apticron report [Mon, 28 Oct 2019 12:49:09 +0100] ======================================================================== apticron has detected that some packages need upgrading on: nonagon.federez.net [ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ] The following packages are currently pending an upgrade: apache2 2.4.25-3+deb9u9 apache2-bin 2.4.25-3+deb9u9 apache2-data 2.4.25-3+deb9u9 apache2-utils 2.4.25-3+deb9u9 file 1:5.30-1+deb9u3 libmagic1 1:5.30-1+deb9u3 libmagic-mgc 1:5.30-1+deb9u3 libssl1.1 1.1.1d-0+deb10u2 libssl-dev 1.1.1d-0+deb10u2 python3-acme 0.28.0-1~deb9u2 sudo 1.8.19p1-2.1+deb9u1 tcpdump 4.9.3-1~deb9u1 ======================================================================== Package Details: apt-listchanges : Lecture des fichiers de modifications (« changelog »)... apt-listchanges : journaux des modifications (« changelogs ») ------------------------------------------------------------- --- Modifications pour file (file libmagic1 libmagic-mgc) --- file (1:5.30-1+deb9u3) stretch-security; urgency=high * Cherry-pick commit to restrict the number of CDF_VECTOR elements. Closes: #942830 [CVE-2019-18218] -- Christoph Biedl <debian.axhn(a)manchmal.in-ulm.de> Tue, 22 Oct 2019 22:20:07 +0200 --- Modifications pour sudo --- sudo (1.8.19p1-2.1+deb9u1) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * Treat an ID of -1 as invalid since that means "no change" (CVE-2019-14287) * Fix test failure in plugins/sudoers/regress/testsudoers/test5.sh -- Salvatore Bonaccorso <carnil(a)debian.org> Sat, 12 Oct 2019 16:20:21 +0200 --- Modifications pour tcpdump --- tcpdump (4.9.3-1~deb9u1) stretch-security; urgency=high * New upstream release, with fixes for 24 different CVEs (closes: #941698). This is an upstream update on top of the 4.9.2-1~deb9u1 package. * Disable tests that require a newer libpcap version. -- Romain Francoise <rfrancoise(a)debian.org> Sat, 19 Oct 2019 17:18:00 +0200 --- Modifications pour apache2 (apache2 apache2-bin apache2-data apache2-utils) --- apache2 (2.4.25-3+deb9u9) stretch-security; urgency=medium [ Xavier Guimard ] * Use correct patch for CVE-2019-10092. This fixes a regression in mod_proxy_balancer (Closes: #941202) -- Stefan Fritsch <sf(a)debian.org> Sun, 13 Oct 2019 17:43:54 +0200 --- Modifications pour openssl (libssl1.1 libssl-dev) --- openssl (1.1.1d-0+deb10u2) buster-security; urgency=medium * Reenable AES-CBC-HMAC-SHA ciphers (Closes: #941987). -- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Sat, 12 Oct 2019 21:56:43 +0200 --- Modifications pour python-acme (python3-acme) --- python-acme (0.28.0-1~deb9u2) stretch; urgency=medium * This stretch update is to switch to using a POST-as-GET protocol before the November 1, 2019 deadline when Let's Encrypt will begin refusing requests using the (old) GET protocol. (Closes: #932248) -- Harlan Lieberman-Berg <hlieberman(a)debian.org> Wed, 31 Jul 2019 22:26:45 -0400 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on nonagon.federez.net -- apticron