[SECURITY] [DLA 2566-1] libbsd security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2566-1] libbsd security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Thu, 18 Feb 2021 22:37:39 +0000 (UTC)
Message-id: <[🔎] alpine.DEB.2.21.2102182236460.24624@postfach.intern.alteholz.me>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2566-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
February 18, 2021                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libbsd
Version        : 0.8.3-1+deb9u1
CVE ID         : CVE-2019-20367

An issue has been found in libbsd, a library with utility functions fromBSD systems.A non-NUL terminated symbol name in the string table might result in anout-of-bounds read.



For Debian 9 stretch, this problem has been fixed in version
0.8.3-1+deb9u1.

We recommend that you upgrade your libbsd packages.

For the detailed security status of libbsd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libbsd

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmAu7DNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEeAng/+Jf4wHWSc4KaF96kt3rkKPMYJoUgQFUL26ku8C2IMqMO6A6mUeSFUx1Cr
sL0rv7xUSvDDjdaoYbMqNjgo/lhzpwHQnkjYTPN93owVvsNQCEhUAVlvEPYsjrhZ
qkTWx5JBNWa0W1ptC3Ui1npkcVZQZ104MqgfqIs0ZQYGaGNghfE8WqiDSa6xh/bV
Kz1I6OjKBi/HOJDb4Hwok8TQI3alvS2I9DkIBi+d2EyPVeRBi/EY2i6SNHVWvTfP
AqDhzErKk4LI+urK+h6TmG/tXoTBCBEEimEx5dWFnEHrUdXFRtPMuADv8ErB/FXg
23BU751nauRYJyOiSUQ/GtCwO/T46xlSntwZTuNtlgelGfV0pI3IK/EjA78nEy4M
4cDiPaMKmJ+o0PaeL3paWVliPAw+k3M17iizxEufXzaSFRX/Y0K0SZJP2Vj5Pvzd
/iOFGFglI41UWp9nWtFd1ZuTGLGeCQwGTELsw9nx7FcFXClvKA4OKade4ehkxz8I
aGjuPBaj5pg+YQf/Zh5BUCYUBk6rOWgGzVSxKjU71QasM/+6E0N/y8+Z1esM82Co
SI4sFNStvi5L4tYWQ8D+HOvY5JWkLhbrI/H8BGux4PKROV8C4jp8qD26HDrZDn+J
nisrxN92376eo3K4R2nJ4VTRC1iTspX1FiNkOBLv7P9TdYv6IA0=
=v2/0
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2567-1] unrar-free security update
Next by Date: [SECURITY] [DLA 2564-1] php-horde-text-filter security update
Previous by thread: [SECURITY] [DLA 2567-1] unrar-free security update
Next by thread: [SECURITY] [DLA 2564-1] php-horde-text-filter security update
Index(es):
- Date
- Thread