[Monitoring] 2 Debian package update(s) for nonagon.federez.net

apticron report [Fri, 17 Apr 2020 13:49:05 +0200] ======================================================================== apticron has detected that some packages need upgrading on: nonagon.federez.net [ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ] The following packages are currently pending an upgrade: git 1:2.20.1-2+deb10u2 git-man 1:2.20.1-2+deb10u2 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour git (git git-man) --- git (1:2.20.1-2+deb10u2) buster-security; urgency=high [ Salvatore Bonaccorso ] * new upstream point release (see RelNotes/2.20.3.txt). * Addresses the security issue CVE-2020-5260. With a crafted URL that contains a newline, the credential helper machinery can be fooled to supply credential information for the wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol. Thanks to Felix Wilhelm of Google Project Zero for finding this vulnerability and Jeff King for fixing it. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 12 Apr 2020 00:24:43 -0700 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on nonagon.federez.net -- apticron