[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2762-1] grilo security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2762-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
September 22, 2021                            https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : grilo
Version        : 0.3.2-2+deb9u1
CVE ID         : CVE-2021-39365


An issue has been found in grilo, a framework for discovering and browsing media. Due to missing TLS certificate verification, users are vulnerable to network MITM attacks.


For Debian 9 stretch, this problem has been fixed in version
0.3.2-2+deb9u1.

We recommend that you upgrade your grilo packages.

For the detailed security status of grilo please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/grilo

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmFKV3dfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEdmeRAAlbiqx0HW+AUlC1r509FSDWRqSCoMpNCB2q8RqlRiBe0nFywk62iqCRof
OBWJcAyZvHjnp0DTdtYI7gDjuGe+6taQYYLLRLIQl+TomH88y9cIEgQ1r5EJUIyy
AZLHxVtbxft3pdKe/yv3/fZoe1xliLO6mepq9+mzfrECJnK6Vfum8lvHua5PtTtD
Ffywdfkb16SVHucTmAsAHPGPPd4NRuApNAx2OUrSApMt3h/SnfaEWd0fVxrckLHF
fjVx8iqOt6TdnJWllJx/9A6HiVcjXdo6Epmbtd6u9IhEWtOfoj3s5o5ZptmSCcYi
mE0Sl9osVBWraPPFBVaGt6vKJ2wWIzhQgwUkN+Uw+EkiMkAfOHLAougUNJBTrgAf
42I0MiaQjVgZo7yURfr/6t9ZxWoYx2ndLbMMeF93egyyq9d2kiTJM+7Uv3rPRj9t
2uS8C0thL4mqNpVIyKvZ5PN3ZlMhJxMd1RUBpf19W2xpJmKMoTLxf9VvMChFyvL1
XTYZC35afhzSWVIVn//vn+uEVMLHY6q9h8Y1DtHnmtQgdEpClatWAFKYb4lUFD8M
8cYG9f3isG6Y6DCch47iJnAg/kb6mnYa/2WTKNzI33Cf0Ts0yNueGNVKiGVXKwpt
u5YP1cnvuJyXF0i1+AkfltZlK4s4TfNDP5a7yHbWo+3IV7sNhZ8=
=glxU
-----END PGP SIGNATURE-----


Reply to: