-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : lynis Version : 1.6.3-1+deb8u1 CVE ID : CVE-2019-13033 Debian Bug : #963161
It was discovered that there was a vulnerability in lynis, a security auditing tool. The license key could be obtained by simple observation of the process list when a data upload is being performed. For Debian 8 "Jessie", this issue has been fixed in lynis version 1.6.3-1+deb8u1. We recommend that you upgrade your lynis packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Regards, - -- ,''`. : :' : Chris Lamb `. `'` [email protected] / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl7vbqUACgkQHpU+J9Qx HlgZEQ/+J6SWspQEMeksJ8Fihw3Y4jL817/2tlwLX3R4JvkT0P+2ZWN4/NHVaH3v cSW7XNYD+TLLxlkeX62IPPAOiZqex2ee/jXm4uh3crKGsTaROy2EmT9vAqluoULz YkppGPY+wLiAq/YoN0jUT7Bry1g6MgD+oG6/bL6mEVOmodivwmJSBELxgI55OoGq rHNcqYjCM5U9BQPFjrBWEcvpOYoZqm26ayHgP2JNLgJ491uomHl2FJfVWie3ZAP1 feg49QWLqCnkLfyoE5HtMyYdUiX34aGETM0BsUwElPypE1KzHdXxgfUJHdWvYcdv SdzsMjsy5ar4m6a7bZaU7+Ywwrj/yCaAh4zZ/yCExwgtWAa/ad1VcRcnVYA3ke1F 9HuOFTL9ffuQaCMscDrx2LjtwyuYYuHHt4AeTkYcnOJ4FxUNLQePZ3YAnlHs0/C9 Vcrk+wmGRrJQljzPPQTMDFHk57EzY51bSNYNLVixQEUjq7hye+GyAMuvX/Xo4pzJ 3n21xRDKLMKnA+VqYWj7rekXtEsJjMuogZ3P5tkwp89VNALx8sfLuzCHD0bqxXRP W/LjHicCcpG7sYlvolFTM5+BH9PiEyZVQ8NuC5wuNSWkgKQ74GMJJJ8t9Rn+u3Ml H/vKKYzlY9Kvq1QmFpQ45FBq9smkXbeyakatQHTuBqwjDObyoVk= =ZpjL -----END PGP SIGNATURE-----
