[SECURITY] [DLA 1801-1] zookeeper security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1801-1] zookeeper security update
From: "Chris Lamb" <lamby@debian.org>
Date: Fri, 24 May 2019 09:07:01 +0100
Message-id: <[🔎] dbad1450-92c0-42b4-ac99-ad47290aa524@www.fastmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : zookeeper
Version        : 3.4.9-3+deb8u2
CVE ID         : CVE-2019-0201
Debian Bug     : #929283

It was discovered that there was an information disclosure
vulnerability in zookeeper, a distributed co-ordination server.
Users who were not authorised to read data were able to view the
access control list.

For Debian 8 "Jessie", this issue has been fixed in zookeeper version
3.4.9-3+deb8u2.

We recommend that you upgrade your zookeeper packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlznpesACgkQHpU+J9Qx
HljDZBAAnkcvRRXeoKBIwobVEv75OPEb42ucpzi57nZiBMRvKlqgv35UBGYTusQ0
THTNVZnUICKBGqMi3NIVUzBHRU/zSS6pIJ+SKfHvdZR9bBoLownx6iVxUAuzL7lw
tKaJVW5S/1OzzWbRk6yH1jB2MXVyCR5srSANKMsmEpDH9tZMuDgmiHVIOo/pkto4
SvrTM/ekLXXYYqS/kKHgO55PYpg3LtUAJscXX3M26he9PnCDNpOJRR5GREvTz3cw
Ne5tWVAqkOCrZCRFZ+zoOHV89wI/CKissptNa276GWH0c+kLQxYqmJnxzSAlYhnS
v1sgc/4aDjv27h3NXzU+YMIDWmOWQzVtbjKw46HJbMpIacIHob6zWgBWLbBs4Ty/
uwLR7+MKY3NPODeWTasrbIaQsxVU9UhPnJ5K13+ldfUSqsooBK0gUYhs+zUXiWIk
8fQGQzJzHeVoXc6+MB89LfGjSMOArMnS+77DcVkI7tuPfmgXr7r9t8FFetjzHfkV
/P+PPW17auWKGzRF0viCEcI5AJMlPWviWdQl8vG1NBnvWFhO/fJ6dkG3xaC8XZ6z
e3TNMRlzqNlZvZpznu/FGbH95/wn7MEiDJvR0PsMTQFEK71EkwnmmupQNw1FutUF
WPtG/sNknIpSYBkdBmYLVtM5M4ciiqLRtWnDOzw4IfwD0dh3HeU=
=2iUZ
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1800-1] firefox-esr security update
Next by Date: [SECURITY] [DLA 1802-1] wireshark security update
Previous by thread: [SECURITY] [DLA 1800-1] firefox-esr security update
Next by thread: [SECURITY] [DLA 1802-1] wireshark security update
Index(es):
- Date
- Thread