email système: Debian security status

topodoco @
Paysan


639pts

Inscrit le: 29 juillet 2008
Messages: 361

Navigateur : n.c.
Hors ligne

Posté le: 22 août 2020 à 22:50  

Salut les amis fermiers ,

j'ai monté un petit cloud perso, qui est donc relié à internet.
Pour cela j'ai utilisé une petite carte odroid HC2 ( https://www.hardkernel.com/shop/odroid-hc2-home-cloud-two/ ) sur laquelle j'ai installé NextCloud ( https://ownyourbits.com/nextcloudpi/ ) .
J'ai bien sur mis à jour Linux (Armbian Buster).
En passant les tests de sécurité "NextCloud", on me signale que mon serveur est noté "A+", ce qui est la meilleure note (dernière version NexCloud et aucune faille de sécurité connue).
Par contre le système me remonte régulièrement des mails "Debian security status" comme celui-ci (je n'ai copié qu'une partie, les mails sont très longs):

Citation:

From [email protected] Sat Aug 22 02:32:03 2020 Return-Path: <[email protected]> X-Original-To: root Delivered-To: [email protected] Received: by localhost.lan (Postfix, from userid 1) id xxxxxxxxxx; Sat, 22 Aug 2020 02:32:03 +0200 (CEST) Subject: Debian security status of odroidxu4 To: [email protected] Message-Id: <[email protected]> Date: Sat, 22 Aug 2020 02:32:03 +0200 (CEST) From: daemon <[email protected]> Security report based on general data If you specify a proper suite, this report will include information regarding available security updates and obsolete packages. To set the correct suite, run "dpkg-reconfigure debsecan" as root. *** New vulnerabilities CVE-2020-8231 <https://security-tracker.debian.org/tracker/CVE-2020-8231> - curl, libcurl3-gnutls, libcurl4 *** Vulnerabilities CVE-2012-1096 NetworkManager 0.9 and earlier allows local users to... <https://security-tracker.debian.org/tracker/CVE-2012-1096> - libnm0, network-manager (low urgency) CVE-2013-7445 The Direct Rendering Manager (DRM) subsystem in the... <https://security-tracker.debian.org/tracker/CVE-2013-7445> - linux-libc-dev CVE-2016-10228 The iconv program in the GNU C Library (aka glibc or... <https://security-tracker.debian.org/tracker/CVE-2016-10228> - libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales (low urgency) CVE-2016-1585 In all versions of AppArmor mount rules are... <https://security-tracker.debian.org/tracker/CVE-2016-1585> - libapparmor1 (low urgency) CVE-2016-2568 pkexec, when used with --user nonpriv, allows local... <https://security-tracker.debian.org/tracker/CVE-2016-2568> - libpolkit-agent-1-0, libpolkit-backend-1-0, libpolkit-gobject-1-0, policykit-1 (low urgency) CVE-2016-2781 chroot in GNU coreutils, when used with --userspec,... <https://security-tracker.debian.org/tracker/CVE-2016-2781> - coreutils (low urgency) CVE-2016-9318 libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23... <https://security-tracker.debian.org/tracker/CVE-2016-9318> - libxml2 CVE-2017-0630 An information disclosure vulnerability in the kernel... <https://security-tracker.debian.org/tracker/CVE-2017-0630> - linux-libc-dev CVE-2017-16932 parser.c in libxml2 before 2.9.5 does not prevent... <https://security-tracker.debian.org/tracker/CVE-2017-16932> - libxml2 CVE-2017-18258 The xz_head function in xzlib.c in libxml2 before... <https://security-tracker.debian.org/tracker/CVE-2017-18258> - libxml2 (low urgency) CVE-2017-6363 ** DISPUTED ** In the GD Graphics Library (aka LibGD)... <https://security-tracker.debian.org/tracker/CVE-2017-6363> - libgd3 CVE-2017-7189 main/streams/xp_socket.c in PHP 7.x before 2017-03-07... <https://security-tracker.debian.org/tracker/CVE-2017-7189> - php7.3, php7.3-bcmath, php7.3-bz2, php7.3-cli, php7.3-common, php7.3-curl, php7.3-fpm, php7.3-gd, php7.3-gmp, php7.3-intl, php7.3-json, php7.3-ldap, php7.3-mbstring, php7.3-mysql, php7.3-opcache, php7.3-readline, php7.3-xml, php7.3-zip CVE-2017-7272 PHP through 7.1.11 enables potential SSRF in... <https://security-tracker.debian.org/tracker/CVE-2017-7272> - php7.3, php7.3-bcmath, php7.3-bz2, php7.3-cli, php7.3-common, php7.3-curl, php7.3-fpm, php7.3-gd, php7.3-gmp, php7.3-intl, php7.3-json, php7.3-ldap, php7.3-mbstring, php7.3-mysql, php7.3-opcache, php7.3-readline, php7.3-xml, php7.3-zip CVE-2018-10910 A bug in Bluez may allow for the Bluetooth... <https://security-tracker.debian.org/tracker/CVE-2018-10910> - libbluetooth3 (low urgency) CVE-2018-1152 libjpeg-turbo 1.5.90 is vulnerable to a denial of... <https://security-tracker.debian.org/tracker/CVE-2018-1152> - libjpeg62-turbo (low urgency) CVE-2018-12886 stack_protect_prologue in cfgexpand.c and... <https://security-tracker.debian.org/tracker/CVE-2018-12886> - cpp-8, g++-8, gcc-8, gcc-8-base, libasan5, libatomic1, libcc1-0, libgcc-8-dev, libgcc1, libgomp1, libstdc++-8-dev, libstdc++6, libubsan1 CVE-2018-12928 In the Linux kernel 4.15.0, a NULL pointer... <https://security-tracker.debian.org/tracker/CVE-2018-12928> - linux-libc-dev (low urgency) CVE-2018-14404 A NULL pointer dereference vulnerability exists in... <https://security-tracker.debian.org/tracker/CVE-2018-14404> - libxml2 (low urgency) CVE-2018-14498 get_8bit_row in rdbmp.c in libjpeg-turbo through... <https://security-tracker.debian.org/tracker/CVE-2018-14498> - libjpeg62-turbo (low urgency) CVE-2018-14553 gdImageClone in gd.c in libgd 2.1.0-rc2 through... <https://security-tracker.debian.org/tracker/CVE-2018-14553> - libgd3 (low urgency) CVE-2018-14567 libxml2 2.9.8, if --with-lzma is used, allows remote... <https://security-tracker.debian.org/tracker/CVE-2018-14567> - libxml2 CVE-2018-15919 Remotely observable behaviour in auth-gss2.c in... <https://security-tracker.debian.org/tracker/CVE-2018-15919> - openssh-client, openssh-server, openssh-sftp-server (low urgency) CVE-2018-16384 A SQL injection bypass (aka PL1 bypass) exists in... <https://security-tracker.debian.org/tracker/CVE-2018-16384> - modsecurity-crs (low urgency) CVE-2018-17977 The Linux kernel 4.14.67 mishandles certain... <https://security-tracker.debian.org/tracker/CVE-2018-17977> - linux-libc-dev CVE-2018-18653 The Linux kernel, as used in Ubuntu 18.10 and when... <https://security-tracker.debian.org/tracker/CVE-2018-18653> - linux-libc-dev CVE-2018-3693 Systems with microprocessors utilizing speculative... <https://security-tracker.debian.org/tracker/CVE-2018-3693> - linux-libc-dev CVE-2018-7169 An issue was discovered in shadow 4.5. newgidmap (in... <https://security-tracker.debian.org/tracker/CVE-2018-7169> - login, passwd (low urgency) CVE-2018-7577 Memcpy parameter overlap in Google Snappy library... <https://security-tracker.debian.org/tracker/CVE-2018-7577> - libsnappy1v5 CVE-2019-10218 A flaw was found in the samba client, all samba... <https://security-tracker.debian.org/tracker/CVE-2019-10218> - libsmbclient, libwbclient0, python-samba, samba, samba-common, samba-common-bin, samba-libs CVE-2019-11236 In the urllib3 library through 1.24.1 for Python,... <https://security-tracker.debian.org/tracker/CVE-2019-11236> - python3-urllib3 CVE-2019-12290 GNU libidn2 before 2.2.0 fails to perform the... <https://security-tracker.debian.org/tracker/CVE-2019-12290> - libidn2-0 CVE-2019-12881 i915_gem_userptr_get_pages in... <https://security-tracker.debian.org/tracker/CVE-2019-12881> - linux-libc-dev CVE-2019-13103 A crafted self-referential DOS partition table will... <https://security-tracker.debian.org/tracker/CVE-2019-13103> - u-boot-tools (low urgency) CVE-2019-13104 In Das U-Boot versions 2016.11-rc1 through... <https://security-tracker.debian.org/tracker/CVE-2019-13104> - u-boot-tools (low urgency) CVE-2019-13105 Das U-Boot versions 2019.07-rc1 through 2019.07-rc4... <https://security-tracker.debian.org/tracker/CVE-2019-13105> - u-boot-tools (low urgency) CVE-2019-13106 Das U-Boot versions 2016.09 through 2019.07-rc4 can... <https://security-tracker.debian.org/tracker/CVE-2019-13106> - u-boot-tools (low urgency) CVE-2019-13115 In libssh2 before 1.9.0,... <https://security-tracker.debian.org/tracker/CVE-2019-13115> - libssh2-1 CVE-2019-13224 A use-after-free in onig_new_deluxe() in regext.c in... <https://security-tracker.debian.org/tracker/CVE-2019-13224> - libonig5 (low urgency) CVE-2019-13225 A NULL Pointer Dereference in match_at() in... <https://security-tracker.debian.org/tracker/CVE-2019-13225> - libonig5 (low urgency) CVE-2019-13627 It was discovered that there was a ECDSA timing... <https://security-tracker.debian.org/tracker/CVE-2019-13627> - libgcrypt20 CVE-2019-14192 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14192> - u-boot-tools CVE-2019-14193 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14193> - u-boot-tools CVE-2019-14194 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14194> - u-boot-tools CVE-2019-14195 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14195> - u-boot-tools CVE-2019-14196 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14196> - u-boot-tools CVE-2019-14197 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14197> - u-boot-tools CVE-2019-14198 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14198> - u-boot-tools CVE-2019-14199 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14199> - u-boot-tools CVE-2019-14200 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14200> - u-boot-tools CVE-2019-14201 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14201> - u-boot-tools CVE-2019-14202 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14202> - u-boot-tools CVE-2019-14203 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14203> - u-boot-tools CVE-2019-14204 An issue was discovered in Das U-Boot through... <https://security-tracker.debian.org/tracker/CVE-2019-14204> - u-boot-tools CVE-2019-14833 A flaw was found in Samba, all versions starting... <https://security-tracker.debian.org/tracker/CVE-2019-14833>

Qu'est-ce que ça veut dire ? Est-ce que mon serveur est vulnérable et si oui, comment corriger ces problèmes ?
J'ai beau essayer de mettre à jour mon OS, il m'indique que tout est déjà à jour...
PS: non je ne suis pas administrateur réseau / pro Linux... juste un petit passionné qui essaye de faire de son mieux

---

0 pour,
0

fission @
Meuhdérateur


3436pts

Inscrit le: 08 mars 2019
Messages: 2884
Localisation: ile de france
Navigateur : n.c.
Hors ligne

Posté le: 22 août 2020 à 23:20  

il faudrait un contenu complet pour pouvoir te répondre !

---

0 pour,
0

topodoco @
Paysan


639pts

Inscrit le: 29 juillet 2008
Messages: 361

Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 00:06  

Le mail complet:

From [email protected] Sat Aug 22 02:32:03 2020
Return-Path: <[email protected]>
X-Original-To: root
Delivered-To: [email protected]
Received: by localhost.lan (Postfix, from userid 1)
id xxxxxxxxxx; Sat, 22 Aug 2020 02:32:03 +0200 (CEST)
Subject: Debian security status of odroidxu4
To: [email protected]
Message-Id: <[email protected]>
Date: Sat, 22 Aug 2020 02:32:03 +0200 (CEST)
From: daemon <[email protected]>

Security report based on general data

If you specify a proper suite, this report will include information
regarding available security updates and obsolete packages. To set
the correct suite, run "dpkg-reconfigure debsecan" as root.

*** New vulnerabilities

CVE-2020-8231
<https://security-tracker.debian.org/tracker/CVE-2020-8231>
- curl, libcurl3-gnutls, libcurl4

*** Vulnerabilities

CVE-2012-1096 NetworkManager 0.9 and earlier allows local users to...
<https://security-tracker.debian.org/tracker/CVE-2012-1096>
- libnm0, network-manager (low urgency)

CVE-2013-7445 The Direct Rendering Manager (DRM) subsystem in the...
<https://security-tracker.debian.org/tracker/CVE-2013-7445>
- linux-libc-dev

CVE-2016-10228 The iconv program in the GNU C Library (aka glibc or...
<https://security-tracker.debian.org/tracker/CVE-2016-10228>
- libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales
(low urgency)

CVE-2016-1585 In all versions of AppArmor mount rules are...
<https://security-tracker.debian.org/tracker/CVE-2016-1585>
- libapparmor1 (low urgency)

CVE-2016-2568 pkexec, when used with --user nonpriv, allows local...
<https://security-tracker.debian.org/tracker/CVE-2016-2568>
- libpolkit-agent-1-0, libpolkit-backend-1-0, libpolkit-gobject-1-0,
policykit-1 (low urgency)

CVE-2016-2781 chroot in GNU coreutils, when used with --userspec,...
<https://security-tracker.debian.org/tracker/CVE-2016-2781>
- coreutils (low urgency)


CVE-2016-9318 libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23...
<https://security-tracker.debian.org/tracker/CVE-2016-9318>
- libxml2

CVE-2017-0630 An information disclosure vulnerability in the kernel...
<https://security-tracker.debian.org/tracker/CVE-2017-0630>
- linux-libc-dev

CVE-2017-16932 parser.c in libxml2 before 2.9.5 does not prevent...
<https://security-tracker.debian.org/tracker/CVE-2017-16932>
- libxml2

CVE-2017-18258 The xz_head function in xzlib.c in libxml2 before...
<https://security-tracker.debian.org/tracker/CVE-2017-18258>
- libxml2 (low urgency)

CVE-2017-6363 ** DISPUTED ** In the GD Graphics Library (aka LibGD)...
<https://security-tracker.debian.org/tracker/CVE-2017-6363>
- libgd3

CVE-2017-7189 main/streams/xp_socket.c in PHP 7.x before 2017-03-07...
<https://security-tracker.debian.org/tracker/CVE-2017-7189>
- php7.3, php7.3-bcmath, php7.3-bz2, php7.3-cli, php7.3-common,
php7.3-curl, php7.3-fpm, php7.3-gd, php7.3-gmp, php7.3-intl,
php7.3-json, php7.3-ldap, php7.3-mbstring, php7.3-mysql,
php7.3-opcache, php7.3-readline, php7.3-xml, php7.3-zip

CVE-2017-7272 PHP through 7.1.11 enables potential SSRF in...
<https://security-tracker.debian.org/tracker/CVE-2017-7272>
- php7.3, php7.3-bcmath, php7.3-bz2, php7.3-cli, php7.3-common,
php7.3-curl, php7.3-fpm, php7.3-gd, php7.3-gmp, php7.3-intl,
php7.3-json, php7.3-ldap, php7.3-mbstring, php7.3-mysql,
php7.3-opcache, php7.3-readline, php7.3-xml, php7.3-zip

CVE-2018-10910 A bug in Bluez may allow for the Bluetooth...
<https://security-tracker.debian.org/tracker/CVE-2018-10910>
- libbluetooth3 (low urgency)

CVE-2018-1152 libjpeg-turbo 1.5.90 is vulnerable to a denial of...
<https://security-tracker.debian.org/tracker/CVE-2018-1152>
- libjpeg62-turbo (low urgency)

CVE-2018-12886 stack_protect_prologue in cfgexpand.c and...
<https://security-tracker.debian.org/tracker/CVE-2018-12886>
- cpp-8, g++-8, gcc-8, gcc-8-base, libasan5, libatomic1, libcc1-0,
libgcc-8-dev, libgcc1, libgomp1, libstdc++-8-dev, libstdc++6,
libubsan1

CVE-2018-12928 In the Linux kernel 4.15.0, a NULL pointer...
<https://security-tracker.debian.org/tracker/CVE-2018-12928>
- linux-libc-dev (low urgency)

CVE-2018-14404 A NULL pointer dereference vulnerability exists in...
<https://security-tracker.debian.org/tracker/CVE-2018-14404>
- libxml2 (low urgency)

CVE-2018-14498 get_8bit_row in rdbmp.c in libjpeg-turbo through...
<https://security-tracker.debian.org/tracker/CVE-2018-14498>
- libjpeg62-turbo (low urgency)

CVE-2018-14553 gdImageClone in gd.c in libgd 2.1.0-rc2 through...
<https://security-tracker.debian.org/tracker/CVE-2018-14553>
- libgd3 (low urgency)

CVE-2018-14567 libxml2 2.9.8, if --with-lzma is used, allows remote...
<https://security-tracker.debian.org/tracker/CVE-2018-14567>
- libxml2

CVE-2018-15919 Remotely observable behaviour in auth-gss2.c in...
<https://security-tracker.debian.org/tracker/CVE-2018-15919>
- openssh-client, openssh-server, openssh-sftp-server (low urgency)

CVE-2018-16384 A SQL injection bypass (aka PL1 bypass) exists in...
<https://security-tracker.debian.org/tracker/CVE-2018-16384>
- modsecurity-crs (low urgency)

CVE-2018-17977 The Linux kernel 4.14.67 mishandles certain...
<https://security-tracker.debian.org/tracker/CVE-2018-17977>
- linux-libc-dev

CVE-2018-18653 The Linux kernel, as used in Ubuntu 18.10 and when...
<https://security-tracker.debian.org/tracker/CVE-2018-18653>
- linux-libc-dev

CVE-2018-3693 Systems with microprocessors utilizing speculative...
<https://security-tracker.debian.org/tracker/CVE-2018-3693>
- linux-libc-dev

CVE-2018-7169 An issue was discovered in shadow 4.5. newgidmap (in...
<https://security-tracker.debian.org/tracker/CVE-2018-7169>
- login, passwd (low urgency)

CVE-2018-7577 Memcpy parameter overlap in Google Snappy library...
<https://security-tracker.debian.org/tracker/CVE-2018-7577>
- libsnappy1v5

CVE-2019-10218 A flaw was found in the samba client, all samba...
<https://security-tracker.debian.org/tracker/CVE-2019-10218>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2019-11236 In the urllib3 library through 1.24.1 for Python,...
<https://security-tracker.debian.org/tracker/CVE-2019-11236>
- python3-urllib3

CVE-2019-12290 GNU libidn2 before 2.2.0 fails to perform the...
<https://security-tracker.debian.org/tracker/CVE-2019-12290>
- libidn2-0

CVE-2019-12881 i915_gem_userptr_get_pages in...
<https://security-tracker.debian.org/tracker/CVE-2019-12881>
- linux-libc-dev

CVE-2019-13103 A crafted self-referential DOS partition table will...
<https://security-tracker.debian.org/tracker/CVE-2019-13103>
- u-boot-tools (low urgency)

CVE-2019-13104 In Das U-Boot versions 2016.11-rc1 through...
<https://security-tracker.debian.org/tracker/CVE-2019-13104>
- u-boot-tools (low urgency)

CVE-2019-13105 Das U-Boot versions 2019.07-rc1 through 2019.07-rc4...
<https://security-tracker.debian.org/tracker/CVE-2019-13105>
- u-boot-tools (low urgency)

CVE-2019-13106 Das U-Boot versions 2016.09 through 2019.07-rc4 can...
<https://security-tracker.debian.org/tracker/CVE-2019-13106>
- u-boot-tools (low urgency)

CVE-2019-13115 In libssh2 before 1.9.0,...
<https://security-tracker.debian.org/tracker/CVE-2019-13115>
- libssh2-1

CVE-2019-13224 A use-after-free in onig_new_deluxe() in regext.c in...
<https://security-tracker.debian.org/tracker/CVE-2019-13224>
- libonig5 (low urgency)

CVE-2019-13225 A NULL Pointer Dereference in match_at() in...
<https://security-tracker.debian.org/tracker/CVE-2019-13225>
- libonig5 (low urgency)

CVE-2019-13627 It was discovered that there was a ECDSA timing...
<https://security-tracker.debian.org/tracker/CVE-2019-13627>
- libgcrypt20

CVE-2019-14192 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14192>
- u-boot-tools

CVE-2019-14193 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14193>
- u-boot-tools

CVE-2019-14194 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14194>
- u-boot-tools

CVE-2019-14195 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14195>
- u-boot-tools

CVE-2019-14196 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14196>
- u-boot-tools

CVE-2019-14197 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14197>
- u-boot-tools

CVE-2019-14198 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14198>
- u-boot-tools

CVE-2019-14199 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14199>
- u-boot-tools

CVE-2019-14200 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14200>
- u-boot-tools

CVE-2019-14201 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14201>
- u-boot-tools

CVE-2019-14202 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14202>
- u-boot-tools

CVE-2019-14203 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14203>
- u-boot-tools

CVE-2019-14204 An issue was discovered in Das U-Boot through...
<https://security-tracker.debian.org/tracker/CVE-2019-14204>
- u-boot-tools

CVE-2019-14833 A flaw was found in Samba, all versions starting...
<https://security-tracker.debian.org/tracker/CVE-2019-14833>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2019-14834 A vulnerability was found in dnsmasq before version...
<https://security-tracker.debian.org/tracker/CVE-2019-14834>
- dnsmasq, dnsmasq-base

CVE-2019-14847 A flaw was found in samba 4.0.0 before samba 4.9.15...
<https://security-tracker.debian.org/tracker/CVE-2019-14847>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2019-14855 A flaw was found in the way certificate signatures...
<https://security-tracker.debian.org/tracker/CVE-2019-14855>
- dirmngr, gnupg, gnupg-l10n, gnupg-utils, gnupg2, gpg, gpg-agent,
gpg-wks-client, gpg-wks-server, gpgconf, gpgsm, gpgv (low urgency)

CVE-2019-14861 All Samba versions 4.x.x before 4.9.17, 4.10.x...
<https://security-tracker.debian.org/tracker/CVE-2019-14861>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2019-14866 In all versions of cpio before 2.13 does not...
<https://security-tracker.debian.org/tracker/CVE-2019-14866>
- cpio (low urgency)

CVE-2019-14870 All Samba versions 4.x.x before 4.9.17, 4.10.x...
<https://security-tracker.debian.org/tracker/CVE-2019-14870>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2019-14902 There is an issue in all samba 4.11.x versions...
<https://security-tracker.debian.org/tracker/CVE-2019-14902>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2019-14907 All samba versions 4.9.x before 4.9.18, 4.10.x...
<https://security-tracker.debian.org/tracker/CVE-2019-14907>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2019-1551 There is an overflow bug in the x64_64 Montgomery...
<https://security-tracker.debian.org/tracker/CVE-2019-1551>
- libssl-dev, libssl1.1, openssl (low urgency)

CVE-2019-15847 The POWER9 backend in GNU Compiler Collection (GCC)...
<https://security-tracker.debian.org/tracker/CVE-2019-15847>
- cpp-8, g++-8, gcc-8, gcc-8-base, libasan5, libatomic1, libcc1-0,
libgcc-8-dev, libgcc1, libgomp1, libstdc++-8-dev, libstdc++6,
libubsan1

CVE-2019-16163 Oniguruma before 6.9.3 allows Stack Exhaustion in...
<https://security-tracker.debian.org/tracker/CVE-2019-16163>
- libonig5 (low urgency)

CVE-2019-16168 In SQLite through 3.29.0, whereLoopAddBtreeIndex in...
<https://security-tracker.debian.org/tracker/CVE-2019-16168>
- libsqlite3-0

CVE-2019-17041 An issue was discovered in Rsyslog v8.1908.0....
<https://security-tracker.debian.org/tracker/CVE-2019-17041>
- rsyslog

CVE-2019-17042 An issue was discovered in Rsyslog v8.1908.0....
<https://security-tracker.debian.org/tracker/CVE-2019-17042>
- rsyslog

CVE-2019-17498 In libssh2 v1.9.0 and earlier versions, the...
<https://security-tracker.debian.org/tracker/CVE-2019-17498>
- libssh2-1 (low urgency)

CVE-2019-17543 LZ4 before 1.9.2 has a heap-based buffer overflow in...
<https://security-tracker.debian.org/tracker/CVE-2019-17543>
- liblz4-1 (low urgency)

CVE-2019-19012 An integer overflow in the search_in_range function...
<https://security-tracker.debian.org/tracker/CVE-2019-19012>
- libonig5 (low urgency)

CVE-2019-19036 btrfs_root_node in fs/btrfs/ctree.c in the Linux...
<https://security-tracker.debian.org/tracker/CVE-2019-19036>
- linux-libc-dev

CVE-2019-19039 ** DISPUTED ** __btrfs_free_extent in...
<https://security-tracker.debian.org/tracker/CVE-2019-19039>
- linux-libc-dev

CVE-2019-19073 Memory leaks in...
<https://security-tracker.debian.org/tracker/CVE-2019-19073>
- linux-libc-dev

CVE-2019-19074 A memory leak in the ath9k_wmi_cmd() function in...
<https://security-tracker.debian.org/tracker/CVE-2019-19074>
- linux-libc-dev

CVE-2019-19203 An issue was discovered in Oniguruma 6.x before...
<https://security-tracker.debian.org/tracker/CVE-2019-19203>
- libonig5 (low urgency)

CVE-2019-19204 An issue was discovered in Oniguruma 6.x before...
<https://security-tracker.debian.org/tracker/CVE-2019-19204>
- libonig5 (low urgency)

CVE-2019-19246 Oniguruma through 6.9.3, as used in PHP 7.3.x and...
<https://security-tracker.debian.org/tracker/CVE-2019-19246>
- libonig5 (low urgency)

CVE-2019-19318 In the Linux kernel 5.3.11, mounting a crafted btrfs...
<https://security-tracker.debian.org/tracker/CVE-2019-19318>
- linux-libc-dev

CVE-2019-19377 In the Linux kernel 5.0.21, mounting a crafted btrfs...
<https://security-tracker.debian.org/tracker/CVE-2019-19377>
- linux-libc-dev

CVE-2019-19378 In the Linux kernel 5.0.21, mounting a crafted btrfs...
<https://security-tracker.debian.org/tracker/CVE-2019-19378>
- linux-libc-dev

CVE-2019-19448 In the Linux kernel 5.0.21 and 5.3.11, mounting a...
<https://security-tracker.debian.org/tracker/CVE-2019-19448>
- linux-libc-dev

CVE-2019-19449 In the Linux kernel 5.0.21, mounting a crafted f2fs...
<https://security-tracker.debian.org/tracker/CVE-2019-19449>
- linux-libc-dev

CVE-2019-19770 ** DISPUTED ** In the Linux kernel 4.19.83, there is...
<https://security-tracker.debian.org/tracker/CVE-2019-19770>
- linux-libc-dev

CVE-2019-19813 In the Linux kernel 5.0.21, mounting a crafted btrfs...
<https://security-tracker.debian.org/tracker/CVE-2019-19813>
- linux-libc-dev

CVE-2019-19814 In the Linux kernel 5.0.21, mounting a crafted f2fs...
<https://security-tracker.debian.org/tracker/CVE-2019-19814>
- linux-libc-dev

CVE-2019-19815 In the Linux kernel 5.0.21, mounting a crafted f2fs...
<https://security-tracker.debian.org/tracker/CVE-2019-19815>
- linux-libc-dev

CVE-2019-19816 In the Linux kernel 5.0.21, mounting a crafted btrfs...
<https://security-tracker.debian.org/tracker/CVE-2019-19816>
- linux-libc-dev

CVE-2019-19956 xmlParseBalancedChunkMemoryRecover in parser.c in...
<https://security-tracker.debian.org/tracker/CVE-2019-19956>
- libxml2

CVE-2019-20218 selectExpander in select.c in SQLite 3.30.1 proceeds...
<https://security-tracker.debian.org/tracker/CVE-2019-20218>
- libsqlite3-0

CVE-2019-20367 nlist.c in libbsd before 0.10.0 has an out-of-bounds...
<https://security-tracker.debian.org/tracker/CVE-2019-20367>
- libbsd0

CVE-2019-20388 xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10...
<https://security-tracker.debian.org/tracker/CVE-2019-20388>
- libxml2

CVE-2019-20454 An out-of-bounds read was discovered in PCRE before...
<https://security-tracker.debian.org/tracker/CVE-2019-20454>
- libpcre2-8-0

CVE-2019-20794 An issue was discovered in the Linux kernel 4.18...
<https://security-tracker.debian.org/tracker/CVE-2019-20794>
- linux-libc-dev

CVE-2019-20807 In Vim before 8.1.0881, users can circumvent the...
<https://security-tracker.debian.org/tracker/CVE-2019-20807>
- vim, vim-common, vim-runtime, xxd

CVE-2019-20907 In Lib/tarfile.py in Python through 3.8.3, an...
<https://security-tracker.debian.org/tracker/CVE-2019-20907>
- libpython2.7, libpython2.7-minimal, libpython2.7-stdlib, python2.7,
python2.7-minimal (low urgency)

CVE-2019-2201 In generate_jsimd_ycc_rgb_convert_neon of...
<https://security-tracker.debian.org/tracker/CVE-2019-2201>
- libjpeg62-turbo (low urgency)

CVE-2019-3874 The SCTP socket buffer used by a userspace...
<https://security-tracker.debian.org/tracker/CVE-2019-3874>
- linux-libc-dev

CVE-2019-6293 An issue was discovered in the function...
<https://security-tracker.debian.org/tracker/CVE-2019-6293>
- flex (low urgency)

CVE-2019-6988 An issue was discovered in OpenJPEG 2.3.0. It allows...
<https://security-tracker.debian.org/tracker/CVE-2019-6988>
- libopenjp2-7 (low urgency)

CVE-2020-10029 The GNU C Library (aka glibc or libc6) before 2.32...
<https://security-tracker.debian.org/tracker/CVE-2020-10029>
- libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales

CVE-2020-10251 In ImageMagick 7.0.9, an out-of-bounds read...
<https://security-tracker.debian.org/tracker/CVE-2020-10251>
- imagemagick-6-common, libmagickcore-6.q16-6, libmagickwand-6.q16-6
(low urgency)

CVE-2020-10648 Das U-Boot through 2020.01 allows attackers to...
<https://security-tracker.debian.org/tracker/CVE-2020-10648>
- u-boot-tools

CVE-2020-10704 A flaw was found when using samba as an Active...
<https://security-tracker.debian.org/tracker/CVE-2020-10704>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2020-10730 A NULL pointer dereference, or possible...
<https://security-tracker.debian.org/tracker/CVE-2020-10730>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2020-10745 A flaw was found in all Samba versions before...
<https://security-tracker.debian.org/tracker/CVE-2020-10745>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2020-10760 A use-after-free flaw was found in all samba LDAP...
<https://security-tracker.debian.org/tracker/CVE-2020-10760>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2020-11655 SQLite through 3.31.1 allows attackers to cause a...
<https://security-tracker.debian.org/tracker/CVE-2020-11655>
- libsqlite3-0

CVE-2020-11725 ** DISPUTED ** snd_ctl_elem_add in...
<https://security-tracker.debian.org/tracker/CVE-2020-11725>
- linux-libc-dev

CVE-2020-11984 Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi...
<https://security-tracker.debian.org/tracker/CVE-2020-11984>
- apache2, apache2-bin, apache2-data, apache2-utils

CVE-2020-11993 Apache HTTP Server versions 2.4.20 to 2.4.43 When...
<https://security-tracker.debian.org/tracker/CVE-2020-11993>
- apache2, apache2-bin, apache2-data, apache2-utils

CVE-2020-12695 The Open Connectivity Foundation UPnP specification...
<https://security-tracker.debian.org/tracker/CVE-2020-12695>
- hostapd, wpasupplicant

CVE-2020-12888 The VFIO PCI driver in the Linux kernel through...
<https://security-tracker.debian.org/tracker/CVE-2020-12888>
- linux-libc-dev

CVE-2020-13434 SQLite through 3.32.0 has an integer overflow in...
<https://security-tracker.debian.org/tracker/CVE-2020-13434>
- libsqlite3-0

CVE-2020-13790 libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a...
<https://security-tracker.debian.org/tracker/CVE-2020-13790>
- libjpeg62-turbo

CVE-2020-14155 libpcre in PCRE before 8.44 allows an integer...
<https://security-tracker.debian.org/tracker/CVE-2020-14155>
- libpcre3

CVE-2020-14303 A flaw was found in the AD DC NBT server in all...
<https://security-tracker.debian.org/tracker/CVE-2020-14303>
- libsmbclient, libwbclient0, python-samba, samba, samba-common,
samba-common-bin, samba-libs

CVE-2020-14304 ethtool when reading eeprom of device could lead to...
<https://security-tracker.debian.org/tracker/CVE-2020-14304>
- linux-libc-dev

CVE-2020-14314 buffer uses out of index in ext3/4 filesystem
<https://security-tracker.debian.org/tracker/CVE-2020-14314>
- linux-libc-dev

CVE-2020-14344 An integer overflow leading to a heap-buffer...
<https://security-tracker.debian.org/tracker/CVE-2020-14344>
- libx11-6, libx11-data

CVE-2020-14356 A flaw null pointer dereference in the Linux kernel...
<https://security-tracker.debian.org/tracker/CVE-2020-14356>
- linux-libc-dev

CVE-2020-14367
<https://security-tracker.debian.org/tracker/CVE-2020-14367>
- chrony

CVE-2020-15389 jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a...
<https://security-tracker.debian.org/tracker/CVE-2020-15389>
- libopenjp2-7

CVE-2020-15709
<https://security-tracker.debian.org/tracker/CVE-2020-15709>
- python3-software-properties, software-properties-common

CVE-2020-15780 An issue was discovered in...
<https://security-tracker.debian.org/tracker/CVE-2020-15780>
- linux-libc-dev

CVE-2020-15888 Lua through 5.4.0 mishandles the interaction between...
<https://security-tracker.debian.org/tracker/CVE-2020-15888>
- liblua5.1-0, liblua5.2-0

CVE-2020-15889 Lua through 5.4.0 has a getobjname heap-based buffer...
<https://security-tracker.debian.org/tracker/CVE-2020-15889>
- liblua5.1-0, liblua5.2-0

CVE-2020-15945 Lua through 5.4.0 has a segmentation fault in...
<https://security-tracker.debian.org/tracker/CVE-2020-15945>
- liblua5.1-0, liblua5.2-0

CVE-2020-16166 The Linux kernel through 5.7.11 allows remote...
<https://security-tracker.debian.org/tracker/CVE-2020-16166>
- linux-libc-dev

CVE-2020-1751 An out-of-bounds write vulnerability was found in...
<https://security-tracker.debian.org/tracker/CVE-2020-1751>
- libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales

CVE-2020-1752 A use-after-free vulnerability introduced in glibc...
<https://security-tracker.debian.org/tracker/CVE-2020-1752>
- libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales

CVE-2020-1927 In Apache HTTP Server 2.4.0 to 2.4.41, redirects...
<https://security-tracker.debian.org/tracker/CVE-2020-1927>
- apache2, apache2-bin, apache2-data, apache2-utils (low urgency)

CVE-2020-1934 In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp...
<https://security-tracker.debian.org/tracker/CVE-2020-1934>
- apache2, apache2-bin, apache2-data, apache2-utils (low urgency)

CVE-2020-24394 In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in...
<https://security-tracker.debian.org/tracker/CVE-2020-24394>
- linux-libc-dev

CVE-2020-3909 A buffer overflow was addressed with improved bounds...
<https://security-tracker.debian.org/tracker/CVE-2020-3909>
- libxml2

CVE-2020-3910 A buffer overflow was addressed with improved size...
<https://security-tracker.debian.org/tracker/CVE-2020-3910>
- libxml2

CVE-2020-6070 An exploitable code execution vulnerability exists in...
<https://security-tracker.debian.org/tracker/CVE-2020-6070>
- f2fs-tools, libf2fs-format4, libf2fs5

CVE-2020-6096 An exploitable signed comparison vulnerability exists...
<https://security-tracker.debian.org/tracker/CVE-2020-6096>
- libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales
(low urgency)

CVE-2020-6851 OpenJPEG through 2.3.1 has a heap-based buffer...
<https://security-tracker.debian.org/tracker/CVE-2020-6851>
- libopenjp2-7

CVE-2020-7105 async.c and dict.c in libhiredis.a in hiredis through...
<https://security-tracker.debian.org/tracker/CVE-2020-7105>
- libhiredis0.14

CVE-2020-7595 xmlStringLenDecodeEntities in parser.c in libxml2...
<https://security-tracker.debian.org/tracker/CVE-2020-7595>
- libxml2

CVE-2020-8112 opj_t1_clbl_decode_processor in openjp2/t1.c in...
<https://security-tracker.debian.org/tracker/CVE-2020-8112>
- libopenjp2-7

CVE-2020-8177
<https://security-tracker.debian.org/tracker/CVE-2020-8177>
- curl, libcurl3-gnutls, libcurl4

CVE-2020-8432 In Das U-Boot through 2020.01, a double free has been...
<https://security-tracker.debian.org/tracker/CVE-2020-8432>
- u-boot-tools (low urgency)

CVE-2020-8492 Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6...
<https://security-tracker.debian.org/tracker/CVE-2020-8492>
- libpython2.7, libpython2.7-minimal, libpython2.7-stdlib, python2.7,
python2.7-minimal

CVE-2020-8620
<https://security-tracker.debian.org/tracker/CVE-2020-8620>
- bind9-host, dnsutils, libbind9-161, libdns-export1104, libdns1104,
libirs161, libisc-export1100, libisc1100, libisccc161, libisccfg163,
liblwres161

CVE-2020-8621
<https://security-tracker.debian.org/tracker/CVE-2020-8621>
- bind9-host, dnsutils, libbind9-161, libdns-export1104, libdns1104,
libirs161, libisc-export1100, libisc1100, libisccc161, libisccfg163,
liblwres161

CVE-2020-8622
<https://security-tracker.debian.org/tracker/CVE-2020-8622>
- bind9-host, dnsutils, libbind9-161, libdns-export1104, libdns1104,
libirs161, libisc-export1100, libisc1100, libisccc161, libisccfg163,
liblwres161

CVE-2020-8623
<https://security-tracker.debian.org/tracker/CVE-2020-8623>
- bind9-host, dnsutils, libbind9-161, libdns-export1104, libdns1104,
libirs161, libisc-export1100, libisc1100, libisccc161, libisccfg163,
liblwres161

CVE-2020-8624
<https://security-tracker.debian.org/tracker/CVE-2020-8624>
- bind9-host, dnsutils, libbind9-161, libdns-export1104, libdns1104,
libirs161, libisc-export1100, libisc1100, libisccc161, libisccfg163,
liblwres161

CVE-2020-9490 Apache HTTP Server versions 2.4.20 to 2.4.43. A...
<https://security-tracker.debian.org/tracker/CVE-2020-9490>
- apache2, apache2-bin, apache2-data, apache2-utils

CVE-2020-9794 An out-of-bounds read was addressed with improved...
<https://security-tracker.debian.org/tracker/CVE-2020-9794>
- libsqlite3-0

---

0 pour,
0

Dysnome @
Métayer


2901pts

Inscrit le: 29 août 2014
Messages: 624
Localisation: Luxembourg
Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 01:09  

Peux-tu nous donner l'output de:
lsb_release -a
uname -a

Et si tu fais un "sudo apt update && sudo apt upgrade && sudo apt dist-upgrade" il te propose quoi ?

0 pour,
0

topodoco @
Paysan


639pts

Inscrit le: 29 juillet 2008
Messages: 361

Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 01:17  

Dysnome a écrit:

Peux-tu nous donner l'output de: lsb_release -a

Code:

No LSB modules are available. Distributor ID: Debian Description:    Debian GNU/Linux 10 (buster) Release:        10 Codename:       buster

Dysnome a écrit:

Peux-tu nous donner l'output de: uname -a

Code:

Linux odroidxu4 4.14.187-odroidxu4 #1 SMP PREEMPT Thu Jul 2 14:12:08 UTC 2020 armv7l GNU/Linux

Dysnome a écrit:

Et si tu fais un "sudo apt update && sudo apt upgrade && sudo apt dist-upgrade" il te propose quoi ?

C'est la commande que j'utilisai déjà pour mettre à jour le système et la dernière fois que j'ai essayé, il n'y avait rien à mettre à jour.

Code:

Hit:1 http://security.debian.org buster/updates InRelease Hit:2 http://deb.debian.org/debian buster InRelease Hit:3 http://deb.debian.org/debian buster-updates InRelease Hit:4 http://deb.debian.org/debian buster-backports InRelease Hit:5 http://security.debian.org/debian-security buster/updates InRelease Hit:6 https://uk.mirrors.fossho.st/armbian/apt buster InRelease Reading package lists... Done Building dependency tree Reading state information... Done 6 packages can be upgraded. Run 'apt list --upgradable' to see them. Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following packages will be upgraded:   armbian-config armbian-firmware linux-buster-root-legacy-odroidxu4   linux-dtb-legacy-odroidxu4 linux-image-legacy-odroidxu4   linux-u-boot-odroidxu4-legacy 6 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 24.7 MB of archives. After this operation, 158 kB disk space will be freed. Do you want to continue? [Y/n] y Get:2 https://uk.mirrors.fossho.st/armbian/apt buster/main armhf armbian-firmware all 20.08 [6674 kB] Get:1 https://mirrors.netix.net/armbian/apt buster/main armhf armbian-config all 20.08 [43.6 kB] Get:4 https://mirrors.dotsrc.org/armbian-apt buster/main armhf linux-dtb-legacy-odroidxu4 armhf 20.08 [80.4 kB] Get:5 https://mirrors.netix.net/armbian/apt buster/main armhf linux-image-legacy-odroidxu4 armhf 20.08 [17.2 MB] Get:6 https://us.mirrors.fossho.st/armbian/apt buster/main armhf linux-u-boot-odroidxu4-legacy armhf 20.08 [268 kB] Get:3 https://armbian.systemonachip.net/apt buster/main armhf linux-buster-root-legacy-odroidxu4 armhf 20.08 [413 kB] Fetched 24.7 MB in 4s (6299 kB/s) perl: warning: Setting locale failed. perl: warning: Please check that your locale settings:         LANGUAGE = "en_US.UTF-8",         LC_ALL = "",         LC_MESSAGES = "en_US.UTF-8",         LANG = (unset)     are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). (Reading database ... 42389 files and directories currently installed.) Preparing to unpack .../0-armbian-config_20.08_all.deb ... Unpacking armbian-config (20.08) over (20.05.10) ... Preparing to unpack .../1-armbian-firmware_20.08_all.deb ... Unpacking armbian-firmware (20.08) over (20.05.7) ... Preparing to unpack .../2-linux-buster-root-legacy-odroidxu4_20.08_armhf.deb ... Unpacking linux-buster-root-legacy-odroidxu4 (20.08) over (20.05.7) ... Preparing to unpack .../3-linux-dtb-legacy-odroidxu4_20.08_armhf.deb ... Unpacking linux-dtb-legacy-odroidxu4 (20.08) over (20.05.7) ... Preparing to unpack .../4-linux-image-legacy-odroidxu4_20.08_armhf.deb ... update-initramfs: Deleting /boot/initrd.img-4.14.187-odroidxu4 Removing obsolete file uInitrd-4.14.187-odroidxu4 Unpacking linux-image-legacy-odroidxu4 (20.08) over (20.05.7) ... Preparing to unpack .../5-linux-u-boot-odroidxu4-legacy_20.08_armhf.deb ... Unpacking linux-u-boot-odroidxu4-legacy (20.08) over (20.05.7) ... Setting up linux-u-boot-odroidxu4-legacy (20.08) ... Setting up linux-dtb-legacy-odroidxu4 (20.08) ... Setting up armbian-config (20.08) ... Setting up linux-buster-root-legacy-odroidxu4 (20.08) ... Setting up linux-image-legacy-odroidxu4 (20.08) ... update-initramfs: Generating /boot/initrd.img-4.14.191-odroidxu4 update-initramfs: Converting to u-boot format Setting up armbian-firmware (20.08) ... Processing triggers for initramfs-tools (0.133+deb10u1) ... update-initramfs: Generating /boot/initrd.img-4.14.191-odroidxu4 update-initramfs: Converting to u-boot format Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

---

0 pour,
0

Dysnome @
Métayer


2901pts

Inscrit le: 29 août 2014
Messages: 624
Localisation: Luxembourg
Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 01:41  

C'est super étonnant car tu semble être effectivement à jour. Il faut p-e attendre que le kernel 5.4.y soit considéré comme stable, patcher et voir si Nextcloud est content.
Si tu veux, fais le test d'installer Nextcloud avec le kernel 5.4.y et regarde ce que ça donne. Dans tout les cas t'as pas trop le choix d'attendre.

Edit : Si t'as les moyens, passe un scan avec Nessus ou OpenVAS pour confirmer que les CVE soient bien actives sur ton système. Ça en fait quand-même un bon paquet pour un OS récent.

0 pour,
0

topodoco @
Paysan


639pts

Inscrit le: 29 juillet 2008
Messages: 361

Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 02:01  

Dysnome a écrit:

C'est super étonnant car tu semble être effectivement à jour. Il faut p-e attendre que le kernel 5.4.y soit considéré comme stable, patcher et voir si Nextcloud est content. Si tu veux, fais le test d'installer Nextcloud avec le kernel 5.4.y et regarde ce que ça donne. Dans tout les cas t'as pas trop le choix d'attendre. Edit : Si t'as les moyens, passe un scan avec Nessus ou OpenVAS pour confirmer que les CVE soient bien actives sur ton système. Ça en fait quand-même un bon paquet pour un OS récent.

Je ne pensai pas que NextCloud était à l'origine de ces mails, mais simplement le système en lui même (?).
Pour être à jour, oui c'était bien le cas, j'ai fais une installation "propre" le weekend dernier.
NextCloud ayant besoin d'une base "Debian", j'ai installé une "Armbian" dont l'image fournit ici:
https://www.armbian.com/odroid-hc1/
J'ai bien sur mis à jour le système après installation de ce dernier, avant d'installer NextCloud.
Le kernel 5.4, je ne me suis pas penché dessus puisque l'image proposée n'était pas dispo avec ce dernier.
Il y a bien ce topic qui en parle, il va falloir que je lise un peu plus de quoi il retourne.
https://forum.odroid.com/viewtopic.php?f=96&t=24309

Pour ce qui est de Nessus ou OpenVAS, je n'en ai aucune idée, je n'ai jamais utilisé ces outils, mais je vais voir de quoi il retourne .
Pour les CVE (je ne savais même pas ce que c'était... merci Google => Common Vulnerabilities and Exposure), oui je trouve aussi qu'il y aurait énormément de failles dans une distribution "propre" et "à jour". C'est ce qui m'étonne... Qu'il y ait 3-4 failles non corrigées pourquoi pas, mais autant que ce qu'indique le mail, ça fait vraiment penser à une passoire... Plutôt flippant quand on compte y mettre ses documents perso avec un accès par internet...

---

0 pour,
0

Dysnome @
Métayer


2901pts

Inscrit le: 29 août 2014
Messages: 624
Localisation: Luxembourg
Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 09:41  

En relisant le mail, je suis pas persuady que c'est un listing des CVE non fixées sur ton système. Debian 10 est assez récent et ne devrais pas comporter des vulnérabilités de 2018.

Par contre, je dis pas que c'est Nextcloud qui a envoyé le mail. Il n'y a pas beaucoup d'info à ce sujet. Dans Nextcloud, run l'utilitaire pour vérifier la sécurité de ton setup. Et au niveau de l'OS, run Nessus ou OpenVAS depuis n'importe quel host de ton réseau (ça peut être dans un container, dans une VM, etc). Dans tout les cas, prend une license gratuite, t'aura pas besoin de plus. Une fois ton OS scanné, tu verra bien ce qui est vulnérable.

Manque de bol pour le timing, j'ai pas encore sorti de vidéo qui explique comment faire tout ça :)

0 pour,
0

OMGimag33k @
Métayer


3292pts

Inscrit le: 25 septembre 2018
Messages: 1509

Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 12:01  

Bonjour,

Ta liste de vulnérabilités ressemble à un rapport debsecan:https://wiki.debian.org/DebianSecurity/debsecan

Debsecan est approprié uniquement sur debian, sur une autre distribution il va te remonter des faux positifs donc le résultat du scan n'est pas pertinent.

Sinon Nextcloud peut s'installer sur à peu près n'importe quel serveur avec le web installer: https://nextcloud.com/install/#instructions-server

---

0 pour,
0

topodoco @
Paysan


639pts

Inscrit le: 29 juillet 2008
Messages: 361

Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 14:01  

Dysnome a écrit:

En relisant le mail, je suis pas persuady que c'est un listing des CVE non fixées sur ton système. Debian 10 est assez récent et ne devrais pas comporter des vulnérabilités de 2018. Par contre, je dis pas que c'est Nextcloud qui a envoyé le mail. Il n'y a pas beaucoup d'info à ce sujet. Dans Nextcloud, run l'utilitaire pour vérifier la sécurité de ton setup. Et au niveau de l'OS, run Nessus ou OpenVAS depuis n'importe quel host de ton réseau (ça peut être dans un container, dans une VM, etc). Dans tout les cas, prend une license gratuite, t'aura pas besoin de plus. Une fois ton OS scanné, tu verra bien ce qui est vulnérable. Manque de bol pour le timing, j'ai pas encore sorti de vidéo qui explique comment faire tout ça :)

Oui assez étrange ces CVE qui apparaissent sans rien demander... enfin surtout qu'il semble en avoir énormément !
Si tu prévois des tutos Nessus et OpenVAS, ça pourrait m’intéresser rien que par curiosité
Pour le moment j'ai privilégié la piste de passer sur un Kernel plus recent.
Je passe donc sur Buster 5.4 dispo tout en bas de page: https://www.armbian.com/odroid-hc1/

OMGimag33k a écrit:

Bonjour, Ta liste de vulnérabilités ressemble à un rapport debsecan:https://wiki.debian.org/DebianSecurity/debsecan Debsecan est approprié uniquement sur debian, sur une autre distribution il va te remonter des faux positifs donc le résultat du scan n'est pas pertinent. Sinon Nextcloud peut s'installer sur à peu près n'importe quel serveur avec le web installer: https://nextcloud.com/install/#instructions-server

Oui c'est bien ce que je pensai, un rapport Debscan.
Étant sur Armbian (basée sur Debian), je ne pensai pas que ça pouvait produire autant de faux positifs.
Comme dit juste au dessus, je suis en train de tout réinstaller en kernel 5.4.
Je verrai donc si c'est mieux par la suite.
Étrange tout de même de recevoir ce genre de mails de la part d'Armbian, si ce n'est pas valable... à moins d'avoir par erreur activé quelque chose de trop ?
Pour ce qui est de la distribution, je sais qu'il demande une base Debian. J'avais essayé sur la distri Ubuntu fournie par HardKernel (fabricant de la carte) mais pendant l'installation, j'avais un message me disant que ce système n'est pas pris en charge et bloquait l'installation. D’où mon choix de passer sur Armbian.

---

0 pour,
0

Dysnome @
Métayer


2901pts

Inscrit le: 29 août 2014
Messages: 624
Localisation: Luxembourg
Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 15:29  

Tu parles de l'install de l'OS ou de Nextcloud ?

Tiens-nous au jus pour le passage en 5.4.

Ok pour les vidéos, je vais m'activer d'ici peu, il fait moins chaud dans le bureau donc plus facile de bosser :)

0 pour,
0

topodoco @
Paysan


639pts

Inscrit le: 29 juillet 2008
Messages: 361

Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 15:55  

Alors j'ai décidé de réinstaller la microSD.
J'ai donc chargé une autre image Linux en Kernel 5.4, celle nommée: Buster minimal en kernel 5.4.y en bas de cette page: https://www.armbian.com/odroid-hc1/

Forcement ça implique une nouvelle installation de NextCloud.

Mais même avant de vraiment commencer à me servir de NextCloud (il est déjà installé), j'ai déjà une notification de premier mail avec énormément de VCE.
Par erreur je l'ai purgé avant de le coller ici

Très étrange quand même.

---

0 pour,
0

topodoco @
Paysan


639pts

Inscrit le: 29 juillet 2008
Messages: 361

Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 18:57  

Voila donc le fameux mail... Alors que tout vient juste d'être installé et mis à jour... C'est vraiment bizarre... sans doute un mail de faux positifs puisque fonctionnant sur Armbian et non pas Debian...

Code:

From [email protected]  Sun Aug 23 18:42:03 2020 Return-Path: <[email protected]> X-Original-To: root Delivered-To: [email protected] Received: by localhost.lan (Postfix, from userid 1)    id xxxxxxxxxx; Sun, 23 Aug 2020 18:42:03 +0200 (CEST) Subject: Debian security status of odroidxu4 To: [email protected] Message-Id: <[email protected]> Date: Sun, 23 Aug 2020 18:42:03 +0200 (CEST) From: daemon <[email protected]> Security report based on general data If you specify a proper suite, this report will include information regarding available security updates and obsolete packages.  To set the correct suite, run "dpkg-reconfigure debsecan" as root. *** New vulnerabilities CVE-2012-1096 NetworkManager 0.9 and earlier allows local users to...   <https://security-tracker.debian.org/tracker/CVE-2012-1096>   - libnm0, network-manager (low urgency) CVE-2013-7445 The Direct Rendering Manager (DRM) subsystem in the...   <https://security-tracker.debian.org/tracker/CVE-2013-7445>   - linux-libc-dev CVE-2016-10228 The iconv program in the GNU C Library (aka glibc or...   <https://security-tracker.debian.org/tracker/CVE-2016-10228>   - libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales     (low urgency) CVE-2016-1585 In all versions of AppArmor mount rules are...   <https://security-tracker.debian.org/tracker/CVE-2016-1585>   - libapparmor1 (low urgency) CVE-2016-2568 pkexec, when used with --user nonpriv, allows local...   <https://security-tracker.debian.org/tracker/CVE-2016-2568>   - libpolkit-agent-1-0, libpolkit-backend-1-0, libpolkit-gobject-1-0,     policykit-1 (low urgency) CVE-2016-2781 chroot in GNU coreutils, when used with --userspec,...   <https://security-tracker.debian.org/tracker/CVE-2016-2781>   - coreutils (low urgency) CVE-2016-9318 libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23...   <https://security-tracker.debian.org/tracker/CVE-2016-9318>   - libxml2 CVE-2017-0630 An information disclosure vulnerability in the kernel...   <https://security-tracker.debian.org/tracker/CVE-2017-0630>   - linux-libc-dev CVE-2017-16932 parser.c in libxml2 before 2.9.5 does not prevent...   <https://security-tracker.debian.org/tracker/CVE-2017-16932>   - libxml2 CVE-2017-18258 The xz_head function in xzlib.c in libxml2 before...   <https://security-tracker.debian.org/tracker/CVE-2017-18258>   - libxml2 (low urgency) CVE-2017-6363 ** DISPUTED ** In the GD Graphics Library (aka LibGD)...   <https://security-tracker.debian.org/tracker/CVE-2017-6363>   - libgd3 CVE-2017-7189 main/streams/xp_socket.c in PHP 7.x before 2017-03-07...   <https://security-tracker.debian.org/tracker/CVE-2017-7189>   - php7.3, php7.3-bz2, php7.3-cli, php7.3-common, php7.3-curl,     php7.3-fpm, php7.3-gd, php7.3-gmp, php7.3-intl, php7.3-json,     php7.3-ldap, php7.3-mbstring, php7.3-mysql, php7.3-opcache,     php7.3-readline, php7.3-xml, php7.3-zip CVE-2017-7272 PHP through 7.1.11 enables potential SSRF in...   <https://security-tracker.debian.org/tracker/CVE-2017-7272>   - php7.3, php7.3-bz2, php7.3-cli, php7.3-common, php7.3-curl,     php7.3-fpm, php7.3-gd, php7.3-gmp, php7.3-intl, php7.3-json,     php7.3-ldap, php7.3-mbstring, php7.3-mysql, php7.3-opcache,     php7.3-readline, php7.3-xml, php7.3-zip CVE-2018-10910 A bug in Bluez may allow for the Bluetooth...   <https://security-tracker.debian.org/tracker/CVE-2018-10910>   - libbluetooth3 (low urgency) CVE-2018-1152 libjpeg-turbo 1.5.90 is vulnerable to a denial of...   <https://security-tracker.debian.org/tracker/CVE-2018-1152>   - libjpeg62-turbo (low urgency) CVE-2018-12886 stack_protect_prologue in cfgexpand.c and...   <https://security-tracker.debian.org/tracker/CVE-2018-12886>   - cpp-8, g++-8, gcc-8, gcc-8-base, libasan5, libatomic1, libcc1-0,     libgcc-8-dev, libgcc1, libgomp1, libstdc++-8-dev, libstdc++6,     libubsan1 CVE-2018-12928 In the Linux kernel 4.15.0, a NULL pointer...   <https://security-tracker.debian.org/tracker/CVE-2018-12928>   - linux-libc-dev (low urgency) CVE-2018-14404 A NULL pointer dereference vulnerability exists in...   <https://security-tracker.debian.org/tracker/CVE-2018-14404>   - libxml2 (low urgency) CVE-2018-14498 get_8bit_row in rdbmp.c in libjpeg-turbo through...   <https://security-tracker.debian.org/tracker/CVE-2018-14498>   - libjpeg62-turbo (low urgency) CVE-2018-14553 gdImageClone in gd.c in libgd 2.1.0-rc2 through...   <https://security-tracker.debian.org/tracker/CVE-2018-14553>   - libgd3 (low urgency) CVE-2018-14567 libxml2 2.9.8, if --with-lzma is used, allows remote...   <https://security-tracker.debian.org/tracker/CVE-2018-14567>   - libxml2 CVE-2018-15919 Remotely observable behaviour in auth-gss2.c in...   <https://security-tracker.debian.org/tracker/CVE-2018-15919>   - openssh-client, openssh-server, openssh-sftp-server (low urgency) CVE-2018-16384 A SQL injection bypass (aka PL1 bypass) exists in...   <https://security-tracker.debian.org/tracker/CVE-2018-16384>   - modsecurity-crs (low urgency) CVE-2018-17977 The Linux kernel 4.14.67 mishandles certain...   <https://security-tracker.debian.org/tracker/CVE-2018-17977>   - linux-libc-dev CVE-2018-18653 The Linux kernel, as used in Ubuntu 18.10 and when...   <https://security-tracker.debian.org/tracker/CVE-2018-18653>   - linux-libc-dev CVE-2018-3693 Systems with microprocessors utilizing speculative...   <https://security-tracker.debian.org/tracker/CVE-2018-3693>   - linux-libc-dev CVE-2018-7169 An issue was discovered in shadow 4.5. newgidmap (in...   <https://security-tracker.debian.org/tracker/CVE-2018-7169>   - login, passwd (low urgency) CVE-2018-7577 Memcpy parameter overlap in Google Snappy library...   <https://security-tracker.debian.org/tracker/CVE-2018-7577>   - libsnappy1v5 CVE-2019-10218 A flaw was found in the samba client, all samba...   <https://security-tracker.debian.org/tracker/CVE-2019-10218>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2019-11236 In the urllib3 library through 1.24.1 for Python,...   <https://security-tracker.debian.org/tracker/CVE-2019-11236>   - python3-urllib3 CVE-2019-12290 GNU libidn2 before 2.2.0 fails to perform the...   <https://security-tracker.debian.org/tracker/CVE-2019-12290>   - libidn2-0 CVE-2019-12881 i915_gem_userptr_get_pages in...   <https://security-tracker.debian.org/tracker/CVE-2019-12881>   - linux-libc-dev CVE-2019-13103 A crafted self-referential DOS partition table will...   <https://security-tracker.debian.org/tracker/CVE-2019-13103>   - u-boot-tools (low urgency) CVE-2019-13104 In Das U-Boot versions 2016.11-rc1 through...   <https://security-tracker.debian.org/tracker/CVE-2019-13104>   - u-boot-tools (low urgency) CVE-2019-13105 Das U-Boot versions 2019.07-rc1 through 2019.07-rc4...   <https://security-tracker.debian.org/tracker/CVE-2019-13105>   - u-boot-tools (low urgency) CVE-2019-13106 Das U-Boot versions 2016.09 through 2019.07-rc4 can...   <https://security-tracker.debian.org/tracker/CVE-2019-13106>   - u-boot-tools (low urgency) CVE-2019-13115 In libssh2 before 1.9.0,...   <https://security-tracker.debian.org/tracker/CVE-2019-13115>   - libssh2-1 CVE-2019-13224 A use-after-free in onig_new_deluxe() in regext.c in...   <https://security-tracker.debian.org/tracker/CVE-2019-13224>   - libonig5 (low urgency) CVE-2019-13225 A NULL Pointer Dereference in match_at() in...   <https://security-tracker.debian.org/tracker/CVE-2019-13225>   - libonig5 (low urgency) CVE-2019-13627 It was discovered that there was a ECDSA timing...   <https://security-tracker.debian.org/tracker/CVE-2019-13627>   - libgcrypt20 CVE-2019-14192 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14192>   - u-boot-tools CVE-2019-14193 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14193>   - u-boot-tools CVE-2019-14194 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14194>   - u-boot-tools CVE-2019-14195 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14195>   - u-boot-tools CVE-2019-14196 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14196>   - u-boot-tools CVE-2019-14197 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14197>   - u-boot-tools CVE-2019-14198 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14198>   - u-boot-tools CVE-2019-14199 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14199>   - u-boot-tools CVE-2019-14200 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14200>   - u-boot-tools CVE-2019-14201 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14201>   - u-boot-tools CVE-2019-14202 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14202>   - u-boot-tools CVE-2019-14203 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14203>   - u-boot-tools CVE-2019-14204 An issue was discovered in Das U-Boot through...   <https://security-tracker.debian.org/tracker/CVE-2019-14204>   - u-boot-tools CVE-2019-14833 A flaw was found in Samba, all versions starting...   <https://security-tracker.debian.org/tracker/CVE-2019-14833>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2019-14834 A vulnerability was found in dnsmasq before version...   <https://security-tracker.debian.org/tracker/CVE-2019-14834>   - dnsmasq, dnsmasq-base CVE-2019-14847 A flaw was found in samba 4.0.0 before samba 4.9.15...   <https://security-tracker.debian.org/tracker/CVE-2019-14847>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2019-14855 A flaw was found in the way certificate signatures...   <https://security-tracker.debian.org/tracker/CVE-2019-14855>   - dirmngr, gnupg, gnupg-l10n, gnupg-utils, gpg, gpg-agent,     gpg-wks-client, gpg-wks-server, gpgconf, gpgsm, gpgv (low urgency) CVE-2019-14861 All Samba versions 4.x.x before 4.9.17, 4.10.x...   <https://security-tracker.debian.org/tracker/CVE-2019-14861>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2019-14866 In all versions of cpio before 2.13 does not...   <https://security-tracker.debian.org/tracker/CVE-2019-14866>   - cpio (low urgency) CVE-2019-14870 All Samba versions 4.x.x before 4.9.17, 4.10.x...   <https://security-tracker.debian.org/tracker/CVE-2019-14870>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2019-14902 There is an issue in all samba 4.11.x versions...   <https://security-tracker.debian.org/tracker/CVE-2019-14902>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2019-14907 All samba versions 4.9.x before 4.9.18, 4.10.x...   <https://security-tracker.debian.org/tracker/CVE-2019-14907>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2019-1551 There is an overflow bug in the x64_64 Montgomery...   <https://security-tracker.debian.org/tracker/CVE-2019-1551>   - libssl1.1, openssl (low urgency) CVE-2019-15847 The POWER9 backend in GNU Compiler Collection (GCC)...   <https://security-tracker.debian.org/tracker/CVE-2019-15847>   - cpp-8, g++-8, gcc-8, gcc-8-base, libasan5, libatomic1, libcc1-0,     libgcc-8-dev, libgcc1, libgomp1, libstdc++-8-dev, libstdc++6,     libubsan1 CVE-2019-16163 Oniguruma before 6.9.3 allows Stack Exhaustion in...   <https://security-tracker.debian.org/tracker/CVE-2019-16163>   - libonig5 (low urgency) CVE-2019-16168 In SQLite through 3.29.0, whereLoopAddBtreeIndex in...   <https://security-tracker.debian.org/tracker/CVE-2019-16168>   - libsqlite3-0 CVE-2019-17041 An issue was discovered in Rsyslog v8.1908.0....   <https://security-tracker.debian.org/tracker/CVE-2019-17041>   - rsyslog CVE-2019-17042 An issue was discovered in Rsyslog v8.1908.0....   <https://security-tracker.debian.org/tracker/CVE-2019-17042>   - rsyslog CVE-2019-17498 In libssh2 v1.9.0 and earlier versions, the...   <https://security-tracker.debian.org/tracker/CVE-2019-17498>   - libssh2-1 (low urgency) CVE-2019-17543 LZ4 before 1.9.2 has a heap-based buffer overflow in...   <https://security-tracker.debian.org/tracker/CVE-2019-17543>   - liblz4-1 (low urgency) CVE-2019-19012 An integer overflow in the search_in_range function...   <https://security-tracker.debian.org/tracker/CVE-2019-19012>   - libonig5 (low urgency) CVE-2019-19039 ** DISPUTED ** __btrfs_free_extent in...   <https://security-tracker.debian.org/tracker/CVE-2019-19039>   - linux-libc-dev CVE-2019-19073 Memory leaks in...   <https://security-tracker.debian.org/tracker/CVE-2019-19073>   - linux-libc-dev CVE-2019-19074 A memory leak in the ath9k_wmi_cmd() function in...   <https://security-tracker.debian.org/tracker/CVE-2019-19074>   - linux-libc-dev CVE-2019-19203 An issue was discovered in Oniguruma 6.x before...   <https://security-tracker.debian.org/tracker/CVE-2019-19203>   - libonig5 (low urgency) CVE-2019-19204 An issue was discovered in Oniguruma 6.x before...   <https://security-tracker.debian.org/tracker/CVE-2019-19204>   - libonig5 (low urgency) CVE-2019-19246 Oniguruma through 6.9.3, as used in PHP 7.3.x and...   <https://security-tracker.debian.org/tracker/CVE-2019-19246>   - libonig5 (low urgency) CVE-2019-19318 In the Linux kernel 5.3.11, mounting a crafted btrfs...   <https://security-tracker.debian.org/tracker/CVE-2019-19318>   - linux-libc-dev CVE-2019-19377 In the Linux kernel 5.0.21, mounting a crafted btrfs...   <https://security-tracker.debian.org/tracker/CVE-2019-19377>   - linux-libc-dev CVE-2019-19378 In the Linux kernel 5.0.21, mounting a crafted btrfs...   <https://security-tracker.debian.org/tracker/CVE-2019-19378>   - linux-libc-dev CVE-2019-19448 In the Linux kernel 5.0.21 and 5.3.11, mounting a...   <https://security-tracker.debian.org/tracker/CVE-2019-19448>   - linux-libc-dev CVE-2019-19449 In the Linux kernel 5.0.21, mounting a crafted f2fs...   <https://security-tracker.debian.org/tracker/CVE-2019-19449>   - linux-libc-dev CVE-2019-19770 ** DISPUTED ** In the Linux kernel 4.19.83, there is...   <https://security-tracker.debian.org/tracker/CVE-2019-19770>   - linux-libc-dev CVE-2019-19813 In the Linux kernel 5.0.21, mounting a crafted btrfs...   <https://security-tracker.debian.org/tracker/CVE-2019-19813>   - linux-libc-dev CVE-2019-19814 In the Linux kernel 5.0.21, mounting a crafted f2fs...   <https://security-tracker.debian.org/tracker/CVE-2019-19814>   - linux-libc-dev CVE-2019-19815 In the Linux kernel 5.0.21, mounting a crafted f2fs...   <https://security-tracker.debian.org/tracker/CVE-2019-19815>   - linux-libc-dev CVE-2019-19816 In the Linux kernel 5.0.21, mounting a crafted btrfs...   <https://security-tracker.debian.org/tracker/CVE-2019-19816>   - linux-libc-dev CVE-2019-19956 xmlParseBalancedChunkMemoryRecover in parser.c in...   <https://security-tracker.debian.org/tracker/CVE-2019-19956>   - libxml2 CVE-2019-20218 selectExpander in select.c in SQLite 3.30.1 proceeds...   <https://security-tracker.debian.org/tracker/CVE-2019-20218>   - libsqlite3-0 CVE-2019-20367 nlist.c in libbsd before 0.10.0 has an out-of-bounds...   <https://security-tracker.debian.org/tracker/CVE-2019-20367>   - libbsd0 CVE-2019-20388 xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10...   <https://security-tracker.debian.org/tracker/CVE-2019-20388>   - libxml2 CVE-2019-20454 An out-of-bounds read was discovered in PCRE before...   <https://security-tracker.debian.org/tracker/CVE-2019-20454>   - libpcre2-8-0 CVE-2019-20794 An issue was discovered in the Linux kernel 4.18...   <https://security-tracker.debian.org/tracker/CVE-2019-20794>   - linux-libc-dev CVE-2019-20907 In Lib/tarfile.py in Python through 3.8.3, an...   <https://security-tracker.debian.org/tracker/CVE-2019-20907>   - libpython2.7, libpython2.7-minimal, libpython2.7-stdlib, python2.7,     python2.7-minimal (low urgency) CVE-2019-2201 In generate_jsimd_ycc_rgb_convert_neon of...   <https://security-tracker.debian.org/tracker/CVE-2019-2201>   - libjpeg62-turbo (low urgency) CVE-2019-3874 The SCTP socket buffer used by a userspace...   <https://security-tracker.debian.org/tracker/CVE-2019-3874>   - linux-libc-dev CVE-2019-6988 An issue was discovered in OpenJPEG 2.3.0. It allows...   <https://security-tracker.debian.org/tracker/CVE-2019-6988>   - libopenjp2-7 (low urgency) CVE-2020-10029 The GNU C Library (aka glibc or libc6) before 2.32...   <https://security-tracker.debian.org/tracker/CVE-2020-10029>   - libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales CVE-2020-10251 In ImageMagick 7.0.9, an out-of-bounds read...   <https://security-tracker.debian.org/tracker/CVE-2020-10251>   - imagemagick-6-common, libmagickcore-6.q16-6, libmagickwand-6.q16-6     (low urgency) CVE-2020-10648 Das U-Boot through 2020.01 allows attackers to...   <https://security-tracker.debian.org/tracker/CVE-2020-10648>   - u-boot-tools CVE-2020-10704 A flaw was found when using samba as an Active...   <https://security-tracker.debian.org/tracker/CVE-2020-10704>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2020-10730 A NULL pointer dereference, or possible...   <https://security-tracker.debian.org/tracker/CVE-2020-10730>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2020-10745 A flaw was found in all Samba versions before...   <https://security-tracker.debian.org/tracker/CVE-2020-10745>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2020-10760 A use-after-free flaw was found in all samba LDAP...   <https://security-tracker.debian.org/tracker/CVE-2020-10760>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2020-11655 SQLite through 3.31.1 allows attackers to cause a...   <https://security-tracker.debian.org/tracker/CVE-2020-11655>   - libsqlite3-0 CVE-2020-11725 ** DISPUTED ** snd_ctl_elem_add in...   <https://security-tracker.debian.org/tracker/CVE-2020-11725>   - linux-libc-dev CVE-2020-11984 Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi...   <https://security-tracker.debian.org/tracker/CVE-2020-11984>   - apache2, apache2-bin, apache2-data, apache2-utils CVE-2020-11993 Apache HTTP Server versions 2.4.20 to 2.4.43 When...   <https://security-tracker.debian.org/tracker/CVE-2020-11993>   - apache2, apache2-bin, apache2-data, apache2-utils CVE-2020-12695 The Open Connectivity Foundation UPnP specification...   <https://security-tracker.debian.org/tracker/CVE-2020-12695>   - hostapd, wpasupplicant CVE-2020-12888 The VFIO PCI driver in the Linux kernel through...   <https://security-tracker.debian.org/tracker/CVE-2020-12888>   - linux-libc-dev CVE-2020-13434 SQLite through 3.32.0 has an integer overflow in...   <https://security-tracker.debian.org/tracker/CVE-2020-13434>   - libsqlite3-0 CVE-2020-13790 libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a...   <https://security-tracker.debian.org/tracker/CVE-2020-13790>   - libjpeg62-turbo CVE-2020-14155 libpcre in PCRE before 8.44 allows an integer...   <https://security-tracker.debian.org/tracker/CVE-2020-14155>   - libpcre3 CVE-2020-14303 A flaw was found in the AD DC NBT server in all...   <https://security-tracker.debian.org/tracker/CVE-2020-14303>   - libsmbclient, libwbclient0, python-samba, samba, samba-common,     samba-common-bin, samba-libs CVE-2020-14304 ethtool when reading eeprom of device could lead to...   <https://security-tracker.debian.org/tracker/CVE-2020-14304>   - linux-libc-dev CVE-2020-14314 buffer uses out of index in ext3/4 filesystem   <https://security-tracker.debian.org/tracker/CVE-2020-14314>   - linux-libc-dev CVE-2020-14344 An integer overflow leading to a heap-buffer...   <https://security-tracker.debian.org/tracker/CVE-2020-14344>   - libx11-6, libx11-data CVE-2020-14356 A flaw null pointer dereference in the Linux kernel...   <https://security-tracker.debian.org/tracker/CVE-2020-14356>   - linux-libc-dev CVE-2020-14367 Insecure writing to PID file   <https://security-tracker.debian.org/tracker/CVE-2020-14367>   - chrony CVE-2020-15389 jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a...   <https://security-tracker.debian.org/tracker/CVE-2020-15389>   - libopenjp2-7 CVE-2020-15709   <https://security-tracker.debian.org/tracker/CVE-2020-15709>   - python3-software-properties, software-properties-common CVE-2020-15780 An issue was discovered in...   <https://security-tracker.debian.org/tracker/CVE-2020-15780>   - linux-libc-dev CVE-2020-15888 Lua through 5.4.0 mishandles the interaction between...   <https://security-tracker.debian.org/tracker/CVE-2020-15888>   - liblua5.1-0, liblua5.2-0 CVE-2020-15889 Lua through 5.4.0 has a getobjname heap-based buffer...   <https://security-tracker.debian.org/tracker/CVE-2020-15889>   - liblua5.1-0, liblua5.2-0 CVE-2020-15945 Lua through 5.4.0 has a segmentation fault in...   <https://security-tracker.debian.org/tracker/CVE-2020-15945>   - liblua5.1-0, liblua5.2-0 CVE-2020-16166 The Linux kernel through 5.7.11 allows remote...   <https://security-tracker.debian.org/tracker/CVE-2020-16166>   - linux-libc-dev CVE-2020-1751 An out-of-bounds write vulnerability was found in...   <https://security-tracker.debian.org/tracker/CVE-2020-1751>   - libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales CVE-2020-1752 A use-after-free vulnerability introduced in glibc...   <https://security-tracker.debian.org/tracker/CVE-2020-1752>   - libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales CVE-2020-1927 In Apache HTTP Server 2.4.0 to 2.4.41, redirects...   <https://security-tracker.debian.org/tracker/CVE-2020-1927>   - apache2, apache2-bin, apache2-data, apache2-utils (low urgency) CVE-2020-1934 In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp...   <https://security-tracker.debian.org/tracker/CVE-2020-1934>   - apache2, apache2-bin, apache2-data, apache2-utils (low urgency) CVE-2020-3909 A buffer overflow was addressed with improved bounds...   <https://security-tracker.debian.org/tracker/CVE-2020-3909>   - libxml2 CVE-2020-3910 A buffer overflow was addressed with improved size...   <https://security-tracker.debian.org/tracker/CVE-2020-3910>   - libxml2 CVE-2020-6096 An exploitable signed comparison vulnerability exists...   <https://security-tracker.debian.org/tracker/CVE-2020-6096>   - libc-bin, libc-dev-bin, libc-l10n, libc6, libc6-dev, locales     (low urgency) CVE-2020-6851 OpenJPEG through 2.3.1 has a heap-based buffer...   <https://security-tracker.debian.org/tracker/CVE-2020-6851>   - libopenjp2-7 CVE-2020-7068   <https://security-tracker.debian.org/tracker/CVE-2020-7068>   - php7.3, php7.3-bz2, php7.3-cli, php7.3-common, php7.3-curl,     php7.3-fpm, php7.3-gd, php7.3-gmp, php7.3-intl, php7.3-json,     php7.3-ldap, php7.3-mbstring, php7.3-mysql, php7.3-opcache,     php7.3-readline, php7.3-xml, php7.3-zip CVE-2020-7105 async.c and dict.c in libhiredis.a in hiredis through...   <https://security-tracker.debian.org/tracker/CVE-2020-7105>   - libhiredis0.14 CVE-2020-7595 xmlStringLenDecodeEntities in parser.c in libxml2...   <https://security-tracker.debian.org/tracker/CVE-2020-7595>   - libxml2 CVE-2020-8112 opj_t1_clbl_decode_processor in openjp2/t1.c in...   <https://security-tracker.debian.org/tracker/CVE-2020-8112>   - libopenjp2-7 CVE-2020-8177   <https://security-tracker.debian.org/tracker/CVE-2020-8177>   - curl, libcurl3-gnutls, libcurl4 CVE-2020-8231   <https://security-tracker.debian.org/tracker/CVE-2020-8231>   - curl, libcurl3-gnutls, libcurl4 CVE-2020-8432 In Das U-Boot through 2020.01, a double free has been...   <https://security-tracker.debian.org/tracker/CVE-2020-8432>   - u-boot-tools (low urgency) CVE-2020-8492 Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6...   <https://security-tracker.debian.org/tracker/CVE-2020-8492>   - libpython2.7, libpython2.7-minimal, libpython2.7-stdlib, python2.7,     python2.7-minimal CVE-2020-8622 In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5,...   <https://security-tracker.debian.org/tracker/CVE-2020-8622>   - bind9-host, dnsutils, libbind9-161, libdns-export1104, libdns1104,     libirs161, libisc-export1100, libisc1100, libisccc161, libisccfg163,     liblwres161 CVE-2020-8623 In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5,...   <https://security-tracker.debian.org/tracker/CVE-2020-8623>   - bind9-host, dnsutils, libbind9-161, libdns-export1104, libdns1104,     libirs161, libisc-export1100, libisc1100, libisccc161, libisccfg163,     liblwres161 CVE-2020-8624 In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8,...   <https://security-tracker.debian.org/tracker/CVE-2020-8624>   - bind9-host, dnsutils, libbind9-161, libdns-export1104, libdns1104,     libirs161, libisc-export1100, libisc1100, libisccc161, libisccfg163,     liblwres161 CVE-2020-9490 Apache HTTP Server versions 2.4.20 to 2.4.43. A...   <https://security-tracker.debian.org/tracker/CVE-2020-9490>   - apache2, apache2-bin, apache2-data, apache2-utils CVE-2020-9794 An out-of-bounds read was addressed with improved...   <https://security-tracker.debian.org/tracker/CVE-2020-9794>   - libsqlite3-0

---

0 pour,
0

dobi13 @
Ouvrier agricole


303pts

Inscrit le: 11 mars 2017
Messages: 180

Navigateur : n.c.
Hors ligne

Posté le: 23 août 2020 à 23:02  

Fais gaffe si jamais ton voisin ressemble à ce mec-là :


t'es dans la merde...

1 pour,
1

topodoco @
Paysan


639pts

Inscrit le: 29 juillet 2008
Messages: 361

Navigateur : n.c.
Hors ligne

Posté le: 24 août 2020 à 02:11  

dobi13 a écrit:

Fais gaffe si jamais ton voisin ressemble à ce mec-là : t'es dans la Crotte...

Non, pas de problème de ce coté la...
Mon voisin est prudent, il se protège toujours !

---

0 pour,
0

 

Sujets similaires
Sujet		Auteur	Forum	Réponses	Posté le
	[PROBLEME] - Stockage du disque système SSD erroné	Dwarfcherry	L'atelier	19	03 avril 2024 à 06:24
	[Debian-10] Migration de matériel, sans réinstallation	Comias	Linux	2	26 mai 2022 à 02:42
	Clonage disque système - Solutions et problèmes	Old_Bear	La sélection des fermiers	16	26 février 2022 à 14:16
	Conseil d'achat système audio Home cinema	Zoom	Audios	40	28 novembre 2021 à 19:36
	reflux liquide dans reservoir quand le système est coupé	azureus	Watercooling	4	06 mars 2021 à 11:02