- Secops-security-bulletin

[secops] 3 changes on Microsoft
by OpenCVE.io 15 Oct '25

15 Oct '25

This email has been sent from the Critical Vulnerabilities notification of the SURF/secops project: https://app.opencve.io/org/SURF/projects/secops 3 vulnerabilities have been updated on 2025-10-15 between 18:00 and 18:59. Critical Vulnerabilities (3) - CVE-2025-11719 (9.8) - https://app.opencve.io/cve/CVE-2025-11719 Starting in Firefox 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox < 144 and Thunderbird < 144. Changes: first_time, cpes, vendors Subscriptions: Microsoft - CVE-2025-20286 (9.9) - https://app.opencve.io/cve/CVE-2025-20286 A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access... Changes: first_time, cpes, vendors Subscriptions: Microsoft - CVE-2025-11719 (9.8) - https://app.opencve.io/cve/CVE-2025-11719 Starting in Firefox 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox < 144 and Thunderbird < 144. Changes: first_time, cpes, vendors Subscriptions: Microsoft © 2025 OpenCVE, All rights reserved Update your notifications to unsubscribe this notification: https://app.opencve.io/org/SURF/projects/secops/notifications/Critical%20Vu…

1 0

[secops] 2 changes on Microsoft
by OpenCVE.io 15 Oct '25

15 Oct '25

This email has been sent from the Critical Vulnerabilities notification of the SURF/secops project: https://app.opencve.io/org/SURF/projects/secops 2 vulnerabilities have been updated on 2025-10-15 between 17:00 and 17:59. High Vulnerabilities (2) - CVE-2025-59230 (7.8) - https://app.opencve.io/cve/CVE-2025-59230 Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. Changes: first_time, cpes, vendors Subscriptions: Microsoft - CVE-2025-24990 (7.8) - https://app.opencve.io/cve/CVE-2025-24990 Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The... Changes: first_time, cpes, vendors Subscriptions: Microsoft © 2025 OpenCVE, All rights reserved Update your notifications to unsubscribe this notification: https://app.opencve.io/org/SURF/projects/secops/notifications/Critical%20Vu…

1 0

[secops] 1 change on Microsoft
by OpenCVE.io 15 Oct '25

15 Oct '25

This email has been sent from the Critical Vulnerabilities notification of the SURF/secops project: https://app.opencve.io/org/SURF/projects/secops 1 vulnerabilities have been updated on 2025-10-15 between 16:00 and 16:59. High Vulnerability (1) - CVE-2025-53132 (7.8) - https://app.opencve.io/cve/CVE-2025-53132 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. Changes: description, metrics Subscriptions: Microsoft © 2025 OpenCVE, All rights reserved Update your notifications to unsubscribe this notification: https://app.opencve.io/org/SURF/projects/secops/notifications/Critical%20Vu…

1 0

[secops] 2 changes on Microsoft
by OpenCVE.io 14 Oct '25

14 Oct '25

This email has been sent from the Critical Vulnerabilities notification of the SURF/secops project: https://app.opencve.io/org/SURF/projects/secops 2 vulnerabilities have been updated on 2025-10-14 between 15:00 and 15:59. Unknown Severity Vulnerabilities (2) - CVE-2017-20201 (No CVSS v3.1) - https://app.opencve.io/cve/CVE-2017-20201 CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 (32-bit builds) contained a malicious pre-entry-point loader that diverts execution from __scrt_common_main_seh into a custom loader. That loader decodes an embedded... Changes: metrics Subscriptions: Microsoft - CVE-2025-32919 (No CVSS v3.1) - https://app.opencve.io/cve/CVE-2025-32919 Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from... Changes: metrics Subscriptions: Microsoft © 2025 OpenCVE, All rights reserved Update your notifications to unsubscribe this notification: https://app.opencve.io/org/SURF/projects/secops/notifications/Critical%20Vu…

1 0

[SECURITY] [DSA 6024-1] ghostscript security update
by Salvatore Bonaccorso 11 Oct '25

11 Oct '25

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6024-1 security(a)debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 11, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ghostscript CVE ID : CVE-2025-7462 CVE-2025-59798 CVE-2025-59799 Debian Bug : 1109270 1116443 1116444 Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed. For the oldstable distribution (bookworm), these problems have been fixed in version 10.0.0~dfsg-11+deb12u8. For the stable distribution (trixie), these problems have been fixed in version 10.05.1~dfsg-1+deb13u1. We recommend that you upgrade your ghostscript packages. For the detailed security status of ghostscript please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ghostscript Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce(a)lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmjqE01fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SuMg/+I4/3aiNB2AcUBig2k2bzmj1BqXETbaAb2/Re5dE4WSOKL9CzuuYaTqec sGErinTYXZUrEhbSuwfBLXoSGEIU/IcHDDOAu0GM9Aa35IzN35+1LbRVC95gj4WL MtlN28U5/uZRxA5gEZYPOX3A0U8dONc5oHL6f5AFhzjulZ539pIVVqi9CMhqLKhn n1KFnTSFW2vrjg+9s4rOexbJH1/YdWJEj4n3Ao8VSke2GEPJT8SjGFln2fejrzl7 KWEgwT9z8FAgbUGYFTC4Xcnn9uDEi35+op/9kbRFN6B9qkl3V7M+azSJn7Gp1MEv CeV6dJLRNh/ESh0ye0tQ2BEF/HJTqV54YVIk1UKHRD1Bxa++Ny2T/yZpgL4Q9QEw wbZ49x3n0Ub95IKzbVrypbIkcDiTZuZc6+nHfnOULR07AYrCQO3D+FfYhOBUamj3 +YTPaPkOu2FEusmgS6k7JviFVl0JAOoHYIQqzh8MJRokDHUutE0f3iO2JBGBn5VK Iusla+pu5Yn2GDQSL3Zobh+YpFGVzj7yO7EEzH0cgpOIPvx5w7fc4XbKY1enQCZb q2bV5WJ25t9F5QqnoRcMsd/bkPi3T5hEVcpzGRAWiPONFvH5/d+Pk4ZLHiQcH8LK GSHXDV18wyiz4oDjtR9Lqwzuf34/9HSFNH7yerWinccYwXDk4K8= =l7AC -----END PGP SIGNATURE-----

1 0

[SECURITY] [DSA 6023-1] tiff security update
by Moritz Muehlenhoff 10 Oct '25

10 Oct '25

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6023-1 security(a)debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 10, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tiff CVE ID : CVE-2025-9900 It was discovered that missing input sanitising in the libtiff library could result in denial of service or potentially the execution of arbitrary code if malformed image files are processed. For the oldstable distribution (bookworm), this problem has been fixed in version 4.5.0-6+deb12u3. For the stable distribution (trixie), this problem has been fixed in version 4.7.0-3+deb13u1. We recommend that you upgrade your tiff packages. For the detailed security status of tiff please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tiff Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce(a)lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmjpVGMACgkQEMKTtsN8 TjYsNQ/+JAb8jRMA8nNw65Yu0wTjItQNHW84HkRoZh0a2ShH+4VU//8pWhorry4O hviqderdnuMnJv7dVwO44E07LdVZww5PdOr2dvU8ica0KGD4h5GuEeCmhoRhcltK x3cyTPXdqOaXTC54qaq4GskDBNRJiKbZXksIQQn0AiFQtN7lVvHIPGGMpYYK6sBM bAAl0Hs84M3N4slkDMTcnlv2eF/KL5nWI8HsyI2p7CViI2oo5CkkL14K3cX6n+Oi 9Cdz6aoUhR/H8uou/yXAnVleyipFOMmTLAEGvYB7e16euEcyiuZhWWym2X1x7yjU lB5lNRFoOar+fPSuXxofLNe3RK18GK3HKoNcJqoZPITRLwZMv80IGRDgLuzqVI+1 ZGXkp9ZpLk7A8+cdDQSzWGhN5vWWi3MLqt7s0EhqJNI+lLDTLQCdzB2Ca4msLlIJ k/ouNAtaw28NzFX2JV6cwWEtot/Qzj/LikaQisp1+GMiXiCGE7JZgY7NmepBytw3 7IEK5MFQ6hFDGFXBC6f4omX75oBubEbd+uQvIl/+oJnlR7uCuOj/vsyxIcv88iUn 5ihr4H+sC1Fgtp3dXxwTJybuwCvoiy9X2LTKsTvIkLmrzkL325fZzr+mrw33FkQG NKmU8+9fcmpvOBUDq1HsAa3qWYTnvVpr9YL97+De6gyvNd+Ak7s= =1gMt -----END PGP SIGNATURE-----

1 0

Re: subscribe secops-security-bulletin@list.surf.nl
by SmartList 10 Oct '25

10 Oct '25

You have added to the subscriber list of: debian-security-announce(a)lists.debian.org the following mail address: secops-security-bulletin(a)list.surf.nl By default, copies of your own submissions will be returned. For more information about Debian mailing lists (such as the code of conduct), please see https://www.debian.org/MailingLists/ In particular, please note that our mailing lists are public forums -- all mails sent to them will be archived publically, you may not post copyrighted texts without a license etc. See https://www.debian.org/MailingLists/disclaimer for more information. To unsubscribe from this list, send "unsubscribe" in the message subject to: <listname>-REQUEST(a)lists.debian.org and you will be removed after your confirmation reply has been received. If the wrong address has been subscribed and you seem to be unable to fix it yourself, please forward this whole message to listmaster(a)lists.debian.org You can and should add any comments you see fit, but keep the full quote so that it is possible to diagnose the error. To post a message onto the mailing list, please send your email to <listname>@lists.debian.org. Please ensure that -request is not present in the address you are emailing or you will reach the control bot rather than the list. Please DO NOT reply to this particular e-mail. Send a new message addressed to listmaster(a)lists.debian.org instead, if you must. Transcript of the subscription request follows: -- >From jaap.dijkshoorn(a)surf.nl Fri Oct 10 09:03:29 2025 >Return-Path: <jaap.dijkshoorn(a)surf.nl> >X-Original-To: lists-debian-security-announce-request(a)bendel.debian.org >Delivered-To: lists-debian-security-announce-request(a)bendel.debian.org >Received: from localhost (localhost [127.0.0.1]) > by bendel.debian.org (Postfix) with ESMTP id 89E81205E2 > for <lists-debian-security-announce-request(a)bendel.debian.org>; Fri, 10 Oct 2025 09:03:29 +0000 (UTC) >X-Virus-Scanned: at lists.debian.org with policy bank request >X-Spam-Flag: NO >X-Spam-Score: -2.1 >X-Spam-Level: >X-Spam-Status: No, score=-2.1 tagged_above=-10000 required=5.3 > tests=[BAYES_00=-2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, > DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FOURLA=0.1, SUBENDNUM=2, > SUBSCONFIRM=-2] autolearn=no autolearn_force=no >Received: from bendel.debian.org ([127.0.0.1]) > by localhost (lists.debian.org [127.0.0.1]) (amavisd-new, port 2525) > with ESMTP id D3qSYUJtNrRx > for <lists-debian-security-announce-request(a)bendel.debian.org>; > Fri, 10 Oct 2025 09:03:23 +0000 (UTC) >X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 CL_IP_EQ_HELO_IP=-2 (check from: .surf. - helo: .am0pr83cu005.outbound.protection.outlook. - helo-domain: .outlook.) FROM/MX_MATCHES_NOT_HELO(DOMAIN)=0; rate: -3.5 >Received: from AM0PR83CU005.outbound.protection.outlook.com (mail-westeuropeazlp170100001.outbound.protection.outlook.com [IPv6:2a01:111:f403:c201::1]) > (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) > key-exchange ECDHE (P-384) server-signature RSA-PSS (2048 bits) server-digest SHA256 > client-signature RSA-PSS (2048 bits) client-digest SHA256) > (Client CN "mail.protection.outlook.com", Issuer "DigiCert Cloud Services CA-1" (not verified)) > by bendel.debian.org (Postfix) with ESMTPS id C8DB6205B9 > for <debian-security-announce-request(a)lists.debian.org>; Fri, 10 Oct 2025 09:03:23 +0000 (UTC) >ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; > b=yu+oOOvxCXWvGU3QVB2IR+ywJDrN89gqh51MvgHesuweJc8DygA1ZUwd4dsXpiHBjroSdoAKNgLKueZS+O7G45CCZ/aDCzvT9acwQyBk076y+lqvE5zLJ7Sm8xHK9KJnrl33iXwYkVD4nYXK8wSBhpFKlAERdn5yFyPuHzKDIjjPsZg0UKc5n8YzVe/XhaRcdG+25wvFde9XyY1gZ9343nLXlwoBr1rNBH+xIztlYwI211CBcrB7cEcTmFHmkq3pFZauDZoI023hRhmMCyPDvMG35HEP0akzWYJQO3BFnlPwwbX8tvAmQjTI44LFbEAtwOAY4PBpeicQSqTC9ktFaw== >ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; > s=arcselector10001; > h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; > bh=6WVN54SPvjmlWeUXzr1AqxO6Qa0hgCCPCkXRXk5o0LU=; > b=NCOuLCZZVFOiaLHzUk8i4msr++Ol+u6UfnDxYNd5HR26/mgiFJCnhN2wFDWY30DGwHQ7qaLky40JpR3lARAm44tHCxVSQkAPp41T7tCdJfUQi8R55wXnzF5osiFA48UaCUiUMP1tOxA4wIc9noSe35p+4yfQPclC8C27l5NCJTk16rOcRmwUyzfyTLXTvnf9PBighRkrtfW4LrhidnzYa1CDDIj1Cev1UoFuUaDQhc/ji1cvE3LOyhtuaRvGRWv3FVsK6BUb+Pkr/TqKcgLizNCqQaUSNIDcghigEmLaEa7NuRmoBrd/APNVN4u2hRVLtP75Il0GR96A/uoWxMSIFQ== >ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass > smtp.mailfrom=surf.nl; dmarc=pass action=none header.from=surf.nl; dkim=pass > header.d=surf.nl; arc=none >DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=surf.nl; s=selector1; > h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; > bh=6WVN54SPvjmlWeUXzr1AqxO6Qa0hgCCPCkXRXk5o0LU=; > b=BTa1+uPetzs7LPNoqWwsDFwrDoiJIn04XF+npi9Bic0Rx/Zjji+t/zjuMK5uWphlYftFQys4N04mhKGqDmZk4nVov3OrYBogRvKRsZezWdPlBfl0G/3zEeSF0nAB/ryfrBNoTD3SsU31dA2DzPaqQ24Vx8wuBjSdxHuhNQ0BmQU= >Authentication-Results: dkim=none (message not signed) > header.d=none;dmarc=none action=none header.from=surf.nl; >Received: from VI1PR04MB10051.eurprd04.prod.outlook.com > (2603:10a6:800:1db::16) by PA4PR04MB7918.eurprd04.prod.outlook.com > (2603:10a6:102:c7::17) with Microsoft SMTP Server (version=TLS1_2, > cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9203.10; Fri, 10 Oct > 2025 08:47:27 +0000 >Received: from VI1PR04MB10051.eurprd04.prod.outlook.com > ([fe80::5f79:2da2:4045:f98a]) by VI1PR04MB10051.eurprd04.prod.outlook.com > ([fe80::5f79:2da2:4045:f98a%4]) with mapi id 15.20.9203.007; Fri, 10 Oct 2025 > 08:47:27 +0000 >Message-ID: <4854d5ac-cf56-4252-87b4-da991b89c718(a)surf.nl> >Date: Fri, 10 Oct 2025 10:46:34 +0200 >User-Agent: Mozilla Thunderbird >To: SmartList <debian-security-announce-request(a)lists.debian.org> >References: <mailbox-4098490-1760085602-290855(a)bendel.manda.debian.org> > <20251010084011.F1C5C205E4(a)bendel.debian.org> >Content-Language: en-US >From: Jaap Dijkshoorn <jaap.dijkshoorn(a)surf.nl> >Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms040307030401000903010205" >X-ClientProxiedBy: AS4P190CA0069.EURP190.PROD.OUTLOOK.COM > (2603:10a6:20b:656::15) To VI1PR04MB10051.eurprd04.prod.outlook.com > (2603:10a6:800:1db::16) >MIME-Version: 1.0 >X-MS-PublicTrafficType: Email >X-MS-TrafficTypeDiagnostic: VI1PR04MB10051:EE_|PA4PR04MB7918:EE_ >X-MS-Office365-Filtering-Correlation-Id: df9d0286-4e47-4541-f2d0-08de07d9a3ac >X-MS-Exchange-SenderADCheck: 1 >X-MS-Exchange-AntiSpam-Relay: 0 >X-Microsoft-Antispam: > BCL:0;ARA:13230040|4022899009|376014|1800799024|19092799006|10070799003|366016|7053199007; >X-Microsoft-Antispam-Message-Info: > =?utf-8?B?WitTQ1ZGN3Q2bXV6OWgrNXFwNWtWMmM2eGJsTlh0V21GZUg4UUJncUtRLzNn?= > =?utf-8?B?cDhLNlJFSDF3NVJTYlRyaEZCTllYY1h6UHB0NnNZTWZqa0RLbmVKTXBMaHhP?= > =?utf-8?B?QnRpTEM3ZEJwTXBBUTlIdzNSbjZCcW5zNms0TW8rS1RZeXI4QWVPQ2oyZ1Zq?= > =?utf-8?B?Vm1jNjljdEdHcFpWcUhCZDhNTjB1VjgyNVVsRGdORVJEdjJSUGZLQVR1dnBi?= > =?utf-8?B?eDJWMm4rOENMKzZyZS9lVWtNQnQvb2ZlYmNDd3V6SkFXeFNQekhaaHpoVG5N?= > =?utf-8?B?WENqQjIweHFBWXpwaU16SnJTSEFKQjQ3cThuNWlsUnoxczdmbGdiMUJ2NzVY?= > =?utf-8?B?OG1VZnV2V3VNYWwzTE41cE9yWHZKQ3MxNUR1Y050MUV1VFZvdHpEY1hoNnB3?= > =?utf-8?B?VUhIcHZSTXNvK1RvNVlQcGROT2puVlZWeGs4S3FCdFpXd0Z1bURZUjBkMGZG?= > =?utf-8?B?UHdpWDNScEFvRmgyK3VveTZPaHFwSFE2emFsS2JoR0JYNlA1NnczTC94WUtL?= > =?utf-8?B?QUI2UGZOYWtDdFBQWldwbkd6dDRtVHJxRmJWc3VzcDM4M0s1d1J4clJXNFN4?= > =?utf-8?B?VmVESXRqWWZNb04zQ0ZMNTlZZlFFNzVtRUtQVTZZU0c1OXd5S0hCbTFVemdt?= > =?utf-8?B?NUpoSWFZelhoNWx0TkdVUWlocEZXcHd6SWxwd3BDOXp6RzNrWVVYVjBvdE9H?= > =?utf-8?B?TFRiakdjME1OejdDV0FSWlVOZmhwcWhhaCtUSzdpRmJmaGdhQmhNNVZnSElY?= > =?utf-8?B?dUhLcGZvelM1RmVGZGdKWFRVS01vWVlrV0RwTFNobk5BZ3BROFM5VzczaUd6?= > =?utf-8?B?OUsxclhYTWhVRXdmQktHL0Nka2phLy83b3pwSy9qKzlMVWJ2V0hxOW85M0t0?= > =?utf-8?B?M0c0YXVvYzFWOE9tRjRoZnNVcjNnTmFxeXVtL1hBSDBHL1l3Nnp0bmhTY0Y4?= > =?utf-8?B?bDhZQ1VvZGdQOVVhcklzU1FIZjJzMWtxZUp5ckl0cElNbW95Q0szODduU2dW?= > =?utf-8?B?cDNlL09aWTE1eXpPcXM0Nk5iRDRsVEVMWCtuZExQSDdQK3hWWkdrS0tIZGJi?= > =?utf-8?B?U3c0WlFBcUlHaTJRWlk4YVpQcEZ6OTNYdENMbzVQYkNZYUIwaUc0NUwwaU5E?= > =?utf-8?B?cEJFeDk5OWo5dDFubnFRdkFtQVp0Q2w2Q3NQYzducVVSR3FYcll5SmlvT0tq?= > =?utf-8?B?VkM2TU5ReFFac041elB2ODA3bUl2eHBLc1ZTU3k5S2dzczZMMmJuYTRqZ2R2?= > =?utf-8?B?dGJaNGo0N3V6NEF0R3JjaVpSR2sweUUyTzdWNXlNQVhZR2RhR2U1K0lOcncw?= > =?utf-8?B?clFEZzM4S1BneGFWOFlySnFSdlgzV09keXZWTi9aUzM0U2dqSnBDWTZSTjhL?= > =?utf-8?B?UUxzR09NR09pVFM2cS9lUzBMekNtNTgzRUw5WVdNS3lPNjFNMlpYTlgzK1JH?= > =?utf-8?B?TlJHUDh4V0tiM2NDZ2dqZm85S2hKdE1PdUVXSWRXN1VRMXRLdE11V3BRY3BT?= > =?utf-8?B?UkR5VjdjYm9oK0RvclhJN1hLS2tRRk8yNVBOZ1BuWE1SK2lLVGtrTm5hMzIr?= > =?utf-8?B?WDFoL3lJTmtYVWluTnVCU3ByQ0tQeUdJNFYwWGZVbUpqNXFONHJmc3lLRUYy?= > =?utf-8?B?Rk1RM0hnOVIrSzd0YWRldEk1RU43cnFyVGJIVHJua2ZqanZjZ0N4TGh3ZVZy?= > =?utf-8?B?Q3F3clZNVG5uK1A3dndHNkdSMEtMU3ZrZ2FNU2FKYTFWSmdmbFpHdWRKUU9H?= > =?utf-8?B?cWllS1ZocVFoNmpVekE2Q0kvU0UxWTZjbC9ndlRxaEp0RWtsSjlBcWdoTnc3?= > =?utf-8?B?T1lOOUlMQ1E3bDcwZ0RxQmdCamlBcmZKQkxYd080WlRVRVh3aHhLK0laUjJG?= > =?utf-8?B?VnI0amtzK2JmTGM4STZyL3RqUnRpcWptMllHU214U245cWc9PQ==?= >X-Forefront-Antispam-Report: > CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VI1PR04MB10051.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(4022899009)(376014)(1800799024)(19092799006)(10070799003)(366016)(7053199007);DIR:OUT;SFP:1101; >X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 >X-MS-Exchange-AntiSpam-MessageData-0: > =?utf-8?B?ejZiNWtIMHY0S2k2cFF4NlF3ZnJ4ZXhVNllENHRxck5oMWdvNHBrbHVJS2N0?= > =?utf-8?B?UTNSVkM1T2xkQkdEeEswQ3U3QnhhYjJuemhaNXFCTStUV0FFVUxaaDNYa3dI?= > =?utf-8?B?RitYOWFSTnNULzNmejg5VnRwS0lEbGpNR0FUVWN3RDBQa2gyQ2FhaXkxa2RX?= > =?utf-8?B?UmhuQmgvRU9zR3lRZWhCZkpkaS9SNHZXY0w3WWtTOWxDV0pHcEx3MW1xVmVz?= > =?utf-8?B?ZzZZRG1uK1d3Zjl5bWNIelZaVjltV1BRVjQ5NGt1bzJacm5CRmNVSXBIVEpI?= > =?utf-8?B?UmdBQXBQdFp3amhsY0k1cVE3MG9EZ2ViMWZNZ3lzMlREWmVDSU9KUGJ5UEht?= > =?utf-8?B?MVNjd1J4MGQra3MvMEN6OHVVeWJoNThBb0RpdjVZdmpDTzNtZXBwZmwwampq?= > =?utf-8?B?VUtMV3ZGbzA2c3h6bVhFSHNTZHNhTHNtZ1AyZDFLYjVOa0VhYVhFMGIwcHZF?= > =?utf-8?B?eW85OHpCUEpTdmJZRVB2L3ZGa0poZG9YOTRmaHRQNWdvUCtWMGpYVWpwd0lV?= > =?utf-8?B?MnVZSFpOZVJjc1BxNHJrR0lSS0dVYWNwS2lvYWtLWHpxbWxyVE1EOTB0b09j?= > =?utf-8?B?bFpua0JjNERhbDJUc1hiQytWTndsY2gzQ2trMUM1a2Evamx4VVRuUHRuTW90?= > =?utf-8?B?L2JqbC9lV0N1UVFhRHBkdEtSWVlJNkV2VXBPRzdzWVNreFJGRzE4RFluUmd1?= > =?utf-8?B?aUpkUGFKNHp5YWZhNDJYMldYcGVaUnZNNXlYd2g1bSs1VmNqTndVdVJXNjNS?= > =?utf-8?B?RFAyaUdoODlLdkJWalEwQ21RYldPUi9GTmpCd1JNajJIM2c0YmF2Z0xCOFZW?= > =?utf-8?B?c2Z1TERZOE9lbHIzT3pXQU5vSFpKSStkcjdzZVppRnYrS2twb1pKNXBiSDFH?= > =?utf-8?B?a3dNeXliQTJxUHV6NlFDanV5ZjBLdGJTeHZWQnpGUU42cEpVL09UVUp1OGFY?= > =?utf-8?B?RFFGcFpDcUVRZ2Y0d3RFS1dYR290c2tleWJUOU1IL21RU3A2MFVtaU1rNTRT?= > =?utf-8?B?SGh3bFZoOVpabVZmUUlpMmVwWEM1K1J0MzY5VjN6c3NwRjhGTUVidzhKZkI2?= > =?utf-8?B?MmF1eUZ1Slk4aUhGTXcyUkNEY2NoZGl6QU5oblhWck1iN1EyVitvWVlOSzRr?= > =?utf-8?B?TGVVdm8yM2F0dUxJTDdmaTRSZTNsY0ZvN2tIa1R2YUJNUWpLNERaYmpVblBG?= > =?utf-8?B?cXZ5bTVBZ3NXNlRON040Z3d6a2t2cU1wWE9pdzc2b3hFK2JnRHh3REVrUW11?= > =?utf-8?B?ZmtmN1lrUW1mRzIxNlVkSzhpaVU0STcrNlpuTWpqZisxN2hzejBEekVOVldC?= > =?utf-8?B?bGNDZFU5OVhSSkFXd2tqN1pVdXo3ajB3aWVHbFAySVBrK001bks1bXVtRlg4?= > =?utf-8?B?NFEybTBUcU1OSGVWZDB2eERmMW54ckhxZDJMcGRJUmlhd2RjdEF2b294dmg0?= > =?utf-8?B?eEhHTEkrcGxVSk9tYTVtaWI5YkNsaXVocVJYaGdYcU1pZE5uc1FrWk9zaGZJ?= > =?utf-8?B?eDBvS0IvT2o4ZzdHWVBLaUVrcCthNU5XNXk2eUZ0VS9lVkhVRFFYZjlsUDhl?= > =?utf-8?B?czVESzRLSE1USGtRbll5ekdVN0V1dTBva0lvZ0JDS29oaDRieFlEdDJnU1E2?= > =?utf-8?B?VHhDazNLWTd4a3BUQ1hFTU5TVllBbjhCNWtQUmJEVWwzdUlHcmVBZEN4US8x?= > =?utf-8?B?U3VSWXpVOVRmYW9jZ2NWR2NBaFVTcnZlVERDZEJLSEpHV1lrN01hU3JWM0Qx?= > =?utf-8?B?VnNYS1lWQ2k2c2hCV0dVMGlkR3M3WkhNRjFWdUVBRUtTSzVxZnh0NC9XdFFH?= > =?utf-8?B?SExFQlpvMXcyNzNMNUN1RytZYjlPaXVCL2JMbXB0TndDRENvQTM3aTlLZnZB?= > =?utf-8?B?djJ3Wmk2VFhHVS9GSllwNzFNaHBYd0pydHNVM21GTEpFRU1Hc2RyNks3Vmt6?= > =?utf-8?B?NTlOSnRjM0p0clJQMEREalFJUEplZ1htZjkrTzB5WFhoZjVxL2I0ajN5UWM2?= > =?utf-8?B?RkJBMGhFRHNSV2RweVZlM3diUStadmtOWXRXVUkxTGUzZGJ6L1Bib1JoeSs0?= > =?utf-8?B?cmI1V2U1T2ZPZ3Z1NVdaT2x1Y3NsWEU2V1NLUmRJSERKSDBReDRNMVVET0Vs?= > =?utf-8?B?NE9tUGFQT09iaExGSTdNRlJaQnZHY3dSa1Bld05IUFo5QUxTTXdKRlQ1R0tz?= > =?utf-8?Q?RXDYc/yOi4/YobWUoutqF9w=3D?= >X-OriginatorOrg: surf.nl >X-MS-Exchange-CrossTenant-Network-Message-Id: df9d0286-4e47-4541-f2d0-08de07d9a3ac >X-MS-Exchange-CrossTenant-AuthSource: VI1PR04MB10051.eurprd04.prod.outlook.com >X-MS-Exchange-CrossTenant-AuthAs: Internal >X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2025 08:47:26.9892 > (UTC) >X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted >X-MS-Exchange-CrossTenant-Id: 8ad04a9f-1a10-4808-9480-b8a2f8a0da14 >X-MS-Exchange-CrossTenant-MailboxType: HOSTED >X-MS-Exchange-CrossTenant-UserPrincipalName: qz1QgScXCtScOC2na9sc8nhkWw3uImsTcEM+C1UkPoUYluFbYkb7dgsCNS8IZDQLJ4n7x8kpHc+/kSNqJ9lmCw== >X-MS-Exchange-Transport-CrossTenantHeadersStamped: PA4PR04MB7918 >X-Rc-Virus: 2007-09-13_01 >X-Rc-Spam: 2008-11-04_01 >X-Diagnostic: Tried to confirm subscription >X-Diagnostic: subscribing secops-security-bulletin(a)list.surf.nl >Subject: subscribe secops-security-bulletin(a)list.surf.nl > >--------------ms040307030401000903010205 >Content-Type: text/plain; charset=UTF-8; format=flowed >Content-Transfer-Encoding: base64 > >DQpPbiAxMC8xMC8yMDI1IDEwOjQwLCBTbWFydExpc3Qgd3JvdGU6DQo+IEl0IGhhcyBiZWVu >IHJlcXVlc3RlZCB0aGF0IHRoZSBmb2xsb3dpbmcgYWRkcmVzczoNCj4NCj4gICAgICAgICBz >ZWNvcHMtc2VjdXJpdHktYnVsbGV0aW5AbGlzdC5zdXJmLm5sDQo+DQo+IHNob3VsZCBiZSBh >ZGRlZCB0byB0aGUgZGViaWFuLXNlY3VyaXR5LWFubm91bmNlIG1haWxpbmcgbGlzdC4NCj4N >Cj4gVGhlIGFkZHJlc3MgaGFzIE5PVCB5ZXQgYmVlbiBzdWJzY3JpYmVkIHRvIHRoZSBtYWls >aW5nIGxpc3QuDQo+IFRvIHN1YnNjcmliZSB5b3UgbmVlZCB0byBjb25maXJtIHRoZSBzdWJz >Y3JpcHRpb24NCj4gcmVxdWVzdCBieSBzZW5kaW5nIGFuIGVtYWlsIHRvIHRoZSBhZGRyZXNz >Og0KPg0KPiAgICAgICAgICBkZWJpYW4tc2VjdXJpdHktYW5ub3VuY2UtcmVxdWVzdEBsaXN0 >cy5kZWJpYW4ub3JnDQo+DQo+IHdpdGggdGhlIFN1YmplY3Qgc3RyaW5nOg0KPg0KPiAgICAg >ICAgICAgQ09ORklSTSBzMjAyNTEwMTAwODQwMTE0MDk4NjU5DQo+DQo+IFdpdGggYSByZWFz >b25hYmxlIGdvb2QgZW1haWwgcHJvZ3JhbSBhIHJlcGx5IHRvIHRoaXMNCj4gbWVzc2FnZSBz >aG91bGQgYmUgc3VmZmljaWVudA0KPg0KPiBEbyBOT1QgcmVtb3ZlIG9yIGVkaXQgdGhlIENP >TkZJUk0gLi4uIHRleHQgd2l0aGluIHRoZSBTdWJqZWN0IGhlYWRlci4NCj4gSWYgaXQgaXMg >cmVtb3ZlZCBvciBjaGFuZ2VkLCB0aGUgY29uZmlybWF0aW9uIHdpbGwgZmFpbCENCj4NCj4g >VGhlIGFkZHJlc3MgbGlzdGVkIGFib3ZlIHdpbGwgYmUgKHVuKXN1YnNjcmliZWQgYXMgc29v >biBhcyB5b3VyIGNvbmZpcm1hdGlvbg0KPiBtZXNzYWdlIGlzIHJlY2VpdmVkLg0KPg0KPiBJ >ZiB0aGUgYWJvdmUgYWRkcmVzcyBpcyBpbmNvcnJlY3QsIHBsZWFzZSBkb24ndCBzZW5kIGlu >IHRoZSBjb25maXJtIG1lc3NhZ2UNCj4gbGlzdGVkIGFib3ZlLiBJbnN0ZWFkLCBzZW5kIGEg >bmV3ICh1bilzdWJzY3JpYmUgcmVxdWVzdCB3aXRoIHRoZSBTdWJqZWN0Og0KPg0KPiAgICAg >c3Vic2NyaWJlIGNvcnJlY3QtYWRkcmVzc0Bjb3JyZWN0LWRvbWFpbg0KPg0KPiAgICAgICAg >ICAgICAgICAgICAgb3INCj4NCj4gICAgIHVuc3Vic2NyaWJlIGNvcnJlY3QtYWRkcmVzc0Bj >b3JyZWN0LWRvbWFpbg0KPg0KPiBhbmQgd2FpdCBmb3IgYSBuZXcgY29uZmlybWF0aW9uIG1l >c3NhZ2UuDQo+DQo+IElmIHlvdSBhcmUgdW5hYmxlIHRvIHN1YnNjcmliZSB0byBvdXIgbGlz >dHMgdGhyb3VnaCB0aGlzIG1lY2hhbmlzbSwNCj4gcGxlYXNlIGNvbnRhY3QgdXMgYXQgbGlz >dG1hc3RlckBsaXN0cy5kZWJpYW4ub3JnDQo+DQo+IEZvciBtb3JlIGluZm9ybWF0aW9uIGFi >b3V0IERlYmlhbiBtYWlsaW5nIGxpc3RzLCBwbGVhc2Ugc2VlDQo+ICAgICAgICAgIGh0dHBz >Oi8vd3d3LmRlYmlhbi5vcmcvTWFpbGluZ0xpc3RzLw0KPg0KPiBJbiB0aGUgZXZlbnQgdGhh >dCB5b3UgZGlkIG5vdCBzZW5kIGEgcmVxdWVzdCB0byAodW4pc3Vic2NyaWJlLA0KPiBhIGNv >cHkgb2YgdGhlICh1bilzdWJzY3JpcHRpb24gcmVxdWVzdCB0aGF0IGZvbGxvd3MgYmVsb3cN >Cj4gbWF5IGhlbHAgeW91IGRpc2NvdmVyIHdobyBzZW50IHRoZSByZXF1ZXN0Lg0KDQotLSAN >Ck1ldCB2cmllbmRlbGlqa2UgZ3JvZXRlbiAvIEtpbmQgcmVnYXJkcywNCg0KSmFhcCBQLiBE >aWprc2hvb3JuDQoNCnwgSFBDViBTdXBlcmNvbXB1dGluZyB8IEV4cGVyaW1lbnRhbCBUZWNo >bm9sb2dpZXMgUGxhdGZvcm0gfCBJbnRlcm5hbCBTZXJ2aWNlcyAgfCBTVVJGDQp8IGh0dHBz >Oi8vc2VydmljZWRlc2suc3VyZi5ubC93aWtpIHwgaHR0cHM6Ly93d3cuc3VyZi5ubC9lbi9l >dHANCnwgU2NpZW5jZSBQYXJrIDE0MCB8IDEwOTggWEcgQW1zdGVyZGFtIHwgUGhvbmU6ICsz >MSA4OCA3ODcgMzAgMDAwIHwgZW1haWw6amFhcC5kaWprc2hvb3JuQHN1cmYubmwgfA0KfA0K >fCBXZSBhcmUgSVNPIDI3MDAxIGNlcnRpZmllZCBhbmQgbWVldCB0aGUgaGlnaCByZXF1aXJl >bWVudHMgZm9yIGluZm9ybWF0aW9uIHNlY3VyaXR5LiB8DQoNCg== > >--------------ms040307030401000903010205 >Content-Type: application/pkcs7-signature; name="smime.p7s" >Content-Transfer-Encoding: base64 >Content-Disposition: attachment; filename="smime.p7s" >Content-Description: S/MIME Cryptographic Signature > >MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC >C2wwggUgMIIDiKADAgECAhBXXJEV5wYca7ZZcYcsrIHtMA0GCSqGSIb3DQEBCwUAMGMxCzAJ >BgNVBAYTAkdSMTcwNQYDVQQKDC5IZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5z >dGl0dXRpb25zIENBMRswGQYDVQQDDBJHRUFOVCBTL01JTUUgUlNBIDEwHhcNMjUwMzI2MTUx >MDA0WhcNMjcwMzI2MTUxMDA0WjAoMSYwJAYJKoZIhvcNAQkBFhdqYWFwLmRpamtzaG9vcm5A >c3VyZi5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANeH4Nyd9rsJ9tPs6Cul >mlGNfdn5ytgVQW0Z4jQNKN83dg1xxGnez5UJKEQlwEt6O/hA/eB1KKhAzTE/oPmW+S2kyS9f >CPKbZBD1vW8W1hH8/1uGWmP09Io5N1bqRopsuFLxsaTJ7wsdMIGewaV9OE6Iqx7CBb38FsW0 >tbWZooWTM8oEFABY2CKTVlAFVEwjjcIcYaZ80fAZr6zxTRP9T69lB1pbGFi97RYB/JwQZRjj >16FklOwucbZbDjZRhrVo66U9zeKH5Gl40Acc2lrwYknBQQ+N5OzeQkwXNGW7XY9pCpUKuBBb >/b2uq4vLHrH/kHYTz7QaFl0rqlCYHX0qOmUCAwEAAaOCAYkwggGFMB8GA1UdIwQYMBaAFOuy >Lzv9rgLMKkQGXSXNHRIiaLBHMEoGCCsGAQUFBwEBBD4wPDA6BggrBgEFBQcwAoYuaHR0cDov >L2NydC5oYXJpY2EuZ3IvSEFSSUNBLUdFQU5ULVNNSU1FLVIxLmNlcjAiBgNVHREEGzAZgRdq >YWFwLmRpamtzaG9vcm5Ac3VyZi5ubDBjBgNVHSAEXDBaMAkGB2eBDAEFAQIwCAYGBACPegED >MEMGDSsGAQQBgc8RAQECAQIwMjAwBggrBgEFBQcCARYkaHR0cHM6Ly9yZXBvLmhhcmljYS5n >ci9kb2N1bWVudHMvQ1BTMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA/BgNVHR8E >ODA2MDSgMqAwhi5odHRwOi8vY3JsLmhhcmljYS5nci9IQVJJQ0EtR0VBTlQtU01JTUUtUjEu >Y3JsMB0GA1UdDgQWBBRmABYEzgRbx9R9sm7cuOCRqswV4DAOBgNVHQ8BAf8EBAMCBaAwDQYJ >KoZIhvcNAQELBQADggGBAHCroDxEVRoFvs3cFa57h38HgMrgfzad0Y39y793ThktqQLNMgNm >W/uhQnaR+37qHDk1vOdSmaHnT9VTrAH7HlhwseRZSGjpUpXxJDMJGoTaRm/eEQdNsd7FG+gT >Cu56UC6nPKKEA5JCW4QnhmcUhV5Rs8zppExTjKspVhTwsDCYuA7NABzcWiaI59RN2rM0P3FO >OQybDjy6o4PYQvEh5TtyIWJyAZlTyhOTr2oexchN+gZuVRgrqjhg1chZEtMO2chZrBUg45HK >QIrM+N2osGBPx/Or75m0OfherT1CN4dWEcvPUR4YsZrPuuuMT+uTCDOL/X1PyINxFJCS5W0q >vZHnss2/wOtEQ5ZTLUA09uGMRAeBwkmPtucJE3RERWInhdXet9zrNpIoX39dPqAzUc2dXHhg >/HJbqge47UXB9kroy3i1i3ydlvsfg0YoYv5cSbKQWAMHKrLZsZAz4xh/wMgn13yU1XmIIQP0 >FUNWryffofFrKw3f30ZoLANXmz45WDCCBkQwggQsoAMCAQICEBX5rmyqjS7U0294fx7cewEw >DQYJKoZIhvcNAQELBQAwbzELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRl >bWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExJzAlBgNVBAMMHkhBUklDQSBDbGll >bnQgUlNBIFJvb3QgQ0EgMjAyMTAeFw0yNTAxMDMxMTEzMDhaFw0zOTEyMzExMTEzMDdaMGMx >CzAJBgNVBAYTAkdSMTcwNQYDVQQKDC5IZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2gg >SW5zdGl0dXRpb25zIENBMRswGQYDVQQDDBJHRUFOVCBTL01JTUUgUlNBIDEwggGiMA0GCSqG >SIb3DQEBAQUAA4IBjwAwggGKAoIBgQCruG6v/m8iox6NuV899mAZjvlq5JnPlJn3HV0giO8m >sMFPSUjBBwACgAEmiaS6/SQMrfrZQf65/0ms50sGOIqQSH30dA+ZP53X4iOed3VoCOIv7ZDh >pTXo/+ychNgkvZE5TjrOqYOR2g6cKowIQpI3viAcoOYClh+pc7zCaOY0DrbBgdqunuXGCsGv >SyTgHEfIqrnbPSxbLGx0jLlXUrk46QI3Bi6ln1vvgtGF6Vg/lKJ40OpTRLoilA5qxXPkhLS8 >OepWLaeLrsZuC1vx0ErMfqBsDAamkeh4QUNy8nTjY7G3G3oEaiWRSaC7J8CB6KxGoOOFCL41 >82CQMfzU4sFXR5XTu3BL1rHA28kC0fZKAaJYqth64GBULOzUMVPuzCzUofIus51lTSElBIN+ >jP/yPAWZeFag+9BC5YSije68fouwcCjndoMXVoBSYZD8kLvaPvNkfXqV4kW5aP63ZMr/tgRU >e1aW4D1M53HYvP9IeHT/6kBWJwPg39BRY+4GHM8CAwEAAaOCAWYwggFiMBIGA1UdEwEB/wQI >MAYBAf8CAQAwHwYDVR0jBBgwFoAUoNYHPV4k93ugRC4kUg0ZqisEkacwUAYIKwYBBQUHAQEE >RDBCMEAGCCsGAQUFBzAChjRodHRwOi8vY3J0LmhhcmljYS5nci9IQVJJQ0EtQ2xpZW50LVJv >b3QtMjAyMS1SU0EuY2VyMEQGA1UdIAQ9MDswOQYEVR0gADAxMC8GCCsGAQUFBwIBFiNodHRw >Oi8vcmVwby5oYXJpY2EuZ3IvZG9jdW1lbnRzL0NQUzAdBgNVHSUEFjAUBggrBgEFBQcDAgYI >KwYBBQUHAwQwRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNB >LUNsaWVudC1Sb290LTIwMjEtUlNBLmNybDAdBgNVHQ4EFgQU67IvO/2uAswqRAZdJc0dEiJo >sEcwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQA73rhF9tw8K5MoCrbBew5n >ExpovEhNtI5iS3tEzE/DcLNTaqaRNAAsptWoLWNSI1BZuTFmmxvyHL0U4fLAfXEWYA0DKmSz >Qi6H6i+Go/3SgVx+G8B9jFXYzRwaBr2ZMoUc/5ARPsdb2ll3JYVkDDl+Z1b0TH4hCYmKLTD+ >yjPPCGlWfQ5BiSRFX7bJ1FrrwllLY2oA+l1paix4zZfi7n4mf4fZQ72lqhtf6G33UrYKHzHN >9ES/hEuoGCkcGaQgNXKBc11ewp8MfLaE5fG0XqgjV3sSs8ZagHEVzzppSpCULqkSNve6DbjD >56DWQmPsi58cneJGbrtF3DkzU6VYzPG74PAAqoUmGp6zQ4v804k5O4MJvRsh9V+OXxTRjRBY >KSGgKY09lBC7pAzpj9fGcAuBEHh2sDySKn3zBJlCZuqm0TyhpzZnMsoIeImVN0G5ESy6d2ek >Fd1qExKsn+Zi/akxkuliRuuS/KGisNV4f23RrlSA8gWoaXz9nNqQndFB+vse90a6vRhZToo1 >a9jkEryocxEzRvde0r3FEQgYTJyEBVF6h0MiGOtHh9aaOlrTTqv9SuZKThukqtUVXNNixIre >PLiuLUTFVCnpEjo67hl1t/A5gK4j3DB4yOlUG6o3NEqtVT8++nnuBTObi74klGR2Kgw6jFmv >CxSJivYoiiPBNzGCBH4wggR6AgEBMHcwYzELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxl >bmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExGzAZBgNVBAMMEkdF >QU5UIFMvTUlNRSBSU0EgMQIQV1yRFecGHGu2WXGHLKyB7TANBglghkgBZQMEAgEFAKCCAtgw >GAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjUxMDEwMDg0NjM0 >WjAvBgkqhkiG9w0BCQQxIgQgVYM5eZDFVUVFHfV1Af93Q5WQjh3pZfIb2qsjMxj0dbswgYYG >CSsGAQQBgjcQBDF5MHcwYzELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRl >bWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExGzAZBgNVBAMMEkdFQU5UIFMvTUlN >RSBSU0EgMQIQV1yRFecGHGu2WXGHLKyB7TCBiAYLKoZIhvcNAQkQAgsxeaB3MGMxCzAJBgNV >BAYTAkdSMTcwNQYDVQQKDC5IZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0 >dXRpb25zIENBMRswGQYDVQQDDBJHRUFOVCBTL01JTUUgUlNBIDECEFdckRXnBhxrtllxhyys >ge0wggFXBgkqhkiG9w0BCQ8xggFIMIIBRDALBglghkgBZQMEASowCwYJYIZIAWUDBAECMAoG >CCqGSIb3DQMHMA0GCCqGSIb3DQMCAgEFMA0GCCqGSIb3DQMCAgEFMAcGBSsOAwIHMA0GCCqG >SIb3DQMCAgEFMAcGBSsOAwIaMAsGCWCGSAFlAwQCATALBglghkgBZQMEAgIwCwYJYIZIAWUD >BAIDMAsGCWCGSAFlAwQCBDALBglghkgBZQMEAgcwCwYJYIZIAWUDBAIIMAsGCWCGSAFlAwQC >CTALBglghkgBZQMEAgowCwYJKoZIhvcNAQEBMAsGCSuBBRCGSD8AAjAIBgYrgQQBCwAwCAYG >K4EEAQsBMAgGBiuBBAELAjAIBgYrgQQBCwMwCwYJK4EFEIZIPwADMAgGBiuBBAEOADAIBgYr >gQQBDgEwCAYGK4EEAQ4CMAgGBiuBBAEOAzANBgkqhkiG9w0BAQEFAASCAQBxvggbTnm1SRuP >rawqSYQ8W13pV8rBX/RQaogEgp+30S1r54ZGXy/tfOkRwlkMIRRNFejsHpO4CQyImr5s1ogK >IYR5by1UKlg5fxKDnO5gEjN6JX7BdMMqxe1aDSuJs7TO5mCYg899FAxeEhikl4kChapYxexo >vvLJ3aeKS5h1gJAU/1PLF+HT2yw2pWl6Ype3dsaZm6O35mRuk+lRy9oNG7h1On8iLYGATdXR >S5cE6ylC0Hs2LT92uUdlF+2mu9TzOEG19AwCNbQc1Kr2O3rmlsd9ZVTPGv3zIeQwV8qwQJlx >M5JhRqMpU4PGZMmiNxggWoa+6JtRtwO+2oRe11AoAAAAAAAA > >--------------ms040307030401000903010205-- >

1 0

CONFIRM s202510100840114098659
by SmartList 10 Oct '25

10 Oct '25

It has been requested that the following address: secops-security-bulletin(a)list.surf.nl should be added to the debian-security-announce mailing list. The address has NOT yet been subscribed to the mailing list. To subscribe you need to confirm the subscription request by sending an email to the address: debian-security-announce-request(a)lists.debian.org with the Subject string: CONFIRM s202510100840114098659 With a reasonable good email program a reply to this message should be sufficient Do NOT remove or edit the CONFIRM ... text within the Subject header. If it is removed or changed, the confirmation will fail! The address listed above will be (un)subscribed as soon as your confirmation message is received. If the above address is incorrect, please don't send in the confirm message listed above. Instead, send a new (un)subscribe request with the Subject: subscribe correct-address@correct-domain or unsubscribe correct-address@correct-domain and wait for a new confirmation message. If you are unable to subscribe to our lists through this mechanism, please contact us at listmaster(a)lists.debian.org For more information about Debian mailing lists, please see https://www.debian.org/MailingLists/ In the event that you did not send a request to (un)subscribe, a copy of the (un)subscription request that follows below may help you discover who sent the request. -- >From secops-security-bulletin(a)list.surf.nl Fri Oct 10 08:40:09 2025 >Return-Path: <secops-security-bulletin(a)list.surf.nl> >X-Original-To: lists-debian-security-announce-request(a)bendel.debian.org >Delivered-To: lists-debian-security-announce-request(a)bendel.debian.org >Received: from localhost (localhost [127.0.0.1]) > by bendel.debian.org (Postfix) with ESMTP id 3D7C7205F4 > for <lists-debian-security-announce-request(a)bendel.debian.org>; Fri, 10 Oct 2025 08:40:09 +0000 (UTC) >X-Virus-Scanned: at lists.debian.org with policy bank request >X-Spam-Flag: NO >X-Spam-Score: -2.999 >X-Spam-Level: >X-Spam-Status: No, score=-2.999 tagged_above=-10000 required=5.3 > tests=[ALL_TRUSTED=-1, BAYES_00=-2, TVD_SPACE_RATIO=0.001] > autolearn=no autolearn_force=no >Received: from bendel.debian.org ([127.0.0.1]) > by localhost (lists.debian.org [127.0.0.1]) (amavisd-new, port 2525) > with ESMTP id v5RzN7Zlbalp > for <lists-debian-security-announce-request(a)bendel.debian.org>; > Fri, 10 Oct 2025 08:40:04 +0000 (UTC) >Received: from bendel.manda.debian.org (localhost [IPv6:::1]) > by bendel.debian.org (Postfix) with ESMTP id 4F0E8205E4 > for <debian-security-announce-REQUEST(a)lists.debian.org>; Fri, 10 Oct 2025 08:40:04 +0000 (UTC) >To: debian-security-announce-REQUEST(a)lists.debian.org >From: secops-security-bulletin(a)list.surf.nl >Subject: subscribe debian-security-announce >Content-Type: text/plain; charset="utf-8" >Content-Transfer-Encoding: 8bit >Message-Id: <mailbox-4098490-1760085602-290855(a)bendel.manda.debian.org> >Date: Fri, 10 Oct 2025 08:40:02 +0000 >MIME-Version: 1.0 >X-Rc-Virus: 2007-09-13_01 >X-Rc-Spam: 2008-11-04_01 > >subscribe debian-security-announce >

2 1

2025

Secops-security-bulletin ----- 2025 ----- October 2025 September 2025 August 2025 July 2025 June 2025 May 2025 April 2025 March 2025 February 2025 January 2025

Secops-security-bulletin