Debian: Security Advisory (DLA-2305-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2304-1] libpam-radius-auth security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2304-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 01, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2303-1] libssh security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2303-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 31, 2020 https://wiki.debian.org/LTS -...

Debian DLA-2301-1 : json-c security update

Tobias Stoeckmann found an integer overflow issue in JSON-C, a C library to manipulate JSON objects, when reading maliciously crafted large files. The issue could be exploited to cause denial of service or possibly execute arbitrary code. For Debian 9 stretch, this problem has been fixed in versi...

[SECURITY] [DLA 2301-1] json-c security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2301-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort July 30, 2020 https://wiki.debian.org/LTS -...

Debian: Security Advisory (DLA-2297-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2296-1 : luajit security update

An issue has been found in luajit, a just in time compiler for Lua. An out-of-bounds read could happen because gc handler frame traversal is mishandled. For Debian 9 stretch, this problem has been fixed in version 2.0.4+dfsg-1+deb9u1. We recommend that you upgrade your luajit packages. For the...

Debian DLA-2297-1 : firefox-esr security update

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For Debian 9 stretch, these problems have been fixed in version 68.11.0esr-1deb9u1. We recommend that you upgrade your firefox-esr packages. For the...

Debian DLA-2295-1 : curl security update

A vulnerbailty was found in curl, a command line tool for transferring data with URL syntax. When using when using -J --remote-header-name and -i --include in the same command line, a malicious server could force curl to overwrite the contents of local files with incoming HTTP headers. For Debian...

[SECURITY] [DLA 2298-1] libapache2-mod-auth-openidc security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2298-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 29, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2297-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2297-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort July 29, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2295-1] curl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2295-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 28, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2294-1] salt security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2294-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 28, 2020 https://wiki.debian.org/LTS -...

Debian DLA-2291-1 : ffmpeg security update

Several vulnerabilities have been fixed by upgrading FFmpeg, a widely used multimedia framework, from 3.2.14 to 3.2.15. CVE-2019-13390 rawenc: Only accept the appropriate stream type for raw muxers. CVE-2019-17542 Heap-based buffer overflow in vqadecodechunk. CVE-2020-13904 Use-after-free via a...

[SECURITY] [DLA 2292-1] milkytracker security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2292-1 [email protected] https://www.debian.org/lts/security/ July 27, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package :...

[SECURITY] [DLA 2291-1] ffmpeg security update

Debian LTS Advisory DLA-2291-1 [email protected] https://www.debian.org/lts/security/ July 27, 2020 https://wiki.debian.org/LTS Package : ffmpeg Version : 7:3.2.15-0+deb9u1 CVE ID : CVE-2019-13390 CVE-2019-17542 CVE-2020-13904 Debian Bug : Several vulnerabilities have been fixed by...

Debian DLA-2288-1 : qemu security update

The following CVEs were reported against src:qemu : CVE-2017-9503 QEMU aka Quick Emulator, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash via vectors...

Debian DLA-2287-1 : poppler security update

Several issues were found in Poppler, a PDF rendering library, that could lead to denial of service or possibly other unspecified impact when processing maliciously crafted documents. For Debian 9 stretch, these problems have been fixed in version 0.48.0-2+deb9u3. We recommend that you upgrade yo...

Debian DLA-2290-1 : e2fsprogs security update

An issue has been found in e2fsprogs, a package that contains ext2/ext3/ext4 file system utilities. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. For Debian 9 stretc...

[SECURITY] [DLA 2289-1] mupdf security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2289-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 26, 2020 https://wiki.debian.org/LTS -...