Debian: Security Advisory (DLA-388-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-157-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-17)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-391-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 403-1] radicale security update

Package : radicale Version : 0.3-2+deb6u1 CVE ID : CVE-2015-8747 CVE-2015-8748 Debian Bug : 809920 Several issues have been discovered by Unrud in Radicale, a calendar and addressbook server. A remote attacker could exploit these vulnerabilities and call arbitrary functions by sending crafted HTT...

DLA-357-1 libphp-snoopy - security update

Bulletin has no description...

[SECURITY] [DLA 311-1] rpcbind security update

Package : rpcbind Version : 0.2.0-4.1+deb6u1 CVE ID : CVE-2015-7236 A use-after-free vulnerability in rpcbind causing remotely triggerable crash was found. Rpcbind crashes in svcdodestroy when trying to free a corrupted xprt-xpnetid pointer, which contains a sockaddrin...

[SECURITY] [DLA 290-1] xmltooling security update

Package : xmltooling Version : 1.3.3-2+deb6u1 CVE ID : CVE-2015-0851 Debian Bug : 793855 Shibboleth SP software crashes on well-formed but invalid XML Another upload for opensaml2 is needed to really solve this issue. This will be done shortly...

Debian DLA-238-1 : fuse security update

Tavis Ormandy discovered that FUSE, a Filesystem in USErspace, does not scrub the environment before executing mount or umount with elevated privileges. A local user can take advantage of this flaw to overwrite arbitrary files and gain elevated privileges by accessing debugging features via the...

[SECURITY] [DLA 237-1] mercurial security update

Package : mercurial Version : 1.6.4-1+deb6u1 CVE ID : CVE-2014-9390 CVE-2014-9462 CVE-2014-9462 Jesse Hertz of Matasano Security discovered that Mercurial, a distributed version control system, is prone to a command injection vulnerability via a crafted repository name in a clone command...

DLA-215-1 libjson-ruby - security update

Bulletin has no description...

[SECURITY] [DLA 187-1] tor security update

Package : tor Version : 0.2.4.27-1deb6u1 CVE ID : CVE-2015-2928 CVE-2015-2929 Several hidden service related denial-of-service issues have been discovered in Tor, a connection-based low-latency anonymous communication system. o "disgleirio" discovered that a malicious client could trigger an...

[SECURITY] [DLA 178-1] tor security update

Package : tor Version : 0.2.4.26-1deb6u1 Several issues have been discovered and fixed in Tor, a connection-based low-latency anonymous communication system. o Jowr discovered that very high DNS query load on a relay could trigger an assertion error. o A relay could crash with an assertion error ...

DLA-157-1 openjdk-6 - security update

Bulletin has no description...

DLA-128-1 sox - security update

Bulletin has no description...

[SECURITY] [DLA 124-1] unzip security update

Package : unzip Version : 6.0-4+deb6u1 CVE ID : CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 Debian Bug : 773722 Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the...

DLA-102-1 tcpdump - security update

Bulletin has no description...

DLA-96-1 openjdk-6 - security update

Bulletin has no description...

[DLA 26-1] python-scipy security update

Package : python-scipy Version : 0.7.2+dfsg1-1+deb6u1 CVE ID : CVE-2013-4251 Debian Bug : 726093 It was discovered that python-scipy did not correctly handle temporary directories, which may allow arbitrary code execution...

DLA-0011-1 libemail-address-perl - security update

Bulletin has no description...