1291 matches found
[SECURITY] [DLA 2509-1] tzdata new upstream version
------------------------------------------------------------------------- Debian LTS Advisory DLA-2509-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 29, 2020 https://wiki.debian.org/LTS -...
Debian DLA-2508-1 : roundcube security update
An issue was discovered in roundcube where in a cross-site scripting XSS via HTML or plain text messages with malicious content was possible. For Debian 9 stretch, this problem has been fixed in version 1.2.3+dfsg.1-4+deb9u8. We recommend that you upgrade your roundcube packages. For the detailed...
[SECURITY] [DLA 2508-1] roundcube security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2508-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 28, 2020 https://wiki.debian.org/LTS -...
Debian DLA-2505-1 : spip security update
It was found that spip, a website engine for publishing, did not correctly validate its input couleur, display, displaynavigation, displayoutils, imessage, and spipecran allowing authenticated users to execute arbitrary code. For Debian 9 stretch, this problem has been fixed in version...
[SECURITY] [DLA 2505-1] spip security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2505-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA December 23, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2504-1] mediawiki security update
Debian LTS Advisory DLA-2504-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez December 22, 2020 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.27.7-1deb9u7 CVE ID : CVE-2020-15005 CVE-2020-35477 CVE-2020-35479 CVE-2020-35480 Multiple security...
Debian DLA-2504-1 : mediawiki security update
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work. CVE-2020-15005 Private wikis behind a caching server using the imgauth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them...
Debian: Security Advisory (DLA-2504-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2412-2] openjdk-8 regression update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2412-2 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 22, 2020 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DLA-2503-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2503-1] node-ini security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2503-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb December 21, 2020 https://wiki.debian.org/LTS -...
Debian DLA-2502-1 : postsrsd security update
A potential denial of service attack through malicious timestamp tags was fixed in PostSRSd, a Sender Rewriting Scheme SRS lookup table for Postfix. For Debian 9 stretch, this problem has been fixed in version 1.4-1+deb9u1. We recommend that you upgrade your postsrsd packages. For the detailed...
Debian DLA-2501-1 : influxdb security update
An issue has been found in influxdb, a scalable datastore for metrics, events, and real-time analytics. By using a JWT token with an empty shared secret, one is able to bypass authentication in services/httpd/handler.go. For Debian 9 stretch, this problem has been fixed in version...
Debian DLA-2500-1 : curl security update
Several vulnerabilities were discovered in curl, a command line tool for transferring data with URL syntax and an easy-to-use client-side URL transfer library. CVE-2020-8284 When curl performs a passive FTP transfer, it first tries the EPSV command and if that is not supported, it falls back to...
[SECURITY] [DLA 2502-1] postsrsd security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2502-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 20, 2020 https://wiki.debian.org/LTS -...
Debian DLA-2498-1 : xerces-c security update
The UK's National Cyber Security Centre NCSC discovered that Xerces-C, a validating XML parser library for C++, contains a use-after-free error triggered during the scanning of external DTDs. An attacker could cause a Denial of Service DoS and possibly achieve remote code execution. This flaw has...
Debian: Security Advisory (DLA-2496-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2496-1 : firefox-esr security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or CSS sanitiser bypass. For Debian 9 stretch, these problems have been fixed in version 78.6.0esr-1deb9u1. We recommend that you...
[SECURITY] [DLA 2496-1] firefox-esr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2496-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 16, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2495-1] tomcat8 security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2495-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 16, 2020 https://wiki.debian.org/LTS -...