1293 matches found
[SECURITY] [DLA 2465-1] php-pear security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2465-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 23, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2463-1] samba security update
Debian LTS Advisory DLA-2463-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez November 22, 2020 https://wiki.debian.org/LTS Package : samba Version : 2:4.5.16+dfsg-1+deb9u3 CVE ID : CVE-2020-1472 CVE-2020-10704 CVE-2020-10730 CVE-2020-10745 CVE-2020-10760...
Debian DLA-2459-1 : golang-1.7 security update
Two issues have been found in golang-1.7, a Go programming language compiler version 1.7 CVE-2020-15586 Using the 100-continue in HTTP headers received by a net/http/Server can lead to a data race involving the connection's buffered writer. CVE-2020-16845 Certain invalid inputs to ReadUvarint or...
Debian DLA-2460-1 : golang-1.8 security update
Three issues have been found in golang-1.8, a Go programming language compiler version 1.8 CVE-2020-15586 Using the 100-continue in HTTP headers received by a net/http/Server can lead to a data race involving the connection's buffered writer. CVE-2020-16845 Certain invalid inputs to ReadUvarint o...
Debian DLA-2463-1 : samba security update
Multiple vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. CVE-2020-1472 Unauthenticated domain controller compromise by subverting Netlogon cryptography. This vulnerability includes both ZeroLogon and non-ZeroLogon variations. CVE-2020-10704 An...
[SECURITY] [DLA 2462-1] cimg security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2462-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 23, 2020 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DLA-2460-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2460-1] golang-1.8 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2460-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 21, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2459-1] golang-1.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2459-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 21, 2020 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DLA-2458-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2458-1] drupal7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2458-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 19, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2457-1] firefox-esr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2457-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 19, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2432-1] jupyter-notebook security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2432-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA November 19, 2020 https://wiki.debian.org/LTS -...
Debian DLA-2456-1 : python3.5 security update
Multiple security issues were discovered in Python. CVE-2019-20907 In Lib/tarfile.py, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation CVE-2020-26116 http.client allows CRLF injection if the attacker contro...
Debian DLA-2432-1 : jupyter-notebook security update
Several vulnerabilities have been discovered in jupyter-notebook. CVE-2018-8768 A maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous. CVE-2018-19351 allows...
Debian DLA-2454-1 : rclone security update
golang-go.crypto was recently updated with a fix for CVE-2019-11840. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix. CVE-2019-11840 An issue was discovered in supplementary Go cryptography libraries, aka...
[SECURITY] [DLA 2454-1] rclone security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2454-1 [email protected] https://www.debian.org/lts/security/ Brian May November 19, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2447-2] pacemaker regression update
Debian LTS Advisory DLA-2447-2 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 17, 2020 https://wiki.debian.org/LTS Package : pacemaker Version : 1.1.16-1+deb9u2 Debian Bug : 974563 The update of pacemaker released as DLA-2447-1 caused a regression when t...
Debian DLA-2449-1 : thunderbird security update
A use-after-free was found in Thunderbird, which could potentially result in the execution of arbitrary code. For Debian 9 stretch, this problem has been fixed in version 1:78.4.2-1deb9u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird...
Debian DLA-2451-1 : libvncserver security update
An issue has been found in libvncserver, an API to write one's own VNC server. Due to some missing checks, a divide by zero could happen, which could result in a denial of service. For Debian 9 stretch, this problem has been fixed in version 0.9.11+dfsg-1.3deb9u6. We recommend that you upgrade yo...