... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

linux.debian.announce.security

Debian security announcements I think?

29 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 7 of 29

Salvatore Bonaccorso to All

[SECURITY] [DSA 5977-1] aide security up

14 Aug 25 16:40:02

   From: carnil@debian.org   
      
   -----BEGIN PGP SIGNED MESSAGE-----   
   Hash: SHA512   
      
   - -------------------------------------------------------------------------   
   Debian Security Advisory DSA-5977-1                   security@debian.org   
   https://www.debian.org/security/                     Salvatore Bonaccorso   
   August 14, 2025                       https://www.debian.org/security/faq   
   - -------------------------------------------------------------------------   
      
   Package        : aide   
   CVE ID         : CVE-2025-54389 CVE-2025-54409   
      
   Rajesh Pangare discovered two vulnerabilities in aide, an advanced   
   intrusion detection system. A local attacker can take advantage of these   
   flaws to hide the addition or removal of a file from the the report,   
   tamper with the log output, or cause aide to crash during report   
   printing or database listing.   
      
   For the oldstable distribution (bookworm), these problems have been fixed   
   in version 0.18.3-1+deb12u4.   
      
   For the stable distribution (trixie), these problems have been fixed in   
   version 0.19.1-2+deb13u1.   
      
   We recommend that you upgrade your aide packages.   
      
   For the detailed security status of aide please refer to its security   
   tracker page at:   
   https://security-tracker.debian.org/tracker/aide   
      
   Further information about Debian Security Advisories, how to apply   
   these updates to your system and frequently asked questions can be   
   found at: https://www.debian.org/security/   
      
   Mailing list: debian-security-announce@lists.debian.org   
   -----BEGIN PGP SIGNATURE-----   
      
   iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmid8d9fFIAAAAAALgAo   
   aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2   
   NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND   
   z0SOkQ/8CCVyn30GzN64Y0w/w9ywGX+dgoCf6+eyofQFQXyoM+sNWYqZZHArL/pP   
   eRkQ6hIVy/B6W2u9gbWjdcDl7TPNiMX0J7oO7qXpwUpkiXntzjTRJxZZI1nUI0oi   
   t+pOAAD+6jyJHe6LE43SoWgv01RJh/z63+exG/NK4Je4UGofJ+FgStF7vkloMCYT   
   d+s+dFL5zw+laysgkk5cOhODdJ+VOcEpdLW2KrAnuwf96SDdNvMkbOcgaPnEXKII   
   pXJHyomRszFxyFB3hXrJdmToRzTvH4pvXL5MAffIqTAMSAh2lx+8RuqXE4hcY4Gs   
   go47CGUAhAfQyegd5dOzLE7xs8x7XyfH3tcj8DInw5WT1kCSrTl1ujkimg0fEVrX   
   w2qs1oZP80lSdkoHRAXKARcO3IwKEouseIVhV9NeXTUWEUrBx2n+dDl5yuJEgb+s   
   a1e+JFEz/wttDsoBFXptvPWoU09dq+PpBpYNTwhkk+IyVD8AXSnPZvkeJbQ3zCWl   
   fHHixIgn1EGS0gDbZtlQumNF6yfoQXUsCtaXurQ6WaertYL0QScpnyUwA8Atv5ZC   
   BDCIAl9UzU+/bgqzLUNoQ6Y/ciF8qFgADGFjzw4sEDxI/c+AtZdwB4zQ4yAMTPQO   
   yI/iRftHwdtBRDTLct7dW+SN+jbFkRxnuIkhDHM0i6hUxt1RfGQ=   
   =7bY5   
   -----END PGP SIGNATURE-----   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]