apticron report [Fri, 13 Dec 2019 12:49:12 +0100] ======================================================================== apticron has detected that some packages need upgrading on: nonagon.federez.net [ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ] The following packages are currently pending an upgrade: git 1:2.20.1-2+deb10u1 git-man 1:2.20.1-2+deb10u1 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour git (git git-man) --- git (1:2.20.1-2+deb10u1) buster-security; urgency=high * new upstream point release (see RelNotes/2.20.2.txt). * Addresses the security issues CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, and CVE-2019-1387. Credit for finding these vulnerabilities goes to Microsoft Security Response Center, in particular to Nicolas Joly. Fixes were provided by Jeff King and Johannes Schindelin with help from Garima Singh. * Addresses CVE-2019-19604, arbitrary code execution via the "update" field in .gitmodules. Credit for finding this vulnerability goes to Joern Schneeweisz from GitLab. -- Jonathan Nieder <jrnieder(a)gmail.com> Sun, 08 Dec 2019 22:56:16 -0800 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on nonagon.federez.net -- apticron