[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Stretch openstack image updated to version 9.0.3-20170703

Just released, including security updates:


Updates in 3 source package(s), 6 binary package(s):

  Source libgcrypt20, binaries: libgcrypt20:amd64 libgcrypt20:arm64  
  libgcrypt20 (1.7.6-2+deb9u1) stretch-security; urgency=high
    * 31_CVE-2017-752*.patch from upstream 1.7.8 release: Mitigate a
      flush+reload side-channel attack on RSA secret keys dubbed "Sliding right
      into disaster". For details see <https://eprint.iacr.org/2017/627>.

  Source linux, binaries: linux-image-4.9.0-3-amd64:amd64 linux-image-4.9.0-3-arm64:arm64  
  linux (4.9.30-2+deb9u2) stretch-security; urgency=high
    * Revert changes in version 4.9.30-2+deb9u1 (Closes: #865303)
    * mm: larger stack guard gap, between vmas (CVE-2017-1000364)
    * mm: fix new crash in unmapped_area_topdown()

  Source expat, binaries: libexpat1:amd64 libexpat1:arm64
  expat (2.2.0-2+deb9u1) stretch-security; urgency=high
    * Replace the Mozilla CVE-2016-9063 fix with the more complete, upstream
    * Fix CVE-2017-9233: external entity infinite loop DoS.
-- Steve McIntyre <93sam@debian.org>  Mon, 03 Jul 2017 19:11:24 +0100

Steve McIntyre, Cambridge, UK.                                steve@einval.com
  Mature Sporty Personal
  More Innovation More Adult
  A Man in Dandism
  Powered Midship Specialty

Attachment: signature.asc
Description: PGP signature

Reply to: