Debian DSA-3308-1 : mysql-5.5 - security update

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.44. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details : -...

Fedora Update for dpkg FEDORA-2015-6974

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-267-1 unattended-upgrades - security update

Bulletin has no description...

Code injection

unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...

Debian DSA-3297-1 : unattended-upgrades - security update

It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg options were enabled via the DPkg::Options:: apt configuration. %NASLMINLEVEL 70300 C Tenable Networ...

CVE-2015-1330

unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...

Debian Security Advisory DSA 3297-1 (unattended-upgrades - security update)

It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg options were enabled via the DPkg::Options:: apt configuration. OpenVAS Vulnerability Test $Id:...

Debian: Security Advisory (DSA-3297-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : dpkg / update-alternatives (openSUSE-2015-421)

dpkg and update-alternatives were updated to 1.16.16 to fix one security issue and severan non-security bugs. The following vulnerabilities were fixed : - CVE-2015-0840: Specially crafted deb packages could have been used to bypass source package integrity verification in local installs boo926749...

Fedora Update for dpkg FEDORA-2015-7342

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for dpkg FEDORA-2015-7296

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-220-1 : dpkg security update

Jann Horn discovered that the source package integrity verification in dpkg-source can be bypassed via a specially crafted Debian source control file .dsc. Note that this flaw only affects extraction of local Debian source packages via dpkg-source but not the installation of packages from the...

[SECURITY] [DLA 220-1] dpkg security update

Package : dpkg Version : 1.15.12 CVE ID : CVE-2015-0840 Debian Bug : 617923 695919 Jann Horn discovered that the source package integrity verification in dpkg-source can be bypassed via a specially crafted Debian source control file .dsc. Note that this flaw only affects extraction of local Debia...

DLA-220-1 dpkg - security update

Bulletin has no description...

Fedora 21 : dpkg-1.16.16-5.fc21 (2015-7296)

Fix build for all versions, previous try wasn't correct and back with dpkg-perl-libexecdir.patch Security fix for CVE-2014-8625 and Security fix for CVE-2015-0840 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...

Fedora 20 : dpkg-1.16.16-5.fc20 (2015-7342)

Fix build for all versions, previous try wasn't correct and back with dpkg-perl-libexecdir.patch . Security fix for CVE-2014-8625 and Security fix for CVE-2015-0840 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

[SECURITY] Fedora 20 Update: dpkg-1.16.16-5.fc20

This package contains the tools including dpkg-source required to unpack, build and upload Debian source packages. This package also contains the programs dpkg which used to handle the installation and removal of packages on a Debian system. This package also contains dselect, an interface for...

[SECURITY] Fedora 21 Update: dpkg-1.16.16-5.fc21

This package contains the tools including dpkg-source required to unpack, build and upload Debian source packages. This package also contains the programs dpkg which used to handle the installation and removal of packages on a Debian system. This package also contains dselect, an interface for...

Debian DSA-3257-1 : mercurial - security update

Jesse Hertz of Matasano Security discovered that Mercurial, a distributed version control system, is prone to a command injection vulnerability via a crafted repository name in a clone command. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Fedora 22 : dpkg-1.16.16-5.fc22 (2015-6974)

Fix build for all versions, previous try wasn't correct and back with dpkg-perl-libexecdir.patch Revert location of dpkg/parsechangelog . Security fix for CVE-2014-8625 and Security fix for CVE-2015-0840 Security fix for CVE-2014-8625 and Security fix for CVE-2015-0840 Note that Tenable Network...