[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2253-1] lynis security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : lynis
Version        : 1.6.3-1+deb8u1
CVE ID         : CVE-2019-13033
Debian Bug     : #963161

It was discovered that there was a vulnerability in lynis, a security
auditing tool. The license key could be obtained by simple
observation of the process list when a data upload is being
performed.

For Debian 8 "Jessie", this issue has been fixed in lynis version
1.6.3-1+deb8u1.

We recommend that you upgrade your lynis packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl7vbqUACgkQHpU+J9Qx
HlgZEQ/+J6SWspQEMeksJ8Fihw3Y4jL817/2tlwLX3R4JvkT0P+2ZWN4/NHVaH3v
cSW7XNYD+TLLxlkeX62IPPAOiZqex2ee/jXm4uh3crKGsTaROy2EmT9vAqluoULz
YkppGPY+wLiAq/YoN0jUT7Bry1g6MgD+oG6/bL6mEVOmodivwmJSBELxgI55OoGq
rHNcqYjCM5U9BQPFjrBWEcvpOYoZqm26ayHgP2JNLgJ491uomHl2FJfVWie3ZAP1
feg49QWLqCnkLfyoE5HtMyYdUiX34aGETM0BsUwElPypE1KzHdXxgfUJHdWvYcdv
SdzsMjsy5ar4m6a7bZaU7+Ywwrj/yCaAh4zZ/yCExwgtWAa/ad1VcRcnVYA3ke1F
9HuOFTL9ffuQaCMscDrx2LjtwyuYYuHHt4AeTkYcnOJ4FxUNLQePZ3YAnlHs0/C9
Vcrk+wmGRrJQljzPPQTMDFHk57EzY51bSNYNLVixQEUjq7hye+GyAMuvX/Xo4pzJ
3n21xRDKLMKnA+VqYWj7rekXtEsJjMuogZ3P5tkwp89VNALx8sfLuzCHD0bqxXRP
W/LjHicCcpG7sYlvolFTM5+BH9PiEyZVQ8NuC5wuNSWkgKQ74GMJJJ8t9Rn+u3Ml
H/vKKYzlY9Kvq1QmFpQ45FBq9smkXbeyakatQHTuBqwjDObyoVk=
=ZpjL
-----END PGP SIGNATURE-----
Reply to: