it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 4823-1] influxdb security update
- Date: Fri, 1 Jan 2021 18:47:55 +0000
- List-archive: https://lists.debian.org/msgid-search/20210101184755.GA31831 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=ONwUF0iepSJ8V458kZVL2/8ctkrGF+NaDkzgefd4GCE=; b=jJ EhEqsA0XuZVsQt3pYjVeaa/uN9Ys1ZzC40ASjjkdNvJ4MdOAAkeWhcsl3pVDpd9asGV6/9l6krO+a v8myVAwDZlG2eaKjqTpVS+YmsLsUeC2rG7rRF137/krYvwpb4nfBmEi97H03TXLdsyIQQHgwMM7W4 Wnk1kN8EV1US84zEqaq5+wGYGomwEL+QVfBvVGByRv3GLYmfKgMx/lgXG1INURecK/obwwalS+rpa 1QhL6t3sAvlIaCr7YGB3SG8yHjhlvBdIsubRd3hLkqBAaV6udtWHvqlTH3PgqcqQXR6NPnU+LdVMk yi8n+uGd/CjrFee6T+fwRODDqk1Pj4pg==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Fri, 1 Jan 2021 18:48:11 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <9WQtpoNed3E.A.9VF.r527fB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4823-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 01, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : influxdb
CVE ID : CVE-2019-20933
It was discovered that incorrect validation of JWT tokens in InfluxDB,
a time series, metrics, and analytics database, could result in
authentication bypass.
For the stable distribution (buster), this problem has been fixed in
version 1.6.4-1+deb10u1.
We recommend that you upgrade your influxdb packages.
For the detailed security status of influxdb please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/influxdb
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl/vbN4ACgkQEMKTtsN8
TjaxRw//e2Garai/wwzfO25MIwHl7+/dmd/4cJXF1fOUA97gwvkK3qd1UIq4vb4g
FBUQnhDtV3J94DVVK+EzZOnhtMNLoNES/RGrFpBCJZq0+UrtAEdEBXjo0xkipY+i
OzwWIO6TEPebWQ0BYdS5hPVRTsbpvoVG1wP2X9/vPxCR6aNQJxllbnGfoFBU8XxS
U9YSHJZJZTY71NyegdI3vUbIrRPlFvqxHNdGgKUwAxyIXpmJynIH8P//qgkCyuOG
hQ+xV2jUU4azVqk+5YvSX6nQ9mlZWAxv9VWqzoy87X5ee4kBZDHboEkyBo6nrzCH
TQeFJ8U3RDWJSXub4irS7Jrduq41tYSdDSSR89tjoTKnmSGpHLMr092L0z38a7i6
RqCN5TB9/xZoA1+01oIQ2s4SyweXwYuFZrJ+yKH/lH7hACpbxUWGbqCMgKrT0XXn
/SXk3TD6qkkXV7dUJVy1SNSTJZ3RYN2tdeRFBy1ekmkAKy6gc0izMsiTvFZ4+2WU
TkV7eYeH40r86Cvx3D2vmGLKxigGoNqzMtDVrqEQ2r4GWDgVIj4m6fMhHBLQHTY2
Qs088piCTYtATVcwOfc1QnpcDoB5glF2vBh9s5xbax0DgzN//VqBoezgzcuU2sxL
w4rC2Qfby0lVde1x3pjrt3xvXiu71xmow5FYCCk6F5KGkG/zQUk=
=nGsx
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 4823-1] influxdb security update, Moritz Muehlenhoff, 01.01.2021
Archiv bereitgestellt durch MHonArc 2.6.19.