Just released, including security updates.
9.3.1-20171223
Updates in 2 source package(s), 4 binary package(s):
Source sensible-utils, binaries: sensible-utils:amd64 sensible-utils:arm64
sensible-utils (0.0.9+deb9u1) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
* Argument injection in sensible-browser (CVE-2017-17512)
Thanks to Gabriel Corona (Closes: #881767)
Source openssl1.0, binaries: libssl1.0.2:amd64 libssl1.0.2:arm64
openssl1.0 (1.0.2l-2+deb9u2) stretch-security; urgency=high
* CVE-2017-3737 (Read/write after SSL object in error state)
* Add a testcase for CVE-2017-3737
* CVE-2017-3738 (rsaz_1024_mul_avx2 overflow bug on x86_64)
https://cloud.debian.org/images/openstack/current-9/
--
Steve McIntyre, Cambridge, UK. steve@einval.com
"The problem with defending the purity of the English language is that
English is about as pure as a cribhouse whore. We don't just borrow words; on
occasion, English has pursued other languages down alleyways to beat them
unconscious and rifle their pockets for new vocabulary." -- James D. Nicoll
Attachment:
signature.asc
Description: PGP signature