-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5169-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 26, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl CVE ID : CVE-2022-2068 It was discovered that the c_rehash script included in OpenSSL did not sanitise shell meta characters which could result in the execution of arbitrary commands. For the oldstable distribution (buster), this problem has been fixed in version 1.1.1n-0+deb10u3. For the stable distribution (bullseye), this problem has been fixed in version 1.1.1n-0+deb11u3. We recommend that you upgrade your openssl packages. For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected]