://security-tracker.debian.org/tracker/wordpress</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4784.data" +# $Id: $ diff --git a/english/security/2020/dsa-4785.data b/english/security/2020/dsa-4785.data new file mode 100644 index 00000000000..f413e8b2e4c --- /dev/null +++ b/english/security/2020/dsa-4785.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4785-1 raptor2</define-tag> +<define-tag report_date>2020-11-07</define-tag> +<define-tag secrefs>CVE-2017-18926 Bug#973889</define-tag> +<define-tag packages>raptor2</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4785.wml b/english/security/2020/dsa-4785.wml new file mode 100644 index 00000000000..a77bde76a3d --- /dev/null +++ b/english/security/2020/dsa-4785.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>It was discovered that raptor2, an RDF parser library, is prone to +heap-based buffer overflow flaws, which could result in denial of +service, or potentially the execution of arbitrary code, if a specially +crafted file is processed.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 2.0.14-1.1~deb10u1.</p> + +<p>We recommend that you upgrade your raptor2 packages.</p> + +<p>For the detailed security status of raptor2 please refer to its security +tracker page at: +<a href="https://security-tracker.debian.org/tracker/raptor2">https://security-tracker.debian.org/tracker/raptor2</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4785.data" +# $Id: $ diff --git a/english/security/2020/dsa-4786.data b/english/security/2020/dsa-4786.data new file mode 100644 index 00000000000..98a83e85653 --- /dev/null +++ b/english/security/2020/dsa-4786.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4786-1 libexif</define-tag> +<define-tag report_date>2020-11-08</define-tag> +<define-tag secrefs>CVE-2020-0452</define-tag> +<define-tag packages>libexif</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4786.wml b/english/security/2020/dsa-4786.wml new file mode 100644 index 00000000000..32819d6611f --- /dev/null +++ b/english/security/2020/dsa-4786.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>It was discovered that a boundary check in libexif, a library to parse +EXIF files, could be optimised away by the compiler, resulting in +a potential buffer overflow.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 0.6.21-5.1+deb10u5.</p> + +<p>We recommend that you upgrade your libexif packages.</p> + +<p>For the detailed security status of libexif please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/libexif">\ +https://security-tracker.debian.org/tracker/libexif</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4786.data" +# $Id: $ diff --git a/english/security/2020/dsa-4787.data b/english/security/2020/dsa-4787.data new file mode 100644 index 00000000000..5c41f4ab240 --- /dev/null +++ b/english/security/2020/dsa-4787.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4787-1 moin</define-tag> +<define-tag report_date>2020-11-09</define-tag> +<define-tag secrefs>CVE-2020-15275 CVE-2020-25074</define-tag> +<define-tag packages>moin</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4787.wml b/english/security/2020/dsa-4787.wml new file mode 100644 index 00000000000..300648edc3d --- /dev/null +++ b/english/security/2020/dsa-4787.wml @@ -0,0 +1,31 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Two vulnerabilities were discovered in moin, a Python clone of WikiWiki.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-15275">CVE-2020-15275</a> + + <p>Catarina Leite discovered that moin is prone to a stored XSS + vulnerability via SVG attachments.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-25074">CVE-2020-25074</a> + + <p>Michael Chapman discovered that moin is prone to a remote code + execution vulnerability via the cache action.</p></li> + +</ul> + +<p>For the stable distribution (buster), these problems have been fixed in +version 1.9.9-1+deb10u1.</p> + +<p>We recommend that you upgrade your moin packages.</p> + +<p>For the detailed security status of moin please refer to its security +tracker page at: +<a href="https://security-tracker.debian.org/tracker/moin">https://security-tracker.debian.org/tracker/moin</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4787.data" +# $Id: $ diff --git a/english/security/2020/dsa-4788.data b/english/security/2020/dsa-4788.data new file mode 100644 index 00000000000..f5cf38afed8 --- /dev/null +++ b/english/security/2020/dsa-4788.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4788-1 firefox-esr</define-tag> +<define-tag report_date>2020-11-10</define-tag> +<define-tag secrefs>CVE-2020-26950</define-tag> +<define-tag packages>firefox-esr</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4788.wml b/english/security/2020/dsa-4788.wml new file mode 100644 index 00000000000..cce7f910c9d --- /dev/null +++ b/english/security/2020/dsa-4788.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>A use-after-free was found in the Mozilla Firefox web browser, which +could potentially result in the execution of arbitrary code.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 78.4.1esr-1~deb10u1.</p> + +<p>We recommend that you upgrade your firefox-esr packages.</p> + +<p>For the detailed security status of firefox-esr please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/firefox-esr">\ +https://security-tracker.debian.org/tracker/firefox-esr</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4788.data" +# $Id: $ diff --git a/english/security/2020/dsa-4789.data b/english/security/2020/dsa-4789.data new file mode 100644 index 00000000000..2d3b97c2721 --- /dev/null +++ b/english/security/2020/dsa-4789.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4789-1 codemirror-js</define-tag> +<define-tag report_date>2020-11-12</define-tag> +<define-tag secrefs>CVE-2020-7760</define-tag> +<define-tag packages>codemirror-js</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4789.wml b/english/security/2020/dsa-4789.wml new file mode 100644 index 00000000000..0a0bdc0c989 --- /dev/null +++ b/english/security/2020/dsa-4789.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>It was discovered that codemirror, a browser-based text editor +implemented in JavaScript, was vulnerable to regular expression +denial-of-service.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 5.43.0-1+deb10u1.</p> + +<p>We recommend that you upgrade your codemirror-js packages.</p> + +<p>For the detailed security status of codemirror-js please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/codemirror-js">\ +https://security-tracker.debian.org/tracker/codemirror-js</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4789.data" +# $Id: $ diff --git a/english/security/2020/dsa-4790.data b/english/security/2020/dsa-4790.data new file mode 100644 index 00000000000..7c46d3a40ee --- /dev/null +++ b/english/security/2020/dsa-4790.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4790-1 thunderbird</define-tag> +<define-tag report_date>2020-11-12</define-tag> +<define-tag secrefs>CVE-2020-26950</define-tag> +<define-tag packages>thunderbird</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4790.wml b/english/security/2020/dsa-4790.wml new file mode 100644 index 00000000000..4a34bf4f65f --- /dev/null +++ b/english/security/2020/dsa-4790.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>A use-after-free was found in Thunderbird, which could potentially result +in the execution of arbitrary code.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 1:78.4.2-1~deb10u1.</p> + +<p>We recommend that you upgrade your thunderbird packages.</p> + +<p>For the detailed security status of thunderbird please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/thunderbird">\ +https://security-tracker.debian.org/tracker/thunderbird</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4790.data" +# $Id: $ diff --git a/english/security/2020/dsa-4791.data b/english/security/2020/dsa-4791.data new file mode 100644 index 00000000000..adcfcbe3c2e --- /dev/null +++ b/english/security/2020/dsa-4791.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4791-1 pacemaker</define-tag> +<define-tag report_date>2020-11-13</define-tag> +<define-tag secrefs>CVE-2020-25654 Bug#973254</define-tag> +<define-tag packages>pacemaker</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4791.wml b/english/security/2020/dsa-4791.wml new file mode 100644 index 00000000000..e703cc1cdf3 --- /dev/null +++ b/english/security/2020/dsa-4791.wml @@ -0,0 +1,27 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Ken Gaillot discovered a vulnerability in the Pacemaker cluster +resource manager: If ACLs were configured for users in the <q>haclient</q> +group, the ACL restrictions could be bypassed via unrestricted IPC +communication, resulting in cluster-wide arbitrary code execution with +root privileges.</p> + +<p>If the <q>enable-acl</q> cluster option isn't enabled, members of the +<q>haclient</q> group can modify Pacemaker's Cluster Information Base without +restriction, which already gives them these capabilities, so there is +no additional exposure in such a setup.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 2.0.1-5+deb10u1.</p> + +<p>We recommend that you upgrade your pacemaker packages.</p> + +<p>For the detailed security status of pacemaker please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/pacemaker">\ +https://security-tracker.debian.org/tracker/pacemaker</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4791.data" +# $Id: $ diff --git a/english/security/2020/dsa-4792.data b/english/security/2020/dsa-4792.data new file mode 100644 index 00000000000..155935751b6 --- /dev/null +++ b/english/security/2020/dsa-4792.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4792-1 openldap</define-tag> +<define-tag report_date>2020-11-17</define-tag> +<define-tag secrefs>CVE-2020-25709 CVE-2020-25710</define-tag> +<define-tag packages>openldap</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4792.wml b/english/security/2020/dsa-4792.wml new file mode 100644 index 00000000000..601ec5f4da9 --- /dev/null +++ b/english/security/2020/dsa-4792.wml @@ -0,0 +1,23 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Two vulnerabilities in the certificate list syntax verification and +in the handling of CSN normalization were discovered in OpenLDAP, a +free implementation of the Lightweight Directory Access Protocol. +An unauthenticated remote attacker can take advantage of these +flaws to cause a denial of service (slapd daemon crash) via +specially crafted packets.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 2.4.47+dfsg-3+deb10u4.</p> + +<p>We recommend that you upgrade your openldap packages.</p> + +<p>For the detailed security status of openldap please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/openldap">\ +https://security-tracker.debian.org/tracker/openldap</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4792.data" +# $Id: $ diff --git a/english/security/2020/dsa-4793.data b/english/security/2020/dsa-4793.data new file mode 100644 index 00000000000..c0ffecbb2d0 --- /dev/null +++ b/english/security/2020/dsa-4793.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4793-1 firefox-esr</define-tag> +<define-tag report_date>2020-11-18</define-tag> +<define-tag secrefs>CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968</define-tag> +<define-tag packages>firefox-esr</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4793.wml b/english/security/2020/dsa-4793.wml new file mode 100644 index 00000000000..74b18efa93d --- /dev/null +++ b/english/security/2020/dsa-4793.wml @@ -0,0 +1,21 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Multiple security issues have been found in the Mozilla Firefox web +browser, which could potentially result in the execution of arbitrary +code, information disclosure, phishing, cross-site scripting or a DNS +rebinding attack.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 78.5.0esr-1~deb10u1.</p> + +<p>We recommend that you upgrade your firefox-esr packages.</p> + +<p>For the detailed security status of firefox-esr please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/firefox-esr">\ +https://security-tracker.debian.org/tracker/firefox-esr</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4793.data" +# $Id: $ diff --git a/english/security/2020/dsa-4794.data b/english/security/2020/dsa-4794.data new file mode 100644 index 00000000000..988d3728ac2 --- /dev/null +++ b/english/security/2020/dsa-4794.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4794-1 mupdf</define-tag> +<define-tag report_date>2020-11-21</define-tag> +<define-tag secrefs>CVE-2020-26519 Bug#971595</define-tag> +<define-tag packages>mupdf</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4794.wml b/english/security/2020/dsa-4794.wml new file mode 100644 index 00000000000..f9fdd1c5855 --- /dev/null +++ b/english/security/2020/dsa-4794.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>A heap-based buffer overflow flaw was discovered in MuPDF, a lightweight +PDF viewer, which may result in denial of service or the execution of +arbitrary code if malformed documents are opened.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 1.14.0+ds1-4+deb10u2.</p> + +<p>We recommend that you upgrade your mupdf packages.</p> + +<p>For the detailed security status of mupdf please refer to its security +tracker page at: +<a href="https://security-tracker.debian.org/tracker/mupdf">https://security-tracker.debian.org/tracker/mupdf</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4794.data" +# $Id: $ diff --git a/english/security/2020/dsa-4795.data b/english/security/2020/dsa-4795.data new file mode 100644 index 00000000000..cc1be4c287d --- /dev/null +++ b/english/security/2020/dsa-4795.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4795-1 krb5</define-tag> +<define-tag report_date>2020-11-21</define-tag> +<define-tag secrefs>CVE-2020-28196</define-tag> +<define-tag packages>krb5</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4795.wml b/english/security/2020/dsa-4795.wml new file mode 100644 index 00000000000..fcbc3cfbe0a --- /dev/null +++ b/english/security/2020/dsa-4795.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Demi Obeneour discovered that unbounded recursion in the ASN1 parser +of libkrb5 could result in denial of service.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 1.17-3+deb10u1.</p> + +<p>We recommend that you upgrade your krb5 packages.</p> + +<p>For the detailed security status of krb5 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/krb5">\ +https://security-tracker.debian.org/tracker/krb5</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4795.data" +# $Id: $ diff --git a/english/security/2020/dsa-4796.data b/english/security/2020/dsa-4796.data new file mode 100644 index 00000000000..10803f47d26 --- /dev/null +++ b/english/security/2020/dsa-4796.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4796-1 thunderbird</define-tag> +<define-tag report_date>2020-11-21</define-tag> +<define-tag secrefs>CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968</define-tag> +<define-tag packages>thunderbird</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4796.wml b/english/security/2020/dsa-4796.wml new file mode 100644 index 00000000000..13ff5b6be37 --- /dev/null +++ b/english/security/2020/dsa-4796.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Multiple security issues have been found in Thunderbird, which may lead +to the execution of arbitrary code or denial of service.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 1:78.5.0-1~deb10u1.</p> + +<p>We recommend that you upgrade your thunderbird packages.</p> + +<p>For the detailed security status of thunderbird please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/thunderbird">\ +https://security-tracker.debian.org/tracker/thunderbird</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4796.data" +# $Id: $ diff --git a/english/security/2020/dsa-4797.data b/english/security/2020/dsa-4797.data new file mode 100644 index 00000000000..f5835d2933e --- /dev/null +++ b/english/security/2020/dsa-4797.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4797-1 webkit2gtk</define-tag> +<define-tag report_date>2020-11-23</define-tag> +<define-tag secrefs>CVE-2020-9948 CVE-2020-9951 CVE-2020-9983 CVE-2020-13584</define-tag> +<define-tag packages>webkit2gtk</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4797.wml b/english/security/2020/dsa-4797.wml new file mode 100644 index 00000000000..3c4d045b105 --- /dev/null +++ b/english/security/2020/dsa-4797.wml @@ -0,0 +1,43 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>The following vulnerabilities have been discovered in the webkit2gtk +web engine:</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-9948">CVE-2020-9948</a> + + <p>Brendan Draper discovered that processing maliciously crafted web + content may lead to arbitrary code execution.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-9951">CVE-2020-9951</a> + + <p>Marcin Noga discovered that processing maliciously crafted web + content may lead to arbitrary code execution.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-9983">CVE-2020-9983</a> + + <p>zhunki discovered that processing maliciously crafted web content + may lead to code execution.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-13584">CVE-2020-13584</a> + + <p>Cisco discovered that processing maliciously crafted web content + may lead to arbitrary code execution.</p></li> + +</ul> + +<p>For the stable distribution (buster), these problems have been fixed in +version 2.30.3-1~deb10u1.</p> + +<p>We recommend that you upgrade your webkit2gtk packages.</p> + +<p>For the detailed security status of webkit2gtk please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/webkit2gtk">\ +https://security-tracker.debian.org/tracker/webkit2gtk</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4797.data" +# $Id: $ diff --git a/english/security/2020/dsa-4798.data b/english/security/2020/dsa-4798.data new file mode 100644 index 00000000000..aed254c14c4 --- /dev/null +++ b/english/security/2020/dsa-4798.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4798-1 spip</define-tag> +<define-tag report_date>2020-11-25</define-tag> +<define-tag secrefs>CVE-2020-28984</define-tag> +<define-tag packages>spip</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4798.wml b/english/security/2020/dsa-4798.wml new file mode 100644 index 00000000000..3c352d9554e --- /dev/null +++ b/english/security/2020/dsa-4798.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>It was discovered that SPIP, a website engine for publishing, did not +correctly validate its input. This would allow authenticated users to +execute arbitrary code.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 3.2.4-1+deb10u3.</p> + +<p>We recommend that you upgrade your spip packages.</p> + +<p>For the detailed security status of spip please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/spip">\ +https://security-tracker.debian.org/tracker/spip</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4798.data" +# $Id: $ diff --git a/english/security/2020/dsa-4799.data b/english/security/2020/dsa-4799.data new file mode 100644 index 00000000000..f1b8a24ac71 --- /dev/null +++ b/english/security/2020/dsa-4799.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4799-1 x11vnc</define-tag> +<define-tag report_date>2020-11-28</define-tag> +<define-tag secrefs>CVE-2020-29074 Bug#975875</define-tag> +<define-tag packages>x11vnc</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4799.wml b/english/security/2020/dsa-4799.wml new file mode 100644 index 00000000000..7d2b85d9f1f --- /dev/null +++ b/english/security/2020/dsa-4799.wml @@ -0,0 +1,21 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Guenal Davalan reported a flaw in x11vnc, a VNC server to allow remote +access to an existing X session. x11vnc creates shared memory segments +with 0777 mode. A local attacker can take advantage of this flaw for +information disclosure, denial of service or interfering with the VNC +session of another user on the host.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 0.9.13-6+deb10u1.</p> + +<p>We recommend that you upgrade your x11vnc packages.</p> + +<p>For the detailed security status of x11vnc please refer to its security +tracker page at: +<a href="https://security-tracker.debian.org/tracker/x11vnc">https://security-tracker.debian.org/tracker/x11vnc</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4799.data" +# $Id: $ diff --git a/english/security/2020/dsa-4800.data b/english/security/2020/dsa-4800.data new file mode 100644 index 00000000000..3ccfcbbd820 --- /dev/null +++ b/english/security/2020/dsa-4800.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4800-1 libproxy</define-tag> +<define-tag report_date>2020-11-28</define-tag> +<define-tag secrefs>CVE-2020-25219 CVE-2020-26154 Bug#968366 Bug#971394</define-tag> +<define-tag packages>libproxy</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4800.wml b/english/security/2020/dsa-4800.wml new file mode 100644 index 00000000000..9168fe7c9c2 --- /dev/null +++ b/english/security/2020/dsa-4800.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Two vulnerabilities were discovered in libproxy, an automatic proxy +configuration management library, which could result in denial of +service, or possibly, execution of arbitrary code.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 0.4.15-5+deb10u1.</p> + +<p>We recommend that you upgrade your libproxy packages.</p> + +<p>For the detailed security status of libproxy please refer to its +security tracker page at: +<a href="https://security-tracker.debian.org/tracker/libproxy">https://security-tracker.debian.org/tracker/libproxy</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4800.data" +# $Id: $ diff --git a/english/security/2020/dsa-4801.data b/english/security/2020/dsa-4801.data new file mode 100644 index 00000000000..6d80bb0fee0 --- /dev/null +++ b/english/security/2020/dsa-4801.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4801-1 brotli</define-tag> +<define-tag report_date>2020-12-01</define-tag> +<define-tag secrefs>CVE-2020-8927</define-tag> +<define-tag packages>brotli</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4801.wml b/english/security/2020/dsa-4801.wml new file mode 100644 index 00000000000..b369cf0f6e7 --- /dev/null +++ b/english/security/2020/dsa-4801.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>A buffer overflow was discovered in Brotli, a generic-purpose lossless +compression suite.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 1.0.7-2+deb10u1.</p> + +<p>We recommend that you upgrade your brotli packages.</p> + +<p>For the detailed security status of brotli please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/brotli">\ +https://security-tracker.debian.org/tracker/brotli</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4801.data" +# $Id: $ diff --git a/english/security/2020/dsa-4802.data b/english/security/2020/dsa-4802.data new file mode 100644 index 00000000000..965b5e1a874 --- /dev/null +++ b/english/security/2020/dsa-4802.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4802-1 thunderbird</define-tag> +<define-tag report_date>2020-12-03</define-tag> +<define-tag secrefs>CVE-2020-26970</define-tag> +<define-tag packages>thunderbird</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4802.wml b/english/security/2020/dsa-4802.wml new file mode 100644 index 00000000000..282e7056593 --- /dev/null +++ b/english/security/2020/dsa-4802.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Chiaki Ishikawa discovered a stack overflow in SMTP server status +handling which could potentially result in the execution of arbitrary +code.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 1:78.5.1-1~deb10u1.</p> + +<p>We recommend that you upgrade your thunderbird packages.</p> + +<p>For the detailed security status of thunderbird please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/thunderbird">\ +https://security-tracker.debian.org/tracker/thunderbird</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4802.data" +# $Id: $ diff --git a/english/security/2020/dsa-4803.data b/english/security/2020/dsa-4803.data new file mode 100644 index 00000000000..d6bcdde7733 --- /dev/null +++ b/english/security/2020/dsa-4803.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4803-1 xorg-server</define-tag> +<define-tag report_date>2020-12-04</define-tag> +<define-tag secrefs>CVE-2020-14360 CVE-2020-25712</define-tag> +<define-tag packages>xorg-server</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4803.wml b/english/security/2020/dsa-4803.wml new file mode 100644 index 00000000000..0c24cc654fc --- /dev/null +++ b/english/security/2020/dsa-4803.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Jan-Niklas Sohn discovered that the XKB extension of the Xorg X server +performed incomplete input validation, which could result in privilege +escalation.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 2:1.20.4-1+deb10u2.</p> + +<p>We recommend that you upgrade your xorg-server packages.</p> + +<p>For the detailed security status of xorg-server please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/xorg-server">\ +https://security-tracker.debian.org/tracker/xorg-server</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4803.data" +# $Id: $ diff --git a/english/security/2020/dsa-4804.data b/english/security/2020/dsa-4804.data new file mode 100644 index 00000000000..b5d01374cf9 --- /dev/null +++ b/english/security/2020/dsa-4804.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4804-1 xen</define-tag> +<define-tag report_date>2020-12-04</define-tag> +<define-tag secrefs>CVE-2020-27670 CVE-2020-27671 CVE-2020-27672 CVE-2020-27674 CVE-2020-28368</define-tag> +<define-tag packages>xen</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4804.wml b/english/security/2020/dsa-4804.wml new file mode 100644 index 00000000000..8670e4c0154 --- /dev/null +++ b/english/security/2020/dsa-4804.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Multiple vulnerabilities have been discovered in the Xen hypervisor, +which could result in denial of service, privilege escalation or +information leaks.</p> + +<p>For the stable distribution (buster), these problems have been fixed in +version 4.11.4+57-g41a822c392-1.</p> + +<p>We recommend that you upgrade your xen packages.</p> + +<p>For the detailed security status of xen please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/xen">\ +https://security-tracker.debian.org/tracker/xen</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4804.data" +# $Id: $ diff --git a/english/sitemap.wml b/english/sitemap.wml index 956f094f7ab..8c6e4d0f687 100644 --- a/english/sitemap.wml +++ b/english/sitemap.wml @@ -272,7 +272,6 @@ sub title_of { <li><linkto "devel/debian-med/"> <li><linkto "https://wiki.debian.org/DebianEdu"> <li><linkto "devel/debian-desktop/"> - <li><linkto "devel/debian-lex/"> <li><linkto "devel/debian-accessibility/"> </ul> diff --git a/english/template/debian/cdimage.wml b/english/template/debian/cdimage.wml index eebfecaaf0a..c268a65404d 100644 --- a/english/template/debian/cdimage.wml +++ b/english/template/debian/cdimage.wml @@ -45,9 +45,6 @@ <define-tag dc_torrent whitespace=delete> <gettext domain="cdimage"><void id="dc_torrent" />Download with Torrent</gettext> </define-tag> -<define-tag dc_relinfo whitespace=delete> - <gettext domain="cdimage"><void id="dc_relinfo" />Image Release Info</gettext> -</define-tag> <define-tag debian-cd-team whitespace=delete> <gettext domain="cdimage">Debian CD team</gettext> </define-tag> @@ -118,7 +115,6 @@ <ul> <li><a href="$(HOME)/CD/artwork/"><dc_artwork/></a></li> <li><a href="$(HOME)/CD/mirroring/"><dc_mirroring/></a></li> - <li><a href="$(HOME)/CD/releases/"><dc_relinfo/></a></li> </ul> </li> </ul> diff --git a/english/template/debian/countries.wml b/english/template/debian/countries.wml index c9b39cd24d9..405de98440b 100644 --- a/english/template/debian/countries.wml +++ b/english/template/debian/countries.wml @@ -266,6 +266,9 @@ EOT <define-country code="KG"> <gettext domain="countries">Kyrgyzstan</gettext> </define-country> +<define-country code="KH"> + <gettext domain="countries">Cambodia</gettext> +</define-country> <define-country code="KR"> <gettext domain="countries">Korea</gettext> </define-country> diff --git a/english/template/debian/projectnews/boilerplates.wml b/english/template/debian/projectnews/boilerplates.wml index 458f0df96a4..5fbcc488093 100644 --- a/english/template/debian/projectnews/boilerplates.wml +++ b/english/template/debian/projectnews/boilerplates.wml @@ -36,6 +36,19 @@ <restore issue /> </define-tag> +<bind-gettext-domain domain="newsevents" /> +<define-tag shortintro> +<preserve issue /> +<set-var %attributes /> +<p><gettext domain="newsevents">Welcome to this year's <get-var issue /> issue of DPN, the newsletter for the Debian community.</gettext></p> +<restore issue /> +</define-tag> + +<bind-gettext-domain domain="newsevents" /> +<define-tag introtoc> +<p><gettext domain="newsevents">Other topics covered in this issue include:</gettext></p> +</define-tag> + ## rc-paragraph. We have three different vars: # release: is the codename for the current testing # testing: is the number of bugs as defined by this UDD query → diff --git a/english/template/debian/recent_list.wml b/english/template/debian/recent_list.wml index 49f76abeb50..833d33da066 100644 --- a/english/template/debian/recent_list.wml +++ b/english/template/debian/recent_list.wml @@ -353,18 +353,19 @@ sub grab_titles { $rdate = newsdate($hdate); @rdate = map( newsdate($_), @hdate ); @isodate = map( sprintf("%04d-%02d-%02d", split '-', $_), @hdate ); - $title =~ s/(DSA-\d{3,})-\d{1}/$1/; # strip off the revision in the DSA number + $title =~ s/(D[SL]A-\d{3,})-\d{1}/$1/; # strip off the revision in the DSA/DLA number # we need absolute paths for rdf (my $rdfbase = $base) =~ s/^security\///; + my $prefix = '/lts' if $eng_dir =~ /\/lts\//; if ($format =~ /\brdf\b/) { foreach (@isodate) { push @str1, "\n" ."<item rdf:about=\"https://www.debian.org" - ."/security/$rdfbase\">\n" + ."$prefix/security/$rdfbase\">\n" ." <title>$title</title>\n" - ." <link>https://www.debian.org/" - ."security/$rdfbase</link>\n" + ." <link>https://www.debian.org" + ."$prefix/security/$rdfbase</link>\n" ." <description>\n" ." $desc\n" ." </description>\n" @@ -391,10 +392,10 @@ sub grab_titles { { push @str1, "\n" ."<item rdf:about=\"https://www.debian.org" - ."/security/$rdfbase\">\n" + ."$prefix/security/$rdfbase\">\n" ." <title>$title - $desc</title>\n" ." <link>https://www.debian.org" - ."/security/$rdfbase</link>\n" + ."$prefix/security/$rdfbase</link>\n" ." <description>\n" ." $moreinfo\n" ." </description>\n" @@ -407,7 +408,7 @@ sub grab_titles { { <protect pass=2> push @str1, "<rdf:li resource=\"https://www.debian.org" - ."/security/$rdfbase\" />\n"; + ."$prefix/security/$rdfbase\" />\n"; </protect> } $str1 = $str1[0]; diff --git a/english/template/debian/release_info.wml b/english/template/debian/release_info.wml index ce32b69b42e..fef908898cb 100644 --- a/english/template/debian/release_info.wml +++ b/english/template/debian/release_info.wml @@ -51,8 +51,8 @@ <define-tag current_release_stretch>9.13</define-tag> <define-tag current_release_date_stretch><:=spokendate('2020-07-18'):></define-tag> <define-tag current_release_newsurl_stretch>2020/20200718</define-tag> -<define-tag current_release_buster>10.6</define-tag> -<define-tag current_release_date_buster><:=spokendate('2020-09-26'):></define-tag> +<define-tag current_release_buster>10.7</define-tag> +<define-tag current_release_date_buster><:=spokendate('2020-12-05'):></define-tag> <define-tag current_release_newsurl_buster>2020/20200926</define-tag> <define-tag current_release_bullseye>11.0</define-tag> <define-tag current_release_date_bullseye>TBA</define-tag> @@ -64,7 +64,7 @@ <define-tag current_release_short><: $f = "<current_release/>"; $f =~ s/r\d+$//; $f =~ s/^(\d\.\d)\.\d$/$1/; print $f :></define-tag> -<define-tag current-cd-release>10.6.0</define-tag> +<define-tag current-cd-release>10.7.0</define-tag> <define-tag current-cd-release-dirname>current</define-tag> # netinst and buisnesscard name <define-tag current-tiny-cd-release-filename><current-cd-release/></define-tag> |
