
<html>

  <head>


    <meta http-equiv="content-type" content="text/html; charset=windows-1252">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <p>Bonsoir,</p>

    <p>Il y a peut être une mise à jour de sécurité utile à faire sur

      h7. (et guerby is out-of-town). Je crois qu'habituellement il

      prends pas mal de précautions pour le faire (surtout : pouvoir

      aller ou être sur place).<br>

    </p>

    <div class="moz-forward-container">Amicalement,<br>

      Ludo<br>

    </div>

    <div class="moz-forward-container"><br>

      -------- Message transféré --------

      <table class="moz-email-headers-table" cellspacing="0"

        cellpadding="0" border="0">

        <tbody>

          <tr>

            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">Sujet :

            </th>

            <td>[SECURITY] [DSA 4528-1] bird security update</td>

          </tr>

          <tr>

            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">Date de

              renvoi : </th>

            <td>Thu, 19 Sep 2019 20:53:42 +0000 (UTC)</td>

          </tr>

          <tr>

            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">De

              (renvoi) : </th>

            <td><a class="moz-txt-link-abbreviated" href="mailto:debian-security-announce@lists.debian.org">debian-security-announce@lists.debian.org</a></td>

          </tr>

          <tr>

            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">Date : </th>

            <td>Thu, 19 Sep 2019 20:53:24 +0000</td>

          </tr>

          <tr>

            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">De : </th>

            <td>Moritz Muehlenhoff <a class="moz-txt-link-rfc2396E" href="mailto:jmm@debian.org"><jmm@debian.org></a></td>

          </tr>

          <tr>

            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">Répondre

              à : </th>

            <td><a class="moz-txt-link-abbreviated" href="mailto:debian-security-announce-request@lists.debian.org">debian-security-announce-request@lists.debian.org</a></td>

          </tr>

          <tr>

            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">Pour : </th>

            <td><a class="moz-txt-link-abbreviated" href="mailto:debian-security-announce@lists.debian.org">debian-security-announce@lists.debian.org</a></td>

          </tr>

        </tbody>

      </table>

      <br>

      <br>

      -----BEGIN PGP SIGNED MESSAGE-----<br>

      Hash: SHA512<br>

      <br>

      -

-------------------------------------------------------------------------<br>

      Debian Security Advisory DSA-4528-1 <a class="moz-txt-link-abbreviated" href="mailto:security@debian.org">security@debian.org</a><br>

      <a class="moz-txt-link-freetext" href="https://www.debian.org/security/">https://www.debian.org/security/</a> Moritz Muehlenhoff<br>

      September 19, 2019 <a class="moz-txt-link-freetext" href="https://www.debian.org/security/faq">https://www.debian.org/security/faq</a><br>

      -

-------------------------------------------------------------------------<br>

      <br>

      Package : bird<br>

      CVE ID : CVE-2019-16159<br>

      <br>

      Daniel McCarney discovered that the BIRD internet routing daemon<br>

      incorrectly validated RFC 8203 messages in it's BGP daemon,

      resulting<br>

      in a stack buffer overflow.<br>

      <br>

      For the stable distribution (buster), this problem has been fixed

      in<br>

      version 1.6.6-1+deb10u1. In addition this update fixes an

      incomplete<br>

      revocation of privileges and a crash triggerable via the CLI (the

      latter<br>

      two bugs are also fixed in the oldstable distribution (stretch)

      which is<br>

      not affected by CVE-2019-16159).<br>

      <br>

      We recommend that you upgrade your bird packages.<br>

      <br>

      For the detailed security status of bird please refer to<br>

      its security tracker page at:<br>

      <a class="moz-txt-link-freetext" href="https://security-tracker.debian.org/tracker/bird">https://security-tracker.debian.org/tracker/bird</a><br>

      <br>

      Further information about Debian Security Advisories, how to apply<br>

      these updates to your system and frequently asked questions can be<br>

      found at: <a class="moz-txt-link-freetext" href="https://www.debian.org/security/">https://www.debian.org/security/</a><br>

      <br>

      Mailing list: <a class="moz-txt-link-abbreviated" href="mailto:debian-security-announce@lists.debian.org">debian-security-announce@lists.debian.org</a><br>

      -----BEGIN PGP SIGNATURE-----<br>

      <br>

      iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl2D6o8ACgkQEMKTtsN8<br>

      TjbIKBAAjIy1e2SNQ19zt8KUsNCN/bSZhyHmZQMa60hvn8xSqb7XnW/2CBY2Lr16<br>

      tURlI073L6+BgFbctxqIjZIwwenWxr+ZzWGHQwoDmvlEeUjJItveYXDR2Mwstawh<br>

      KsvrDSicM1p3g6gNUjyfWjW1ykiLDYGvEufUGaJxJwykTN2siv+/BvX0ERy9fh8V<br>

      L/iu8HwRF3B2pRdvhon0u8+hEJ8xsJ8/Lf/PBuIZA2Kobm8tK1QSxbRqfwJ2chmx<br>

      269E93JADs8KOMeTEOO+QI1Rr9Drv/t9Tz940xkCJ728aosbWylIsjRvIIviqtmL<br>

      fDNroVRjBl2/6zrPL6YqZymx6/KIu3LMWkgywI8a33yqDUaBScsXlzx1pnk8ZgqY<br>

      kgdXHDtfYoHbnEQGDco2eZ3dDr6SP2lDrQq3nYb4lXc9DRYr3mp4WEuvw1iqduAx<br>

      jn3cTXqMDqdHiGDAYJkwX++dcGW4vAQqU/XaHxe1NKvOt7QnDJDVDUxo0Rg+j9ku<br>

      kDeEtgp+DYpBW7v1blpsZsgVzkESFd3PAU77KRGuBSxUpDpH/Mav6q+WT/hkz+6U<br>

      DKgWHf22LjHi1T0dvIDPDNrmCIUnnBSr8QqriNgWX8guYncTS8vfqIsaNMz78+xk<br>

      SIvvwR0tTBoziGHAjbyokHymZuDsVZfw8sa/CNv5HLXZ7GeBzIg=<br>

      =3CFw<br>

      -----END PGP SIGNATURE-----<br>

      <br>

      <br>

    </div>

  </body>

</html>