1291 matches found
[SECURITY] [DLA 2683-1] rxvt security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2683-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta June 09, 2021 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...
[SECURITY] [DLA 2682-1] mrxvt security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2682-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta June 09, 2021 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...
SUSE: Security Advisory (SUSE-SU-2019:3393-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2680-1 : nginx security update
Jamie Landeg-Jones and Manfred Paul discovered a buffer overflow vulnerability in NGINX, a small, powerful, scalable web/proxy server. NGINX has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a fal...
Debian DLA-2679-1 : thunderbird security update
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. In addition two security issues were addressed in the OpenPGP support. For Debian 9 stretch, these problems have been fixed in version 1:78.11.0-1deb9u1. We recommend that you upgrade...
Debian DLA-2677-1 : libwebp security update
Multiple security issues have been discovered in libwebp CVE-2018-25009 An out-of-bounds read was found in function WebPMuxCreateInternal. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2018-25010 An out-of-bounds read was found in...
Debian DLA-2676-1 : python-django security update
Two issues were discovered in Django, the Python-based web development framework : - CVE-2021-33203: Potential directory traversal via admindocs Staff members could use the admindocs TemplateDetailView view to check the existence of arbitrary files. Additionally, if and only if the default...
[SECURITY] [DLA 2678-1] ruby-nokogiri security update
Debian LTS Advisory DLA-2678-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 06, 2021 https://wiki.debian.org/LTS Package : ruby-nokogiri Version : 1.6.8.1-1+deb9u1 CVE ID : CVE-2020-26247 Debian Bug : 978967 An XXE vulnerability was found in Nokogiri, a...
[SECURITY] [DLA 2677-1] libwebp security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2677-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky June 05, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2676-1] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2676-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb June 05, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2674-1 : isc-dhcp security update
Jon Franklin and Pawel Wieczorkiewicz found an issue in the ISC DHCP client and server when parsing lease information, which could lead to denial of service via application crash. For Debian 9 stretch, this problem has been fixed in version 4.3.5-3+deb9u2. We recommend that you upgrade your...
[SECURITY] [DLA 2674-1] isc-dhcp security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2674-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 03, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2673-1] firefox-esr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2673-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 03, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2672-1 : libwebp security update
Multiple security issues have been discovered in libwebp CVE-2018-25009 An out-of-bounds read was found in function WebPMuxCreateInternal. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2018-25010 An out-of-bounds read was found in...
Debian DLA-2670-1 : nginx security update
Luis Merino, Markus Vervier and Eric Sesterhenn discovered an off-by-one in Nginx, a high-performance web and reverse proxy server, which could result in denial of service and potentially the execution of arbitrary code. For Debian 9 stretch, this problem has been fixed in version 1.10.3-1+deb9u6...
Debian DLA-2671-1 : rxvt-unicode security update
rxvt-unicode allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline. For Debian 9 stretch, this problem has been fixed in version 9.22-1+deb9u1. We recommend that you upgrade your rxvt-unicode packages. For t...
Debian: Security Advisory (DLA-2667-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2666-1] libx11 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2666-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 24, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2665-1 : ring security update
An issue has been found in ring, a secure and distributed voice, video and chat platform. Actually the embedded copy of pjproject is affected by this CVE. Due to bad handling of two consecutive crafted answers to an INVITE, the attacker is able to crash the server resulting in a denial of service...
Debian DLA-2664-1 : curl security update
Viktor Szakats reported that libcurl, an URL transfer library, does not strip off user credentials from the URL when automatically populating the Referer HTTP request header field in outgoing HTTP requests. Sensitive authentication data may leak to the server that is the target of the second HTTP...