it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5233-1] e17 security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5233-1] e17 security update
Date: Wed, 21 Sep 2022 18:42:16 +0000
Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
List-archive: https://lists.debian.org/msgid-search/E1ob4fo-00DBYq-O9 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=6hwsFeXV59cPLp1VOR5asQl17LZvuxrLsXHMAWMmWwM=; b=CR pV62TH/MSinY51FGjyK3fOhTgCT0a9SNDkhQ9FJgZ/lLVSQL537RGfhkChKtiEyJA6IR3uGwfUkh+ MGamWFlewTpH5cRG+fHZxAsfjRELfzG4qcEL1KzCBjnyz/HwoMNVUu3vR6KCoLksUdshvt4AHO1Qv n+AWmju2Xx9pVEt4P5gKUiXlcwikR9s/f242SpLfILMTz/2elFDZ1Zans00R2UBb18r1QaEnfvXZ7 rjRJsyhmCvSBRaoyofk0SHSfIXWoUTilWOOid8PIAfu73pVKySdnlD94WASlbfcifariohf8p1aOC /n3Vj1AHKyLw0LibRNztabGn1LbOEdVQ==;
Old-return-path: <carnil AT seger.debian.org>
Priority: urgent
Resent-date: Wed, 21 Sep 2022 18:42:43 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <UCO48vJ3NEN.A.5iB.js1KjB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5233-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
September 21, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : e17
CVE ID : CVE-2022-37706

Maher Azzouzi discovered that missing input sanitising in the
Enlightenment window manager may result in local privilege escalation to
root.

For the stable distribution (bullseye), this problem has been fixed in
version 0.24.2-8+deb11u1.

We recommend that you upgrade your e17 packages.

For the detailed security status of e17 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/e17

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMrWr5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SmaxAAmEx68H2LnS6HVrH0rM0u/d42PDXznm4NxqmFF9krcaQ3igdSFMZhShgR
hMduIOxt0dBZA/HaZrxa9xpe4wTWWacToSki7YayKaLZZRWcAdLbu7crgCE5zmwI
aykVF+JlYhrudNX7sxF7Tguw0P86FVH/ydDy00YimEg+eTPpg9x7T3IgzJ9qP5hF
R6Lc/0caAZFW3fhQLzlwwU+vugvK3dX0W9EzqmF1Je2vusvErfoS879DodHpjaNt
Bc+66qNUfIFNy8annxLk/ZCx7Ijmrc2XWFtKmd3KojRxoeVuNCsLhA5I/zinU7Xq
XweGSOILaD+Ei9mcV6fleRDDqldudBQrK3v+biOQysYySHwC06kNZGM3Tijhjiiu
oYCmbPDFTEMisGgj85iNkW6NmvHJsFn2dp8jbd7yEfRy7K4NnL5yQnojoudorbH4
pi7KTjXtKKXDnK0jd5yE2L0q0LO8yTlUoSJLzFoMHx5IucBTMzVtGvzGgXm3TYeN
woxHxdAh27X9FTCh7te+2sxkeMKDXptkSrhtn9ReWl6e0SN5ZdqfQu1nGzfGBv1T
dOfjL0zU3/ftBsJ4tIx5IHSbfSJaUsvDdVyZ5UPQgZToGIxHNPXnYRrzqJ3pK16r
GSSdyo0gtIXVlEm3rBxLojuUujJg4h7LONQRnBT2FPrkNYCGeBQ=
=901U
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5233-1] e17 security update, Moritz Muehlenhoff, 21.09.2022

Archiv bereitgestellt durch MHonArc 2.6.24.