Debian 10260 Published by

The following security updates are available for Debian GNU/Linux:

[SECURITY] [DSA 5744-1] thunderbird security update
[SECURITY] [DSA 5742-1] odoo security update
[SECURITY] [DSA 5743-1] roundcube security update
[SECURITY] [DSA 5741-1] chromium security update



[SECURITY] [DSA 5744-1] thunderbird security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5744-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 08, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : thunderbird
CVE ID : CVE-2024-7519 CVE-2024-7521 CVE-2024-7522 CVE-2024-7525
CVE-2024-7526 CVE-2024-7527 CVE-2024-7529

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

For the oldstable distribution (bullseye), these problems have been fixed
in version 1:115.14.0-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 1:115.14.0-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[SECURITY] [DSA 5742-1] odoo security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5742-1 security@debian.org
https://www.debian.org/security/ Sebastien Delafond
August 08, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : odoo
CVE ID : CVE-2024-4367
Debian Bug : 1074228

A vulnerability was discovered in odoo, a suite of web based open
source business apps. It could result in the execution of arbitrary
code.

For the oldstable distribution (bullseye), this problem has been fixed
in version 14.0.0+dfsg.2-7+deb11u2.

For the stable distribution (bookworm), this problem has been fixed in
version $bookworm_VERSION.

We recommend that you upgrade your odoo packages.

For the detailed security status of odoo please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/odoo

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[SECURITY] [DSA 5743-1] roundcube security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5743-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 08, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : roundcube
CVE ID : CVE-2024-42008 CVE-2024-42009 CVE-2024-42010

Multiple cross-site scripting vulnerabilities were discovered in
RoundCube webmail.

For the stable distribution (bookworm), these problems have been fixed in
version 1.6.5+dfsg-1+deb12u3.

We recommend that you upgrade your roundcube packages.

For the detailed security status of roundcube please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/roundcube

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[SECURITY] [DSA 5741-1] chromium security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5741-1 security@debian.org
https://www.debian.org/security/ Andres Salomon
August 08, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2024-7532 CVE-2024-7533 CVE-2024-7534 CVE-2024-7535
CVE-2024-7536 CVE-2024-7550

Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.

For the stable distribution (bookworm), these problems have been fixed in
version 127.0.6533.99-1~deb12u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/