[SECURITY] [DLA 882-1] tryton-server security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 882-1] tryton-server security update
From: Chris Lamb <lamby@debian.org>
Date: Tue, 04 Apr 2017 09:24:23 +0100
Message-id: <[🔎] 1491294263.4174499.933455376.297DCDCB@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : tryton-server
Version        : 2.2.4-1+deb7u4
CVE ID         : CVE-2017-0360

It was discovered that there was a path suffix injection attack in
tryton-server, a general purpose application platform.

For Debian 7 "Wheezy", this issue has been fixed in tryton-server version
2.2.4-1+deb7u4.

We recommend that you upgrade your tryton-server packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljjWBsACgkQHpU+J9Qx
HljHVA//ce8k1XU25AYAC70J5rmdK0psVSDUABO5P3nuLI02so2SuorQqvk/bDId
Lfr79IUaQVpPYdyccEwHiyNGbnJHLRZeJxS+F2JIExsfjvIMNqDrNwVjhwQpVlUL
LEFRaNnnz3q+UZCpYWy/D1bF+YRijrWmxvuLbbXhR8X8J7Rd7kY01H3f7ejHZSrT
OH2jMWuOHFjz9273+FMzbmztpHjOoAosooQk4Ndd3nMuqgtZWm1dg37djOUEY6/f
prZt20TwBIUUWwAKdJhIatmr2HabOBho6cj9MMO+RcDtIanlOBxauTt336Tua6on
BU7cP7JUPedFpnsuw00p0QCszbybfhNLzde059xuBB8gWAOK/sK6v2cap/bccQke
58+k625N3uVE5KP8xmEteKLyqi8SQ7anAMmRsx8LJfh6v7ErigPFWtne/K4R8GEK
AoRm70L/B2OfDPFvSpywgQSW42VSeass7ZExroELQHke3AlBzsZbx13GI0SSzHah
a2iynPTET5VmRQE2I712c2Z6QgXZ1Z77fUPRMqVPwFvQ8ylve5Izg5aEadg3EJ84
OmJSVeGArJaqvIa1NkUblG7fjWIE2YCBAxkVwcswa6hEjjsAJtnwpqh3youiDG+l
S1GfYDz6u0Idf3pYC0+xlzdKUQ7+WwIYPGkOvDiThC5r6/asGm4=
=K947
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 881-1] ejabberd security update
Next by Date: [SECURITY] [DLA 883-1] curl security update
Previous by thread: [SECURITY] [DLA 881-1] ejabberd security update
Next by thread: [SECURITY] [DLA 883-1] curl security update
Index(es):
- Date
- Thread