Debian: Security Advisory (DLA-725)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-1371)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-791-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-886)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1376-1 : firefox-esr security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code or denial of service. For Debian 7 'Wheezy', these problems have been fixed in version 52.8.0esr-1deb7u1. We...

[SECURITY] [DLA 1371-1] tzdata new upstream release

Package : tzdata Version : 2018e-0+deb7u1 This update includes the changes in tzdata 2018e. Notable changes are: - North Korea switches back to +09 on 2018-05-05. For Debian 7 "Wheezy", these problems have been fixed in version 2018e-0+deb7u1. We recommend that you upgrade your tzdata packages...

Debian DLA-1348-1 : patch security update

It was discovered that there was an input validation vulnerability in the patch1 utility where an ed1 script embedded in a regular input file could result in arbitrary code execution. This was reported by Rachel Kroll 0 et al. For Debian 7 'Wheezy', this issue has been fixed in patch version...

[SECURITY] [DLA 1321-1] firefox-esr security update

Package : firefox-esr Version : 52.7.3esr-1deb7u1 CVE ID : CVE-2018-5148 Jesse Schwartzentruber discovered a use-after-free vulnerability in Firefox, which could be exploited to trigger an application crash or arbitrary code execution. For Debian 7 "Wheezy", these problems have been fixed in...

Debian DLA-1284-1 : leptonlib security update

Talosintelligence discovered a command injection vulnerability in the gplotMakeOutput function of leptonlib. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that...

Debian: Security Advisory (DLA-1142-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-1134-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1263-1] debian-security-support update

Package : debian-security-support Version : 2018.01.29deb7u1 This update marks several packages as no longer supported by wheezy-lts: teamspeak-server, teamspeak-client, libstruts1.2-java, nvidia-graphics-drivers, glassfish, jbossas4, libnet-ping-external-perl, mp3gain, tor, jasperreports. For th...

Debian: Security Advisory (DLA-921-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1223-1 : thunderbird security update

Multiple security issues have been found in the Mozilla Thunderbird mail client including information leaks, unintended JavaScript execution and sender address spoofing. For Debian 7 'Wheezy', these problems have been fixed in version 1:52.5.2-1deb7u1. We recommend that you upgrade your thunderbi...

[SECURITY] [DLA 1210-1] kildclient security update

Package : kildclient Version : 2.11.1-1+deb7u1 CVE ID : CVE-2017-17511 It was discovered that there was a command-injection vulnerability in kildclient, a "MUD" multiplayer real-time virtual world game. For Debian 7 "Wheezy", this issue has been fixed in kildclient version 2.11.1-1+deb7u1. Thanks...

Debian DLA-1153-1 : icedove/thunderbird security update

Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other implementation errors may lead to crashes or the execution of arbitrary code. With this update the source package name changes from icedove to thunderbird so...

[SECURITY] [DLA 1153-1] icedove/thunderbird security update

Package : thunderbird Version : 1:52.4.0-1deb7u1 CVE ID : CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825 Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors,...

Debian DLA-1051-1 : postgresql-9.1 security update

Several vulnerabilities have been found in the PostgreSQL database system : CVE-2017-7486 Andrew Wheelwright discovered that user mappings were insufficiently restricted. CVE-2017-7546 In some authentication methods empty passwords were accepted. CVE-2017-7547 User mappings could leak data to...

Debian DLA-1040-1 : resiprocate security update

CVE-2017-11521 The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service memory consumption by triggering many media connections. For Debian 7 'Wheezy', these problems have been fixed in version...

[SECURITY] [DLA 1020-1] jetty security update

Package : jetty Version : 6.1.26-1+deb7u1 CVE ID : CVE-2017-9735 Debian Bug : 864898 It was discovered that Jetty, a Java servlet engine and webserver, was vulnerable to a timing attack which might reveal cryptographic credentials such as passwords to a local user. For Debian 7 "Wheezy", these...