116 matches found
SUSE CVE-2017-18265
Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...
[SECURITY] [DLA 3061-1] firejail security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3061-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler June 29, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 3057-1] request-tracker4 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3057-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb June 23, 2022 https://wiki.debian.org/LTS -...
Debian DLA-3056-1 : exo - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3056 advisory. - XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server. CVE-2022-32278 Note that Nessus ha...
[SECURITY] [DLA 3026-1] filezilla security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3026-1 [email protected] https://www.debian.org/lts/security/ Andreas Rönnquist May 26, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 3024-1] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3024-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 26, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...
[SECURITY] [DLA 2990-1] jackson-databind security update
Debian LTS Advisory DLA-2990-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany May 02, 2022 https://wiki.debian.org/LTS Package : jackson-databind Version : 2.8.6-1+deb9u10 CVE ID : CVE-2020-36518 Debian Bug : 1007109 It was discovered that the implementation of...
[SECURITY] [DLA 2982-1] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2982-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb April 14, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2955-2] bind9 regression update
Debian LTS Advisory DLA-2955-2 [email protected] https://www.debian.org/lts/security/ Markus Koschany March 19, 2022 https://wiki.debian.org/LTS Package : bind9 Version : 1:9.10.3.dfsg.P4-12.3+deb9u12 CVE ID : CVE-2021-25220 Debian Bug : 1007945 The security update announced as DLA 2955...
Debian DLA-2934-1 : freecad - LTS security update
The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2934 advisory. - Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. CVE-2021-45844 Note that...
[SECURITY] [DLA 2923-1] h2database security update
Debian LTS Advisory DLA-2923-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 15, 2022 https://wiki.debian.org/LTS Package : h2database Version : 1.4.193-1+deb9u1 CVE ID : CVE-2021-42392 CVE-2022-23221 Debian Bug : 1003894 Security researchers of JFrog...
[SECURITY] [DLA 2908-1] librecad security update
Debian LTS Advisory DLA-2908-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 03, 2022 https://wiki.debian.org/LTS Package : librecad Version : 2.1.2-1+deb9u3 CVE ID : CVE-2021-45341 CVE-2021-45342 CVE-2021-45343 Debian Bug : 1004518 Several security...
[SECURITY] [DLA 2850-1] libpcap security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2850-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 26, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2793-1 : mosquitto - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2793 advisory. One security issue has been discovered in mosquitto: MQTT message broker. A null dereference vulnerability was found which could lead to crashes for applications using the...
[SECURITY] [DLA 2674-1] isc-dhcp security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2674-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 03, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2646-1 : subversion security update
One security issue has been discovered in subversion : CVE-2020-17525 : Subversion's modauthzsvn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to...
[SECURITY] [DLA 2598-1] squid3 security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2598-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 19, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2566-1] libbsd security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2566-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz February 18, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2548-1] privoxy security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2548-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 07, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2526-1 : ruby-redcarpet security update
In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions, no HTML escaping was being performed when processing quotes. This applies even when the :escapehtml option was being used. For Debian 9 stretch, this proble...