Debian: Security Advisory (DLA-217-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 408-1] gosa security update

Package : gosa Version : 2.6.11-3+squeeze5 CVE ID : CVE-2015-8771 GOsa is a combination of system-administrator and end-user web interface, designed to handle LDAP based setups. GOsa upstream reported a code injection vulnerability in the Samba plugin code of GOsa. During Samba password changes i...

DLA-408-1 gosa - security update

Bulletin has no description...

[SECURITY] [DLA 385-2] isc-dhcp regression update

Package : isc-dhcp Version : 4.1.1-P1-15+squeeze10 CVE ID : CVE-2015-8605 Debian Bug : 810875 With the previous upload of the isc-dhcp package to Debian Squeeze LTS two issues got introduced into LTS that are resolved by this upload. 1 CVE-2015-8605 had only been resolved for the LDAP variant of...

Debian DLA-389-1 : giflib security update

It was discovered that a maliciously crafted GIF can crash the giffix utility which is part of giflib-tools. We recommend that you upgrade your giflib-tools package to version 4.1.6-9+deb6u1 Debian squeeze LTS. NOTE: Tenable Network Security has extracted the preceding description block directly...

[SECURITY] [DLA 389-1] giflib security update

Package : giflib Version : 4.1.6-9+deb6u1 CVE ID : CVE-2015-7555 Debian Bug : 808704 It was discovered that a maliciously crafted GIF can crash the giffix utility which is part of giflib-tools. We recommend that you upgrade your giflib-tools package to version 4.1.6-9+deb6u1 Debian squeeze LTS...

Debian DLA-385-2 : isc-dhcp regression update

With the previous upload of the isc-dhcp package to Debian Squeeze LTS two issues got introduced into LTS that are resolved by this upload. 1 CVE-2015-8605 had only been resolved for the LDAP variant of the DHCP server package built from the isc-dhcp source package. With upload of version...

DLA-385-1 isc-dhcp - security update

Bulletin has no description...

Debian DLA-289-1 : remind security update

Alexander Keller discovered a buffer overflow issue in remind, a tool for sophisticatedly reminding you of upcoming events. If running Debian squeeze LTS, we recommend upgrading remind to the latest version provided. NOTE: Tenable Network Security has extracted the preceding description block...

[SECURITY] [DLA 289-1] remind security update

Package : remind Version : 03.01.05-2+deb6u1 CVE ID : CVE-2015-5957 Alexander Keller discovered a buffer overflow issue in remind, a tool for sophisticatedly reminding you of upcoming events. If running Debian squeeze LTS, we recommend upgrading remind to the latest version provided. mike gabriel...

[SECURITY] [DLA 288-1] openssh security update

Package : openssh Version : 1:5.5p1-6+squeeze6 CVE ID : CVE-2015-5352 CVE-2015-5600 Debian Bug : 790798 793616 A recent upload of OpenSSH to Debian squeeze-lts fixes two security issues. CVE-2015-5352 It was reported that when forwarding X11 connections with ForwardX11Trusted=no, connections made...

DLA-289-1 remind - security update

Bulletin has no description...

Debian DLA-268-1 : virtualbox-ose security update (Venom)

Three vulnerabilities have been fixed in the Debian squeeze-lts version of VirtualBox package name: virtualbox-ose, a x86 virtualisation solution. CVE-2015-0377 Avoid VirtualBox allowing local users to affect availability via unknown vectors related to Core, which might result in denial of servic...

[SECURITY] [DLA 268-1] virtualbox-ose security update

Package : virtualbox-ose Version : 3.2.10-dfsg-1+squeeze4 CVE ID : CVE-2015-0377 CVE-2015-0418 CVE-2015-3456 Debian Bug : 775888 785424 Three vulnerabilities have been fixed in the Debian squeeze-lts version of VirtualBox package name: virtualbox-ose, a x86 virtualisation solution. CVE-2015-0377...

Debian DLA-265-2 : pykerberos regression update

It was discovered that the original fix did not disable KDC verification support by default and changed checkPassowrd's signature. This update corrects this. This was the text of the original advisiory : Martin Prpic has reported the possibility of a man-in-the-middle attack in the pykerberos cod...

Debian DLA-266-1 : libxml2 security update

This upload to Debian squeeze-lts fixes three issues found in the libxml2 package. 1 CVE-2015-1819 / 782782 Florian Weimer from Red Hat reported an issue against libxml2, where a parser which uses libxml2 chokes on a crafted XML document, allocating gigabytes of data. This is a fine line issue...

DLA-268-1 virtualbox-ose - security update

Bulletin has no description...

[SECURITY] [DLA 266-1] libxml2 security update

Package : libxml2 Version : 2.7.8.dfsg-2+squeeze12 CVE ID : CVE-2015-1819 Debian Bug : 782782 782985 783010 This upload to Debian squeeze-lts fixes three issues found in the libxml2 package. 1 CVE-2015-1819 / 782782 Florian Weimer from Red Hat reported an issue against libxml2, where a parser whi...

DLA-266-1 libxml2 - security update

Bulletin has no description...

DLA-265-1 pykerberos - security update

Bulletin has no description...