1291 matches found
Debian DLA-2588-1 : zeromq3 security update
Two security issues have been detected in zeromq3. CVE-2021-20234 Memory leak in client induced by malicious servers without CURVE/ZAP. From issue description 1. When a pipe processes a delimiter and is already not in active state but still has an unfinished message, the message is leaked...
[SECURITY] [DLA 2588-1] zeromq3 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2588-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky March 09, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2587-1] privoxy security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2587-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA March 09, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2583-1 : activemq security update
Multiple security issues were discovered in activemq, a message broker built around Java Message Service. CVE-2017-15709 When using the OpenWire protocol in activemq, it was found that certain system details such as the OS and kernel version are exposed as plain text. CVE-2018-11775 TLS hostname...
Debian DLA-2582-1 : mqtt-client security update
A vulnerability was discovered in mqtt-client wher unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive. For Debian 9 stretch, this problem has been fixed in version 1.14-1+deb9u1. We recommend that you upgrade your mqtt-client packages. For the...
Debian: Security Advisory (DLA-2583-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2582-1] mqtt-client security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2582-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA March 05, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2581-1 : wpa security update
A vulnerability was discovered in how p2p/p2ppd.c in wpasupplicant before 2.10 processes P2P Wi-Fi Direct provision discovery requests. It could result in denial of service or other impact potentially execution of arbitrary code, for an attacker within radio range. For Debian 9 stretch, this...
Debian: Security Advisory (DLA-2581-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2579-1 : spip security update
It was discovered that SPIP, a website engine for publishing, would allow a malicious user to perform cross-site scripting attacks, access sensitive information, or execute arbitrary code. For Debian 9 stretch, this problem has been fixed in version 3.1.4-4deb9u4+deb9u1. We recommend that you...
Debian DLA-2580-1 : adminer security update
Adminer is an open source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers e.g. adminer.php are affected. For Debian 9 stretch, this problem has been fixed ...
[SECURITY] [DLA 2581-1] wpa security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2581-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 03, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2580-1] adminer security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2580-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 03, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2578-1] thunderbird security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2578-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 01, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2576-1 : redis security update
It was discovered that there were a number of integer overflow issues in Redis, a persistent 'NoSQL'-style key-value database. It is currently believed that the issues only affect 32-bit based systems. For Debian 9 'Stretch', this problem has been fixed in version 3:3.2.6-3+deb9u4. We recommend...
Debian DLA-2577-1 : python-pysaml2 security update
Several issues have been found in python-pysaml2, a pure python implementation of SAML Version 2 Standard. CVE-2017-1000433 pysaml2 accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password. CVE-2021-21239 pysaml2 ha...
Debian DLA-2575-1 : firefox-esr security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. For Debian 9 stretch, these problems have been fixed in version 78.8.0esr-1deb9u1. We recommend that you upgrade your firefox-e...
Debian: Security Advisory (DLA-2577-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-2576-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-2575-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...