apticron report [Tue, 07 Apr 2020 13:49:09 +0200] ======================================================================== apticron has detected that some packages need upgrading on: nonagon.federez.net [ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ] The following packages are currently pending an upgrade: libgnutls30 3.6.7-4+deb10u3 libgnutls-openssl27 3.6.7-4+deb10u3 libicu63 63.1-6+deb10u1 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour gnutls28 (libgnutls30 libgnutls-openssl27) --- gnutls28 (3.6.7-4+deb10u3) buster-security; urgency=high * Non-maintainer upload by the Security Team. * GNUTLS-SA-2020-03-31: dtls client hello: fix zeroed random (CVE-2020-11501) Fix a DTLS-protocol regression (caused by TLS1.3 support), since 3.6.3. The DTLS client would not contribute any randomness to the DTLS negotiation, breaking the security guarantees of the DTLS protocol. (Closes: #955556) -- Salvatore Bonaccorso <carnil(a)debian.org> Fri, 03 Apr 2020 21:31:50 +0200 --- Modifications pour icu (libicu63) --- icu (63.1-6+deb10u1) buster-security; urgency=high * Backport upstream security fix for CVE-2020-10531: SEGV_MAPERR in UnicodeString::doAppend() (closes: #953747). -- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Fri, 13 Mar 2020 18:49:33 +0000 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on nonagon.federez.net -- apticron