Just released, including security updates. 9.4.2-20180330 Updates in 3 source package(s), 18 binary package(s): Source openssl, binaries: libssl1.1:amd64 openssl:amd64 libssl1.1:arm64 openssl:arm64 openssl (1.1.0f-3+deb9u2) stretch-security; urgency=high * CVE-2017-3738 (rsaz_1024_mul_avx2 overflow bug on x86_64) * CVE-2018-0733 (Incorrect CRYPTO_memcmp on HP-UX PA-RISC) * CVE-2018-0739 (Constructed ASN.1 types with a recursive definition could exceed the stack) * Add patches to pass the testsuite: - Fix-a-Proxy-race-condition.patch - Fix-race-condition-in-TLSProxy.patch Source systemd, binaries: libpam-systemd:amd64 libsystemd0:amd64 libudev1:amd64 systemd:amd64 systemd-sysv:amd64 udev:amd64 libpam-systemd:arm64 libsystemd0:arm64 libudev1:arm64 systemd:arm64 systemd-sysv:arm64 udev:arm64 systemd (232-25+deb9u3) stretch; urgency=medium [ Cyril Brulebois ] * networkd-ndisc: Handle missing mtu gracefully. The previous upload made networkd respect the MTU field in IPv6 RA but unfortunately broke setups where there's no such field. (Closes: #892794) Source openssl1.0, binaries: libssl1.0.2:amd64 libssl1.0.2:arm64 openssl1.0 (1.0.2l-2+deb9u3) stretch-security; urgency=high * CVE-2018-0739 (Constructed ASN.1 types with a recursive definition could exceed the stack) https://cloud.debian.org/images/openstack/current-9/ -- Steve McIntyre, Cambridge, UK. steve@einval.com "We're the technical experts. We were hired so that management could ignore our recommendations and tell us how to do our jobs." -- Mike Andrews
Attachment:
signature.asc
Description: PGP signature