-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2949-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 15, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : spip Version : 3.1.4-4~deb9u5 CVE ID : CVE-2022-26846 CVE-2022-26847 It was discovered that SPIP, a website engine for publishing, would allow a malicious user to execute arbitrary code. For Debian 9 stretch, these problems have been fixed in version 3.1.4-4~deb9u5. We recommend that you upgrade your spip packages. For the detailed security status of spip please refer to its security tracker page at: https://security-tracker.debian.org/tracker/spip Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmIwcJkACgkQnUbEiOQ2 gwKFHQ/8C4weeXk0iMnCbHJcn3CaJQgmg7UyTB46mHk5PrIsXQf4H1wHHButObfX zeKKpk/TAehv4A5uBhwR7X4XBv2JlMyzYSSwRthHE7PDfBmHvml+1tBUhA/hOo5W 2eke5OdDxZ2lqSkIvp2XUFNlhv9mN5pDH3/Tev7Bs/1NM0hjsoUH37HP5O06UtO0 sq0IzWJYPZQf/wPBmlMeiJCBTReYuAHk+LxYFPd+aC2paRoJyTRQcmnHXgj5rV5t /lNIyJ/OcC1/xoDtjyQcyFdD4USIEH1X3iqfOsLajonmZ41c5PyB3bc0nUeLu4QQ W9P5UB3edHsRXWs+SDuqKHBsV8HMa8LoeeTqQW0ifh9yPFMtRARJc0rhzNW76teG BEobkCY8W1Hxklft6xXrBayT2BsWFnqEeT/ybH0u3kUvHE2ftBr+ZGysNmogul6z aLu5KwClkAJ+rFTbTAbH288f4HW27/8xNm1YY8abuGFucHolRjkkxfjf0NxV4wol Q3AhrbQWSlpjl0GJitOYwRuvGxcYH8Nmrci20ibDu0DdkWZ2JUWSFxxYgk+b6lam Q2fCNnvDFzplzRvhi/1H4qVt1hKHIn7f42ehxuasSAOKVuNeMeIGeygW2Ic3UShJ f/DVeHgoRJ/wkxiPj2AUV0FXuUUjw5MgYgFyKJM8/mJWjdNwbmw= =54XL -----END PGP SIGNATURE-----
