Debian DLA-2427-1 : spice security update

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...

Debian DLA-2422-1 : qtsvg-opensource-src security update

Malformed SVG images were able to cause a segmentation fault in qtsvg-opensource-src, the QtSvg module for displaying the contents of SVG files in Qt. For Debian 9 stretch, this problem has been fixed in version 5.7.120161021-2.1. We recommend that you upgrade your qtsvg-opensource-src packages...

Debian DLA-2424-1 : tzdata new upstream version

tzdata, the time zone and daylight-saving time data, has been updated to the latest version. - Revised predictions for Morocco's changes starting in 2023. - Macquarie Island has stayed in sync with Tasmania since 2011. - Casey, Antarctica is at +08 in winter and +11 in summer since 2018. -...

Debian DLA-2426-1 : junit4 security update

In junit4 the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default,...

Debian DLA-2421-1 : cimg security update

Several issues have been found in cimg, a powerful image processing library. CVE-2019-1010174 is related to a missing string sanitization on URLs, which might result in a command injection when loading a special crafted image. The other CVEs are about heap-based buffer over-reads or double frees...

Debian DLA-2423-1 : wireshark security update

Several vulnerabilities were fixed in the Wireshark network protocol analyzer. CVE-2019-10894 GSS-API dissector crash CVE-2019-10895 NetScaler file parser crash CVE-2019-10896 DOF dissector crash CVE-2019-10899 SRVLOC dissector crash CVE-2019-10901 LDSS dissector crash CVE-2019-10903 DCERPC SPOOL...

Debian DLA-2428-1 : spice-gtk security update

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed...

Debian DLA-2412-2 : openjdk-8 regression update

A few issues have been found in the OpenJDK 8u272 update, including LDAP connection failures and application crash. For Debian 9 stretch, this problem has been fixed in version 8u275-b01-1deb9u1. We recommend that you upgrade your openjdk-8 packages. For the detailed security status of openjdk-8...

[SECURITY] [DLA 2426-1] junit4 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2426-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA November 01, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2428-1] spice-gtk security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2428-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 01, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2427-1] spice security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2427-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 01, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2425-1] openldap security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2425-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 01, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2424-1] tzdata new upstream version

------------------------------------------------------------------------- Debian LTS Advisory DLA-2424-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk October 31, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2422-1] qtsvg-opensource-src security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2422-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk October 31, 2020 https://wiki.debian.org/LTS -...

Debian: Security Advisory (DLA-2421-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2421-1] cimg security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2421-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 30, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2412-1] openjdk-8 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2412-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 23, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2419-1] dompurify.js security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2419-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 29, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2418-1] libsndfile security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2418-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 29, 2020 https://wiki.debian.org/LTS -...

Debian: Security Advisory (DLA-2417-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...