<!-- MHonArc v2.6.19 --> <!--X-Subject: [SECURITY] [DSA 5742&#45;1] odoo security update --> <!--X-From-R13: Eronfgvra Rrynsbaq &#60;froNqrovna.bet> --> <!--X-Date: Thu, 8 Aug 2024 11:23:19 +0000 (UTC) --> <!--X-Message-Id: E1sc1EN&#45;00FLYZ&#45;UB@seger.debian.org --> <!--X-Content-Type: text/plain --> <!--X-Head-End--> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>[SECURITY] [DSA 5742-1] odoo security update</title> <link rev="made" href="mailto:seb@debian.org"> <link rel="index" href="maillist.html"> <link rel="top" href="threads.html"> <link rel="up" href="msg00155.html"> <link rel="prev" href="msg00154.html"> <link rel="next" href="msg00156.html"> <meta name="viewport" content="width=device-width, initial-scale=1"> <style> pre { white-space: pre-wrap; } </style> </head> <body> <!--X-Body-Begin--> <!--X-User-Header--> <!--X-User-Header-End--> <!--X-TopPNI--> <hr> <form method="POST" action="/cgi-bin/spam-report.pl"> <input type="hidden" name="listname" value="debian-security-announce" /> <input type="hidden" name="msg" value="msg00155.html" /> <input type="hidden" name="date" value="2024/" /> <input type="submit" value="Report as spam" style="float: right" /> [<a href="msg00154.html">Date Prev</a>][<a href="msg00156.html">Date Next</a>] [<a href="msg00154.html">Thread Prev</a>][<a href="msg00156.html">Thread Next</a>] [<a href="maillist.html#00155">Date Index</a>] [<a href="threads.html#00155">Thread Index</a>] </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> <h1>[SECURITY] [DSA 5742-1] odoo security update</h1> <hr> <!--X-Subject-Header-End--> <!--X-Head-of-Message--> <ul> <li><em>To</em>: <a href="mailto:debian-security-announce%40lists.debian.org">debian-security-announce@lists.debian.org</a></li> <li><em>Subject</em>: [SECURITY] [DSA 5742-1] odoo security update</li> <li><em>From</em>: Sebastien Delafond &lt;<a href="mailto:seb%40debian.org">seb@debian.org</a>&gt;</li> <li><em>Date</em>: Thu, 08 Aug 2024 11:22:55 +0000</li> <li><em>Message-id</em>: &lt;<A HREF="/msgid-search/E1sc1EN-00FLYZ-UB@seger.debian.org">[&#128270;]</a>&nbsp;<a href="msg00155.html">E1sc1EN-00FLYZ-UB@seger.debian.org</A>&gt;</li> <li><em>Reply-to</em>: <a href="mailto:debian-security-announce-request%40lists.debian.org">debian-security-announce-request@lists.debian.org</a></li> </ul> <!--X-Head-of-Message-End--> <!--X-Head-Body-Sep-Begin--> <hr> <!--X-Head-Body-Sep-End--> <!--X-Body-of-Message--> <pre>-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5742-1 security@debian.org <a rel="nofollow" href="https://www.debian.org/security/">https://www.debian.org/security/</a> Sebastien Delafond August 08, 2024 <a rel="nofollow" href="https://www.debian.org/security/faq">https://www.debian.org/security/faq</a> - ------------------------------------------------------------------------- Package : odoo CVE ID : CVE-2024-4367 Debian Bug : 1074228 A vulnerability was discovered in odoo, a suite of web based open source business apps. It could result in the execution of arbitrary code. For the oldstable distribution (bullseye), this problem has been fixed in version 14.0.0+dfsg.2-7+deb11u2. For the stable distribution (bookworm), this problem has been fixed in version $bookworm_VERSION. We recommend that you upgrade your odoo packages. For the detailed security status of odoo please refer to its security tracker page at: <a rel="nofollow" href="https://security-tracker.debian.org/tracker/odoo">https://security-tracker.debian.org/tracker/odoo</a> Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: <a rel="nofollow" href="https://www.debian.org/security/">https://www.debian.org/security/</a> Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAma0mLEACgkQEL6Jg/PV nWQKXgf+O9Wy7m7xU3IXmoUyhAvyeKoIEKP1jeTJ5GgFxAyOOJzuWFB9lgtF8o6G iA/TZReuabMq9jFH/Dn5eovF6lI4YpUGwThRTCBZRcGz6KiKdgZ6RiI5MRKsoHoV cn+5N2ecnJ+VFzz2jYzxcfD1Z3/KoiICVZscSbLlxi1ubNTMWQRP5n0YYJ9MxUm1 YQY17+3heZdS6IRbxjS/KXJL3MxTQsmCHnoNMXs8+iKtstaFPpYhlc9NrQAIEUwQ t4S1UpOZxcXcVtqiv1BkIvxswFytLTE/wTqxeSEzgBan8qelTCu1J+jo+woYzLdH TU3ag03HdiSsem+qdGBMmM9ldRbvGA== =eMxY -----END PGP SIGNATURE----- </pre> <!--X-Body-of-Message-End--> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <hr /> <strong>Reply to:</strong> <ul> <li><a href="mailto:debian-security-announce&#64;lists.debian.org?in-reply-to=&lt;E1sc1EN-00FLYZ-UB@seger.debian.org&gt;&amp;subject=Re:%20[SECURITY] [DSA 5742-1] odoo security update">debian-security-announce&#64;lists.debian.org</a></li> <li><a href="mailto:seb@debian.org?in-reply-to=&lt;E1sc1EN-00FLYZ-UB@seger.debian.org&gt;&amp;subject=Re:%20[SECURITY] [DSA 5742-1] odoo security update&amp;cc=debian-security-announce&#64;lists.debian.org">Sebastien Delafond (on-list)</a></li> <li><a href="mailto:seb@debian.org?in-reply-to=&lt;E1sc1EN-00FLYZ-UB@seger.debian.org&gt;&amp;subject=Re:%20[SECURITY] [DSA 5742-1] odoo security update">Sebastien Delafond (off-list)</a></li> </ul> <hr /> <!--X-Follow-Ups-End--> <!--X-References--> <!--X-References-End--> <!--X-BotPNI--> <ul> <li>Prev by Date: <strong><a href="msg00154.html">[SECURITY] [DSA 5743-1] roundcube security update</a></strong> </li> <li>Next by Date: <strong><a href="msg00156.html">[SECURITY] [DSA 5744-1] thunderbird security update</a></strong> </li> <li>Previous by thread: <strong><a href="msg00154.html">[SECURITY] [DSA 5743-1] roundcube security update</a></strong> </li> <li>Next by thread: <strong><a href="msg00156.html">[SECURITY] [DSA 5744-1] thunderbird security update</a></strong> </li> <li>Index(es): <ul> <li><a href="maillist.html#00155"><strong>Date</strong></a></li> <li><a href="threads.html#00155"><strong>Thread</strong></a></li> </ul> </li> </ul> <!--X-BotPNI-End--> <!--X-User-Footer--> <!--X-User-Footer-End--> </body> </html>