it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5327-1] swift security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5327-1] swift security update
Date: Tue, 24 Jan 2023 20:03:46 +0000
Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
List-archive: https://lists.debian.org/msgid-search/Y9A5ojXNWVekz22i AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=gxX3u8y3CjmHA8ZeGIPQUmQk0Jdqn17zYXWIjLS89jQ=; b=G3 FAHKjy3jRd2gdoAoQMSJtfrAaicerMPC7Gr4MS+sEYTUx3s4rsfuUfr4tPumppgNImxoA0mUHCjsT 4rDl/NFU9Rypxc4T1HcAJAISPlLIX8MMdPXxbZ3vbJrmJbN2cO7pLPV81MG2G+CfrnNrMvrozyvWP LjgdjJZ2vBljTUSfi1xl+uIUGCQdYgW6dMbNlUSCnj0YE71/Gi+uOzTee3r6mOgTYwZ9SdoB2Atoa L4Tac6Z3pCCl2qNH1ona6KRc8C/92ziaz4l2yhtKpVLhH8DlUvJnuz8gmzMWBHjuCYIKsw3uK5ogN jVWmm7sCsTpBjFXgW/uC2ISuhihYXDGQ==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Tue, 24 Jan 2023 20:04:26 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <dsM02oZFxsE.A.kuB.KnD0jB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5327-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 24, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : swift
CVE ID : CVE-2022-47950
Debian Bug : 1029200

Sebastien Meriot discovered that the S3 API of Swift, a distributed
virtual object store, was susceptible to information disclosure.

For the stable distribution (bullseye), this problem has been fixed in
version 2.26.0-10+deb11u1.

We recommend that you upgrade your swift packages.

For the detailed security status of swift please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/swift

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPQNhQACgkQEMKTtsN8
TjY5qw//YHxQJWvmsTZRDzYbyllUh4hfXkfNDKDbMOYv53ebgTSci77Q3di54rXo
k6OLR02mJaFsiccYVH8O9oWoEZveVkGhgB3fO5QcGhmHP218nXXknHtBWpfMrjzW
IWQJLhU6lczlZtCuDxp4FGs1L/dw3HWDjRDC4/O6X4LDV11GGmM8v4OSEFicM5KM
ih/kNYt/DLHl2J3vb1cOLxNZCPAQoHhknpoE4NXdWnBZju8ufT1E0+OqhAnOTS3S
XTZ7LuBmtArY0XwK+rKLeXg65RiJchpNIS7uOi0x+ZgvMbmaad5gKm5hA6ZRDdvs
Grw0hUu9Atj40QShghCWhjKVRxXu+jMgFZhew/3drqYERv1sdQr94frmagjLdTlI
d6QYZCznfGEJTCL2cH+tlW4jBolL5cvS3UcrWHeFh6WNEb3fayeLr3811dJ0D+/b
NXoiUTVPIBp37ycVg26Xehz4axrLPyHTDqXTqy5aEn1jee1810F1OeNfZODju8Bx
XgRxLCQaR7VoWtux+0ZQBhBziii2D2BPSZBzIP14llkqyYdxgMVBI67zDOu1VUXM
y2gqJRvlzclimpmWbXXVV16gB3I6Kxt8MQKdMZpinUIYUjdp4Dm7p5pgTU8Jk8qJ
mdOu43mRnAgMOavLO7/1GeyOvDFnnW0gDsBbGLWRM7VbHGmB+7M=
=QW6t
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5327-1] swift security update, Moritz Muehlenhoff, 24.01.2023

Archiv bereitgestellt durch MHonArc 2.6.24.