1291 matches found
[SECURITY] [DLA 2647-1] bind9 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2647-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 04, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2646-1 : subversion security update
One security issue has been discovered in subversion : CVE-2020-17525 : Subversion's modauthzsvn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to...
Debian DLA-2645-1 : edk2 security update
For Debian 9 stretch, these problems have been fixed in version 020161202.7bbe0b3e-1+deb9u2. We recommend that you upgrade your edk2 packages. For the detailed security status of edk2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/edk2 NOTE: Tenable...
Debian DLA-2641-1 : gst-plugins-base1.0 security update
Multiple vulnerabilities were discovered in plugins for the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. For Debian 9 stretch, this problem has been fixed in version 1.10.4-1+deb9u2. We recomme...
Debian DLA-2642-1 : gst-plugins-bad1.0 security update
Multiple vulnerabilities were discovered in plugins for the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. For Debian 9 stretch, this problem has been fixed in version 1.10.4-1+deb9u2. We recomme...
Debian DLA-2644-1 : gst-libav1.0 security update
Multiple vulnerabilities were discovered in plugins for the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. For Debian 9 stretch, this problem has been fixed in version 1.10.4-1+deb9u1. We recomme...
Debian: Security Advisory (DLA-2643-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2642-1] gst-plugins-bad1.0 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2642-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 27, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2633-1 : firefox-esr security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, privilege escalation or spoofing. For Debian 9 stretch, these problems have been fixed in version 78.10.0esr-1deb9u1. We recommen...
Debian DLA-2636-1 : pjproject security update
An issue has been found in pjproject, a set of libraries for the PJ Project. Due to bad handling of two consecutive crafted answers to an INVITE, the attacker is able to crash the server resulting in a denial of service. For Debian 9 stretch, this problem has been fixed in version...
Debian DLA-2639-1 : opendmarc security update
It was discovered that OpenDMARC, a milter implementation of DMARC, has improper null termination in the function opendmarcxmlparse that can result in a one-byte heap overflow in opendmarcxml when parsing a specially crafted DMARC aggregate report. This can cause remote memory corruption when a...
Debian DLA-2637-1 : drupal7 security update
The Drupal project identified a vulnerability in the sanitization performed in the filterxssarttributes function, potentially allowing a cross-site scripting, and granted it the Drupal Security Advisory ID SA-CORE-2021-002 : https://www.drupal.org/sa-core-2021-002 No CVE number has been announced...
Debian DLA-2638-1 : jackson-databind security update
Multiple security vulnerabilities were found in Jackson Databind. CVE-2020-24616 FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource aka Anteros-DBCP. CVE-2020-24750 FasterXML...
Debian DLA-2635-1 : libspring-java security update
Multiple vulnerabilities were discovered in libspring-java, a modular Java/J2EE application framework. An attacker may execute code, perform XST attack, issue unauthorized cross-domain requests or cause a DoS denial of service in specific configurations. CVE-2018-1270 Spring Framework allows...
Debian: Security Advisory (DLA-2633-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-2635-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-2637-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2635-1] libspring-java security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2635-1 [email protected] https://www.debian.org/lts/security/ April 23, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...
[SECURITY] [DLA 2634-1] openjdk-8 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2634-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 23, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2632-1 : thunderbird security update
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. In adddition a number of security issues were addressed in the OpenPGP support. For Debian 9 stretch, these problems have been fixed in version...