Debian buster Openstack images changelog 10.8.1-20210219 Updates in 3 source package(s), 10 binary package(s): Source bind9, binaries: libdns-export1104:amd64 libisc-export1100:amd64 libdns-export1104:arm64 libisc-export1100:arm64 bind9 (1:9.11.5.P4+dfsg-5.1+deb10u3) buster-security; urgency=high * Non-maintainer upload by the Security Team. * Buffer overflow in GSSAPI security policy negotiation (CVE-2020-8625) Source libzstd, binaries: libzstd1:amd64 libzstd1:arm64 libzstd (1.3.8+dfsg-3+deb10u1) buster-security; urgency=high * Team upload. * When a file with restricted permissions is compressed, the resulting file inherits the umask of the user for the time of the compression. This will usually lead to surprising and too relaxed permissions. This update adds fix-file-permissions-on-compression.patch to make sure the compressed file is not group or world readable for the duration of the compression. Closes: #981404 Source openssl, binaries: libssl1.1:amd64 openssl:amd64 libssl1.1:arm64 openssl:arm64 openssl (1.1.1d-0+deb10u5) buster-security; urgency=medium * CVE-2021-23841 (NULL pointer deref in X509_issuer_and_serial_hash()). * CVE-2021-23840 (Possible overflow of the output length argument in EVP_CipherUpdate(), EVP_EncryptUpdate() and EVP_DecryptUpdate()). * CVE-2019-1551 (Overflow in the x64_64 Montgomery squaring procedure), (Closes: #947949). -- Steve McIntyre <93sam@debian.org> Fri, 19 Feb 2021 11:14:12 +0000 10.8.0 First build for 10.8.0 release -- Steve McIntyre <93sam@debian.org> Sat, 06 Feb 2021 13:22:48 +0000