Debian 10230 Published by

The following updates has been released for Debian GNU/Linux:

Debian GNU/Linux 8 LTS:
DLA 1542-1: dnsruby update

Debian GNU/Linux 9:
DSA 4314-1: net-snmp security update



DLA 1542-1: dnsruby update

Package : dnsruby
Version : 1.54-2+deb8u1
Debian Bug : 908887


dnsruby is a feature-complete DNS(SEC) client for Ruby. It ships the DNS
Root Key Signing Key (KSK), used as trust anchor to validate the
authenticity of DNS records. This update includes the latest KSK
(KSK-2017), that will be used by ICANN to sign the Root Zone today, 11
October 2018.

For Debian 8 "Jessie", this problem has been fixed in version
1.54-2+deb8u1.

We recommend that you upgrade your dnsruby packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



DSA 4314-1: net-snmp security update




- -------------------------------------------------------------------------
Debian Security Advisory DSA-4314-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
October 11, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : net-snmp
CVE ID : CVE-2018-18065
Debian Bug : 910638

Magnus Klaaborg Stubman discovered a NULL pointer dereference bug in
net-snmp, a suite of Simple Network Management Protocol applications,
allowing a remote, authenticated attacker to crash the snmpd process
(causing a denial of service).

For the stable distribution (stretch), this problem has been fixed in
version 5.7.3+dfsg-1.7+deb9u1.

We recommend that you upgrade your net-snmp packages.

For the detailed security status of net-snmp please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/net-snmp

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/