ELA-951-1 beep security update

denial of service

2023-09-20
Packagebeep
Version1.3-4+deb9u2 (stretch)
Related CVEs CVE-2018-1000532


It was found that beep, an advanced PC-speaker beeper, contains an External Control of File Name or Path vulnerability in the --device option that can allow a local unprivileged user to inhibit execution of arbitrary programs by other users, allowing DoS.



For Debian 9 stretch, these problems have been fixed in version 1.3-4+deb9u2.

We recommend that you upgrade your beep packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.