Debian 10260 Published by

The following security updates have been released for Debian GNU/Linux:

Debian GNU/Linux 10 LTS (Buster):
[DLA 3842-1] linux-5.10 security update
[DLA 3841-1] linux-5.10 security update

Debian GNU/Linux 11 (Bullseye):
[DSA 5718-1] org-mode security update

Debian GNU/Linux 11 (Bullseye) and 12 (Bookworm):
[DSA 5719-1] emacs security update

Debian GNU/Linux 12 (Bookworm):
[DSA 5720-1] chromium security update



[DSA 5720-1] chromium security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5720-1 security@debian.org
https://www.debian.org/security/ Andres Salomon
June 25, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2024-6290 CVE-2024-6291 CVE-2024-6292 CVE-2024-6293

Security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

For the stable distribution (bookworm), these problems have been fixed in
version 126.0.6478.126-1~deb12u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[DLA 3842-1] linux-5.10 security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-3842-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Ben Hutchings
June 25, 2024 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : linux-5.10
Version : 5.10.216-1~deb10u1
CVE ID : CVE-2022-38096 CVE-2023-6270 CVE-2023-7042 CVE-2023-28746
CVE-2023-47233 CVE-2023-52429 CVE-2023-52434 CVE-2023-52435
CVE-2023-52447 CVE-2023-52458 CVE-2023-52482 CVE-2023-52486
CVE-2023-52488 CVE-2023-52489 CVE-2023-52491 CVE-2023-52492
CVE-2023-52493 CVE-2023-52497 CVE-2023-52498 CVE-2023-52583
CVE-2023-52587 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597
CVE-2023-52598 CVE-2023-52599 CVE-2023-52600 CVE-2023-52601
CVE-2023-52602 CVE-2023-52603 CVE-2023-52604 CVE-2023-52606
CVE-2023-52607 CVE-2023-52614 CVE-2023-52615 CVE-2023-52616
CVE-2023-52617 CVE-2023-52618 CVE-2023-52619 CVE-2023-52620
CVE-2023-52622 CVE-2023-52623 CVE-2023-52627 CVE-2023-52635
CVE-2023-52637 CVE-2023-52642 CVE-2023-52644 CVE-2023-52650
CVE-2023-52656 CVE-2023-52669 CVE-2023-52670 CVE-2023-52672
CVE-2023-52699 CVE-2023-52880 CVE-2024-0340 CVE-2024-0565
CVE-2024-0607 CVE-2024-0841 CVE-2024-1151 CVE-2024-22099
CVE-2024-23849 CVE-2024-23850 CVE-2024-23851 CVE-2024-24857
CVE-2024-24858 CVE-2024-24861 CVE-2024-25739 CVE-2024-26581
CVE-2024-26593 CVE-2024-26600 CVE-2024-26601 CVE-2024-26602
CVE-2024-26606 CVE-2024-26610 CVE-2024-26614 CVE-2024-26615
CVE-2024-26622 CVE-2024-26625 CVE-2024-26627 CVE-2024-26635
CVE-2024-26636 CVE-2024-26640 CVE-2024-26641 CVE-2024-26642
CVE-2024-26643 CVE-2024-26644 CVE-2024-26645 CVE-2024-26651
CVE-2024-26654 CVE-2024-26659 CVE-2024-26663 CVE-2024-26664
CVE-2024-26665 CVE-2024-26671 CVE-2024-26673 CVE-2024-26675
CVE-2024-26679 CVE-2024-26684 CVE-2024-26685 CVE-2024-26687
CVE-2024-26688 CVE-2024-26689 CVE-2024-26695 CVE-2024-26696
CVE-2024-26697 CVE-2024-26698 CVE-2024-26702 CVE-2024-26704
CVE-2024-26707 CVE-2024-26712 CVE-2024-26720 CVE-2024-26722
CVE-2024-26727 CVE-2024-26733 CVE-2024-26735 CVE-2024-26736
CVE-2024-26743 CVE-2024-26744 CVE-2024-26747 CVE-2024-26748
CVE-2024-26749 CVE-2024-26751 CVE-2024-26752 CVE-2024-26753
CVE-2024-26754 CVE-2024-26763 CVE-2024-26764 CVE-2024-26766
CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26776
CVE-2024-26777 CVE-2024-26778 CVE-2024-26779 CVE-2024-26781
CVE-2024-26782 CVE-2024-26787 CVE-2024-26788 CVE-2024-26790
CVE-2024-26791 CVE-2024-26793 CVE-2024-26795 CVE-2024-26801
CVE-2024-26804 CVE-2024-26805 CVE-2024-26808 CVE-2024-26809
CVE-2024-26810 CVE-2024-26812 CVE-2024-26813 CVE-2024-26814
CVE-2024-26816 CVE-2024-26817 CVE-2024-26820 CVE-2024-26825
CVE-2024-26833 CVE-2024-26835 CVE-2024-26839 CVE-2024-26840
CVE-2024-26843 CVE-2024-26845 CVE-2024-26846 CVE-2024-26848
CVE-2024-26851 CVE-2024-26852 CVE-2024-26855 CVE-2024-26857
CVE-2024-26859 CVE-2024-26861 CVE-2024-26862 CVE-2024-26863
CVE-2024-26870 CVE-2024-26872 CVE-2024-26874 CVE-2024-26875
CVE-2024-26877 CVE-2024-26878 CVE-2024-26880 CVE-2024-26882
CVE-2024-26883 CVE-2024-26884 CVE-2024-26885 CVE-2024-26889
CVE-2024-26891 CVE-2024-26894 CVE-2024-26895 CVE-2024-26897
CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26906
CVE-2024-26907 CVE-2024-26910 CVE-2024-26917 CVE-2024-26922
CVE-2024-26923 CVE-2024-26924 CVE-2024-26925 CVE-2024-26926
CVE-2024-26931 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937
CVE-2024-26950 CVE-2024-26951 CVE-2024-26955 CVE-2024-26956
CVE-2024-26957 CVE-2024-26958 CVE-2024-26960 CVE-2024-26961
CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26970
CVE-2024-26973 CVE-2024-26974 CVE-2024-26976 CVE-2024-26978
CVE-2024-26981 CVE-2024-26984 CVE-2024-26988 CVE-2024-26993
CVE-2024-26994 CVE-2024-26997 CVE-2024-26999 CVE-2024-27000
CVE-2024-27001 CVE-2024-27004 CVE-2024-27008 CVE-2024-27013
CVE-2024-27020 CVE-2024-27024 CVE-2024-27025 CVE-2024-27028
CVE-2024-27030 CVE-2024-27038 CVE-2024-27043 CVE-2024-27044
CVE-2024-27045 CVE-2024-27046 CVE-2024-27047 CVE-2024-27051
CVE-2024-27052 CVE-2024-27053 CVE-2024-27059 CVE-2024-27065
CVE-2024-27073 CVE-2024-27074 CVE-2024-27075 CVE-2024-27076
CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27395
CVE-2024-27396 CVE-2024-27405 CVE-2024-27410 CVE-2024-27412
CVE-2024-27413 CVE-2024-27414 CVE-2024-27416 CVE-2024-27417
CVE-2024-27419 CVE-2024-27431 CVE-2024-27436 CVE-2024-27437
CVE-2024-35785 CVE-2024-35789 CVE-2024-35791 CVE-2024-35796
CVE-2024-35805 CVE-2024-35806 CVE-2024-35807 CVE-2024-35809
CVE-2024-35811 CVE-2024-35813 CVE-2024-35815 CVE-2024-35819
CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35825
CVE-2024-35828 CVE-2024-35829 CVE-2024-35830 CVE-2024-35833
CVE-2024-35835 CVE-2024-35837 CVE-2024-35845 CVE-2024-35847
CVE-2024-35849 CVE-2024-35852 CVE-2024-35853 CVE-2024-35854
CVE-2024-35855 CVE-2024-35871 CVE-2024-35877 CVE-2024-35879
CVE-2024-35884 CVE-2024-35886 CVE-2024-35888 CVE-2024-35893
CVE-2024-35895 CVE-2024-35896 CVE-2024-35897 CVE-2024-35898
CVE-2024-35899 CVE-2024-35900 CVE-2024-35902 CVE-2024-35905
CVE-2024-35910 CVE-2024-35915 CVE-2024-35922 CVE-2024-35925
CVE-2024-35930 CVE-2024-35933 CVE-2024-35934 CVE-2024-35935
CVE-2024-35936 CVE-2024-35940 CVE-2024-35944 CVE-2024-35950
CVE-2024-35955 CVE-2024-35958 CVE-2024-35960 CVE-2024-35962
CVE-2024-35967 CVE-2024-35969 CVE-2024-35973 CVE-2024-35976
CVE-2024-35978 CVE-2024-35982 CVE-2024-35983 CVE-2024-35984
CVE-2024-35988 CVE-2024-35990 CVE-2024-35996 CVE-2024-35997
CVE-2024-36004 CVE-2024-36005 CVE-2024-36006 CVE-2024-36007
CVE-2024-36008 CVE-2024-36020
Debian Bug : 1064035

Several vulnerabilities were discovered in the Linux kernel that may
lead to a privilege escalation, denial of service or information
leaks.

For Debian 10 buster, these problems were fixed earlier in version
5.10.216-1~deb10u1. This update also fixed a regression in kernel
documentation generation, and included many more bug fixes from stable
updates 5.10.210-5.10.216 inclusive.

For the detailed security status of linux-5.10 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/linux-5.10

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[DLA 3841-1] linux-5.10 security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-3841-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Ben Hutchings
June 25, 2024 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : linux-5.10
Version : 5.10.209-2~deb10u1
CVE ID : CVE-2023-6040 CVE-2023-6356 CVE-2023-6535 CVE-2023-6536
CVE-2023-6606 CVE-2023-6915 CVE-2023-39198 CVE-2023-46838
CVE-2023-51779 CVE-2023-52340 CVE-2023-52436 CVE-2023-52438
CVE-2023-52439 CVE-2023-52443 CVE-2023-52444 CVE-2023-52445
CVE-2023-52448 CVE-2023-52449 CVE-2023-52451 CVE-2023-52454
CVE-2023-52456 CVE-2023-52457 CVE-2023-52462 CVE-2023-52463
CVE-2023-52464 CVE-2023-52467 CVE-2023-52469 CVE-2023-52470
CVE-2023-52609 CVE-2023-52612 CVE-2023-52675 CVE-2023-52679
CVE-2023-52683 CVE-2023-52686 CVE-2023-52690 CVE-2023-52691
CVE-2023-52693 CVE-2023-52694 CVE-2023-52696 CVE-2023-52698
CVE-2024-0646 CVE-2024-1086 CVE-2024-24860 CVE-2024-26586
CVE-2024-26597 CVE-2024-26598 CVE-2024-26633

Several vulnerabilities were discovered in the Linux kernel that may
lead to a privilege escalation, denial of service or information
leaks.

For Debian 10 buster, these problems were fixed earlier in version
5.10.209-2~deb10u1. This update additionally included many more bug
fixes from stable updates 5.10.206-5.10.209 inclusive.

For the detailed security status of linux-5.10 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/linux-5.10

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[DSA 5719-1] emacs security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5719-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
June 25, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : emacs
CVE ID : CVE-2024-39331
Debian Bug : 1074137

It was discovered that Emacs is prone to arbitrary shell code evaluation
when opening a specially crafted Org file.

This update includes updates pending for the upcoming point releases
including other security fixes.

For the oldstable distribution (bullseye), this problem has been fixed
in version 1:27.1+1-3.1+deb11u5.

For the stable distribution (bookworm), this problem has been fixed in
version 1:28.2+1-15+deb12u3.

We recommend that you upgrade your emacs packages.

For the detailed security status of emacs please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/emacs

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[DSA 5718-1] org-mode security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5718-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
June 25, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : org-mode
CVE ID : CVE-2024-39331
Debian Bug : 1074136

It was discovered that Org Mode for Emacs is prone to arbitrary shell
code evaluation when opening a specially crafted Org file.

This update includes updates pending for the upcoming point releases
including other security fixes.

For the oldstable distribution (bullseye), this problem has been fixed
in version 9.4.0+dfsg-1+deb11u3.

We recommend that you upgrade your org-mode packages.

For the detailed security status of org-mode please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/org-mode

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/